summaryrefslogtreecommitdiffstats
path: root/apps/user_ldap
diff options
context:
space:
mode:
Diffstat (limited to 'apps/user_ldap')
-rw-r--r--apps/user_ldap/ajax/testConfiguration.php10
-rw-r--r--apps/user_ldap/appinfo/app.php4
-rw-r--r--apps/user_ldap/appinfo/update.php4
-rw-r--r--apps/user_ldap/group_ldap.php18
-rw-r--r--apps/user_ldap/lib/access.php62
-rw-r--r--apps/user_ldap/lib/connection.php88
-rw-r--r--apps/user_ldap/lib/jobs.php34
-rw-r--r--apps/user_ldap/templates/settings.php52
-rw-r--r--apps/user_ldap/user_ldap.php18
9 files changed, 218 insertions, 72 deletions
diff --git a/apps/user_ldap/ajax/testConfiguration.php b/apps/user_ldap/ajax/testConfiguration.php
index f8038e31469..cfc07ff263e 100644
--- a/apps/user_ldap/ajax/testConfiguration.php
+++ b/apps/user_ldap/ajax/testConfiguration.php
@@ -32,10 +32,14 @@ $connection = new \OCA\user_ldap\lib\Connection('', null);
if($connection->setConfiguration($_POST)) {
//Configuration is okay
if($connection->bind()) {
- OCP\JSON::success(array('message' => $l->t('The configuration is valid and the connection could be established!')));
+ OCP\JSON::success(array('message'
+ => $l->t('The configuration is valid and the connection could be established!')));
} else {
- OCP\JSON::error(array('message' => $l->t('The configuration is valid, but the Bind failed. Please check the server settings and credentials.')));
+ OCP\JSON::error(array('message'
+ => $l->t('The configuration is valid, but the Bind failed.'
+ .' Please check the server settings and credentials.')));
}
} else {
- OCP\JSON::error(array('message' => $l->t('The configuration is invalid. Please look in the ownCloud log for further details.')));
+ OCP\JSON::error(array('message'
+ => $l->t('The configuration is invalid. Please look in the ownCloud log for further details.')));
}
diff --git a/apps/user_ldap/appinfo/app.php b/apps/user_ldap/appinfo/app.php
index dec87684c9e..89410b5ef07 100644
--- a/apps/user_ldap/appinfo/app.php
+++ b/apps/user_ldap/appinfo/app.php
@@ -51,5 +51,7 @@ $entry = array(
OCP\Backgroundjob::addRegularTask('OCA\user_ldap\lib\Jobs', 'updateGroups');
if(OCP\App::isEnabled('user_webdavauth')) {
- OCP\Util::writeLog('user_ldap', 'user_ldap and user_webdavauth are incompatible. You may experience unexpected behaviour', OCP\Util::WARN);
+ OCP\Util::writeLog('user_ldap',
+ 'user_ldap and user_webdavauth are incompatible. You may experience unexpected behaviour',
+ OCP\Util::WARN);
}
diff --git a/apps/user_ldap/appinfo/update.php b/apps/user_ldap/appinfo/update.php
index bc32d4ef4cc..2fcbf1902ac 100644
--- a/apps/user_ldap/appinfo/update.php
+++ b/apps/user_ldap/appinfo/update.php
@@ -58,7 +58,9 @@ foreach($objects as $object) {
try {
$updateQuery->execute(array($newDN, $uuid, $dn['ldap_dn']));
} catch(Exception $e) {
- \OCP\Util::writeLog('user_ldap', 'Could not update '.$object.' '.$dn['ldap_dn'].' in the mappings table. ', \OCP\Util::WARN);
+ \OCP\Util::writeLog('user_ldap',
+ 'Could not update '.$object.' '.$dn['ldap_dn'].' in the mappings table. ',
+ \OCP\Util::WARN);
}
}
diff --git a/apps/user_ldap/group_ldap.php b/apps/user_ldap/group_ldap.php
index 02ceecaea0b..4fd4c636913 100644
--- a/apps/user_ldap/group_ldap.php
+++ b/apps/user_ldap/group_ldap.php
@@ -177,7 +177,8 @@ class GROUP_LDAP extends lib\Access implements \OCP\GroupInterface {
if($isMemberUid) {
//we got uids, need to get their DNs to 'tranlsate' them to usernames
$filter = $this->combineFilterWithAnd(array(
- \OCP\Util::mb_str_replace('%uid', $member, $this->connection>ldapLoginFilter, 'UTF-8'),
+ \OCP\Util::mb_str_replace('%uid', $member,
+ $this->connection>ldapLoginFilter, 'UTF-8'),
$this->getFilterPartForUserSearch($search)
));
$ldap_users = $this->fetchListOfUsers($filter, 'dn');
@@ -188,7 +189,9 @@ class GROUP_LDAP extends lib\Access implements \OCP\GroupInterface {
} else {
//we got DNs, check if we need to filter by search or we can give back all of them
if(!empty($search)) {
- if(!$this->readAttribute($member, $this->connection->ldapUserDisplayName, $this->getFilterPartForUserSearch($search))) {
+ if(!$this->readAttribute($member,
+ $this->connection->ldapUserDisplayName,
+ $this->getFilterPartForUserSearch($search))) {
continue;
}
}
@@ -225,7 +228,8 @@ class GROUP_LDAP extends lib\Access implements \OCP\GroupInterface {
return $ldap_groups;
}
- // if we'd pass -1 to LDAP search, we'd end up in a Protocol error. With a limit of 0, we get 0 results. So we pass null.
+ // if we'd pass -1 to LDAP search, we'd end up in a Protocol
+ // error. With a limit of 0, we get 0 results. So we pass null.
if($limit <= 0) {
$limit = null;
}
@@ -234,7 +238,8 @@ class GROUP_LDAP extends lib\Access implements \OCP\GroupInterface {
$this->getFilterPartForGroupSearch($search)
));
\OCP\Util::writeLog('user_ldap', 'getGroups Filter '.$filter, \OCP\Util::DEBUG);
- $ldap_groups = $this->fetchListOfGroups($filter, array($this->connection->ldapGroupDisplayName, 'dn'), $limit, $offset);
+ $ldap_groups = $this->fetchListOfGroups($filter, array($this->connection->ldapGroupDisplayName, 'dn'),
+ $limit, $offset);
$ldap_groups = $this->ownCloudGroupNames($ldap_groups);
$this->connection->writeToCache($cachekey, $ldap_groups);
@@ -282,7 +287,8 @@ class GROUP_LDAP extends lib\Access implements \OCP\GroupInterface {
* compared with OC_USER_BACKEND_CREATE_USER etc.
*/
public function implementsActions($actions) {
- //always returns false, because possible actions are modifying actions. We do not write to LDAP, at least for now.
+ //always returns false, because possible actions are modifying
+ // actions. We do not write to LDAP, at least for now.
return false;
}
-} \ No newline at end of file
+}
diff --git a/apps/user_ldap/lib/access.php b/apps/user_ldap/lib/access.php
index 4aa8ae8e8a4..32910b6e252 100644
--- a/apps/user_ldap/lib/access.php
+++ b/apps/user_ldap/lib/access.php
@@ -48,7 +48,9 @@ abstract class Access {
*/
public function readAttribute($dn, $attr, $filter = 'objectClass=*') {
if(!$this->checkConnection()) {
- \OCP\Util::writeLog('user_ldap', 'No LDAP Connector assigned, access impossible for readAttribute.', \OCP\Util::WARN);
+ \OCP\Util::writeLog('user_ldap',
+ 'No LDAP Connector assigned, access impossible for readAttribute.',
+ \OCP\Util::WARN);
return false;
}
$cr = $this->connection->getConnectionResource();
@@ -123,7 +125,8 @@ abstract class Access {
return $result;
}
- //OID sometimes gives back DNs with whitespace after the comma a la "uid=foo, cn=bar, dn=..." We need to tackle this!
+ //OID sometimes gives back DNs with whitespace after the comma
+ // a la "uid=foo, cn=bar, dn=..." We need to tackle this!
$dn = preg_replace('/([^\\\]),(\s+)/u', '\1,', $dn);
//make comparisons and everything work
@@ -218,7 +221,8 @@ abstract class Access {
* @param $ldapname optional, the display name of the object
* @returns string with with the name to use in ownCloud, false on DN outside of search DN
*
- * returns the internal ownCloud name for the given LDAP DN of the group, false on DN outside of search DN or failure
+ * returns the internal ownCloud name for the given LDAP DN of the
+ * group, false on DN outside of search DN or failure
*/
public function dn2groupname($dn, $ldapname = null) {
//To avoid bypassing the base DN settings under certain circumstances
@@ -646,7 +650,9 @@ abstract class Access {
$sr = ldap_search($linkResources, $base, $filter, $attr);
$error = ldap_errno($link_resource);
if(!is_array($sr) || $error > 0) {
- \OCP\Util::writeLog('user_ldap', 'Error when searching: '.ldap_error($link_resource).' code '.ldap_errno($link_resource), \OCP\Util::ERROR);
+ \OCP\Util::writeLog('user_ldap',
+ 'Error when searching: '.ldap_error($link_resource).' code '.ldap_errno($link_resource),
+ \OCP\Util::ERROR);
\OCP\Util::writeLog('user_ldap', 'Attempt for Paging? '.print_r($pagedSearchOK, true), \OCP\Util::ERROR);
return array();
}
@@ -668,7 +674,9 @@ abstract class Access {
if($skipHandling) {
return;
}
- //if count is bigger, then the server does not support paged search. Instead, he did a normal search. We set a flag here, so the callee knows how to deal with it.
+ // if count is bigger, then the server does not support
+ // paged search. Instead, he did a normal search. We set a
+ // flag here, so the callee knows how to deal with it.
if($findings['count'] <= $limit) {
$this->pagedSearchedSuccessful = true;
}
@@ -702,7 +710,9 @@ abstract class Access {
$key = mb_strtolower($key, 'UTF-8');
if(isset($item[$key])) {
if($key != 'dn') {
- $selection[$i][$key] = $this->resemblesDN($key) ? $this->sanitizeDN($item[$key][0]) : $item[$key][0];
+ $selection[$i][$key] = $this->resemblesDN($key) ?
+ $this->sanitizeDN($item[$key][0])
+ : $item[$key][0];
} else {
$selection[$i][$key] = $this->sanitizeDN($item[$key]);
}
@@ -806,7 +816,9 @@ abstract class Access {
* @return string the final filter part to use in LDAP searches
*/
public function getFilterPartForUserSearch($search) {
- return $this->getFilterPartForSearch($search, $this->connection->ldapAttributesForUserSearch, $this->connection->ldapUserDisplayName);
+ return $this->getFilterPartForSearch($search,
+ $this->connection->ldapAttributesForUserSearch,
+ $this->connection->ldapUserDisplayName);
}
/**
@@ -815,7 +827,9 @@ abstract class Access {
* @return string the final filter part to use in LDAP searches
*/
public function getFilterPartForGroupSearch($search) {
- return $this->getFilterPartForSearch($search, $this->connection->ldapAttributesForGroupSearch, $this->connection->ldapGroupDisplayName);
+ return $this->getFilterPartForSearch($search,
+ $this->connection->ldapAttributesForGroupSearch,
+ $this->connection->ldapGroupDisplayName);
}
/**
@@ -874,13 +888,15 @@ abstract class Access {
foreach($testAttributes as $attribute) {
\OCP\Util::writeLog('user_ldap', 'Testing '.$attribute.' as UUID attr', \OCP\Util::DEBUG);
- $value = $this->readAttribute($dn, $attribute);
- if(is_array($value) && isset($value[0]) && !empty($value[0])) {
+ $value = $this->readAttribute($dn, $attribute);
+ if(is_array($value) && isset($value[0]) && !empty($value[0])) {
\OCP\Util::writeLog('user_ldap', 'Setting '.$attribute.' as UUID attr', \OCP\Util::DEBUG);
$this->connection->ldapUuidAttribute = $attribute;
return true;
- }
- \OCP\Util::writeLog('user_ldap', 'The looked for uuid attr is not '.$attribute.', result was '.print_r($value, true), \OCP\Util::DEBUG);
+ }
+ \OCP\Util::writeLog('user_ldap',
+ 'The looked for uuid attr is not '.$attribute.', result was '.print_r($value, true),
+ \OCP\Util::DEBUG);
}
return false;
@@ -888,7 +904,9 @@ abstract class Access {
public function getUUID($dn) {
if($this->detectUuidAttribute($dn)) {
- \OCP\Util::writeLog('user_ldap', 'UUID Checking \ UUID for '.$dn.' using '. $this->connection->ldapUuidAttribute, \OCP\Util::DEBUG);
+ \OCP\Util::writeLog('user_ldap',
+ 'UUID Checking \ UUID for '.$dn.' using '. $this->connection->ldapUuidAttribute,
+ \OCP\Util::DEBUG);
$uuid = $this->readAttribute($dn, $this->connection->ldapUuidAttribute);
if(!is_array($uuid) && $this->connection->ldapOverrideUuidAttribute) {
$this->detectUuidAttribute($dn, true);
@@ -1027,13 +1045,20 @@ abstract class Access {
$pagedSearchOK = false;
if($this->connection->hasPagedResultSupport && !is_null($limit)) {
$offset = intval($offset); //can be null
- \OCP\Util::writeLog('user_ldap', 'initializing paged search for Filter'.$filter.' base '.print_r($bases, true).' attr '.print_r($attr, true). ' limit ' .$limit.' offset '.$offset, \OCP\Util::INFO);
+ \OCP\Util::writeLog('user_ldap',
+ 'initializing paged search for Filter'.$filter.' base '.print_r($bases, true)
+ .' attr '.print_r($attr, true). ' limit ' .$limit.' offset '.$offset,
+ \OCP\Util::INFO);
//get the cookie from the search for the previous search, required by LDAP
foreach($bases as $base) {
$cookie = $this->getPagedResultCookie($base, $filter, $limit, $offset);
if(empty($cookie) && ($offset > 0)) {
- //no cookie known, although the offset is not 0. Maybe cache run out. We need to start all over *sigh* (btw, Dear Reader, did you need LDAP paged searching was designed by MSFT?)
+ // no cookie known, although the offset
+ // is not 0. Maybe cache run out. We need
+ // to start all over *sigh* (btw, Dear
+ // Reader, did you need LDAP paged
+ // searching was designed by MSFT?)
$reOffset = ($offset - $limit) < 0 ? 0 : $offset - $limit;
//a bit recursive, $offset of 0 is the exit
\OCP\Util::writeLog('user_ldap', 'Looking for cookie L/O '.$limit.'/'.$reOffset, \OCP\Util::INFO);
@@ -1049,13 +1074,16 @@ abstract class Access {
if($offset > 0) {
\OCP\Util::writeLog('user_ldap', 'Cookie '.$cookie, \OCP\Util::INFO);
}
- $pagedSearchOK = ldap_control_paged_result($this->connection->getConnectionResource(), $limit, false, $cookie);
+ $pagedSearchOK = ldap_control_paged_result($this->connection->getConnectionResource(),
+ $limit, false, $cookie);
if(!$pagedSearchOK) {
return false;
}
\OCP\Util::writeLog('user_ldap', 'Ready for a paged search', \OCP\Util::INFO);
} else {
- \OCP\Util::writeLog('user_ldap', 'No paged search for us, Cpt., Limit '.$limit.' Offset '.$offset, \OCP\Util::INFO);
+ \OCP\Util::writeLog('user_ldap',
+ 'No paged search for us, Cpt., Limit '.$limit.' Offset '.$offset,
+ \OCP\Util::INFO);
}
}
diff --git a/apps/user_ldap/lib/connection.php b/apps/user_ldap/lib/connection.php
index 933f2f42074..63cd5e78da5 100644
--- a/apps/user_ldap/lib/connection.php
+++ b/apps/user_ldap/lib/connection.php
@@ -76,7 +76,8 @@ class Connection {
$this->configPrefix = $configPrefix;
$this->configID = $configID;
$this->cache = \OC_Cache::getGlobalCache();
- $this->config['hasPagedResultSupport'] = (function_exists('ldap_control_paged_result') && function_exists('ldap_control_paged_result_response'));
+ $this->config['hasPagedResultSupport'] = (function_exists('ldap_control_paged_result')
+ && function_exists('ldap_control_paged_result_response'));
}
public function __destruct() {
@@ -235,7 +236,7 @@ class Connection {
$this->config['turnOffCertCheck']
= $this->$v('ldap_turn_off_cert_check');
$this->config['ldapUserDisplayName']
- = mb_strtolower($this->$v('ldap_display_name'),'UTF-8');
+ = mb_strtolower($this->$v('ldap_display_name'), 'UTF-8');
$this->config['ldapUserFilter']
= $this->$v('ldap_userlist_filter');
$this->config['ldapGroupFilter'] = $this->$v('ldap_group_filter');
@@ -274,9 +275,36 @@ class Connection {
* @return returns an array that maps internal variable names to database fields
*/
private function getConfigTranslationArray() {
- static $array = array('ldap_host'=>'ldapHost', 'ldap_port'=>'ldapPort', 'ldap_backup_host'=>'ldapBackupHost', 'ldap_backup_port'=>'ldapBackupPort', 'ldap_override_main_server' => 'ldapOverrideMainServer', 'ldap_dn'=>'ldapAgentName', 'ldap_agent_password'=>'ldapAgentPassword', 'ldap_base'=>'ldapBase', 'ldap_base_users'=>'ldapBaseUsers', 'ldap_base_groups'=>'ldapBaseGroups', 'ldap_userlist_filter'=>'ldapUserFilter', 'ldap_login_filter'=>'ldapLoginFilter', 'ldap_group_filter'=>'ldapGroupFilter', 'ldap_display_name'=>'ldapUserDisplayName', 'ldap_group_display_name'=>'ldapGroupDisplayName',
-
- 'ldap_tls'=>'ldapTLS', 'ldap_nocase'=>'ldapNoCase', 'ldap_quota_def'=>'ldapQuotaDefault', 'ldap_quota_attr'=>'ldapQuotaAttribute', 'ldap_email_attr'=>'ldapEmailAttribute', 'ldap_group_member_assoc_attribute'=>'ldapGroupMemberAssocAttr', 'ldap_cache_ttl'=>'ldapCacheTTL', 'home_folder_naming_rule' => 'homeFolderNamingRule', 'ldap_turn_off_cert_check' => 'turnOffCertCheck', 'ldap_configuration_active' => 'ldapConfigurationActive', 'ldap_attributes_for_user_search' => 'ldapAttributesForUserSearch', 'ldap_attributes_for_group_search' => 'ldapAttributesForGroupSearch');
+ static $array = array(
+ 'ldap_host'=>'ldapHost',
+ 'ldap_port'=>'ldapPort',
+ 'ldap_backup_host'=>'ldapBackupHost',
+ 'ldap_backup_port'=>'ldapBackupPort',
+ 'ldap_override_main_server' => 'ldapOverrideMainServer',
+ 'ldap_dn'=>'ldapAgentName',
+ 'ldap_agent_password'=>'ldapAgentPassword',
+ 'ldap_base'=>'ldapBase',
+ 'ldap_base_users'=>'ldapBaseUsers',
+ 'ldap_base_groups'=>'ldapBaseGroups',
+ 'ldap_userlist_filter'=>'ldapUserFilter',
+ 'ldap_login_filter'=>'ldapLoginFilter',
+ 'ldap_group_filter'=>'ldapGroupFilter',
+ 'ldap_display_name'=>'ldapUserDisplayName',
+ 'ldap_group_display_name'=>'ldapGroupDisplayName',
+
+ 'ldap_tls'=>'ldapTLS',
+ 'ldap_nocase'=>'ldapNoCase',
+ 'ldap_quota_def'=>'ldapQuotaDefault',
+ 'ldap_quota_attr'=>'ldapQuotaAttribute',
+ 'ldap_email_attr'=>'ldapEmailAttribute',
+ 'ldap_group_member_assoc_attribute'=>'ldapGroupMemberAssocAttr',
+ 'ldap_cache_ttl'=>'ldapCacheTTL',
+ 'home_folder_naming_rule' => 'homeFolderNamingRule',
+ 'ldap_turn_off_cert_check' => 'turnOffCertCheck',
+ 'ldap_configuration_active' => 'ldapConfigurationActive',
+ 'ldap_attributes_for_user_search' => 'ldapAttributesForUserSearch',
+ 'ldap_attributes_for_group_search' => 'ldapAttributesForGroupSearch'
+ );
return $array;
}
@@ -387,7 +415,8 @@ class Connection {
* @returns true if configuration seems OK, false otherwise
*/
private function validateConfiguration() {
- //first step: "soft" checks: settings that are not really necessary, but advisable. If left empty, give an info message
+ // first step: "soft" checks: settings that are not really
+ // necessary, but advisable. If left empty, give an info message
if(empty($this->config['ldapBaseUsers'])) {
\OCP\Util::writeLog('user_ldap', 'Base tree for Users is empty, using Base DN', \OCP\Util::INFO);
$this->config['ldapBaseUsers'] = $this->config['ldapBase'];
@@ -397,11 +426,16 @@ class Connection {
$this->config['ldapBaseGroups'] = $this->config['ldapBase'];
}
if(empty($this->config['ldapGroupFilter']) && empty($this->config['ldapGroupMemberAssocAttr'])) {
- \OCP\Util::writeLog('user_ldap', 'No group filter is specified, LDAP group feature will not be used.', \OCP\Util::INFO);
+ \OCP\Util::writeLog('user_ldap',
+ 'No group filter is specified, LDAP group feature will not be used.',
+ \OCP\Util::INFO);
}
- if(!in_array($this->config['ldapUuidAttribute'], array('auto', 'entryuuid', 'nsuniqueid', 'objectguid')) && (!is_null($this->configID))) {
+ if(!in_array($this->config['ldapUuidAttribute'], array('auto', 'entryuuid', 'nsuniqueid', 'objectguid'))
+ && (!is_null($this->configID))) {
\OCP\Config::setAppValue($this->configID, $this->configPrefix.'ldap_uuid_attribute', 'auto');
- \OCP\Util::writeLog('user_ldap', 'Illegal value for the UUID Attribute, reset to autodetect.', \OCP\Util::INFO);
+ \OCP\Util::writeLog('user_ldap',
+ 'Illegal value for the UUID Attribute, reset to autodetect.',
+ \OCP\Util::INFO);
}
if(empty($this->config['ldapBackupPort'])) {
//force default
@@ -417,7 +451,9 @@ class Connection {
if((strpos($this->config['ldapHost'], 'ldaps') === 0)
&& $this->config['ldapTLS']) {
$this->config['ldapTLS'] = false;
- \OCP\Util::writeLog('user_ldap', 'LDAPS (already using secure connection) and TLS do not work together. Switched off TLS.', \OCP\Util::INFO);
+ \OCP\Util::writeLog('user_ldap',
+ 'LDAPS (already using secure connection) and TLS do not work together. Switched off TLS.',
+ \OCP\Util::INFO);
}
@@ -434,20 +470,28 @@ class Connection {
}
if((empty($this->config['ldapAgentName']) && !empty($this->config['ldapAgentPassword']))
|| (!empty($this->config['ldapAgentName']) && empty($this->config['ldapAgentPassword']))) {
- \OCP\Util::writeLog('user_ldap', 'Either no password given for the user agent or a password is given, but no LDAP agent; won`t connect.', \OCP\Util::WARN);
+ \OCP\Util::writeLog('user_ldap',
+ 'Either no password given for the user agent or a password is given, but no LDAP agent; won`t connect.',
+ \OCP\Util::WARN);
$configurationOK = false;
}
//TODO: check if ldapAgentName is in DN form
- if(empty($this->config['ldapBase']) && (empty($this->config['ldapBaseUsers']) && empty($this->config['ldapBaseGroups']))) {
+ if(empty($this->config['ldapBase'])
+ && (empty($this->config['ldapBaseUsers'])
+ && empty($this->config['ldapBaseGroups']))) {
\OCP\Util::writeLog('user_ldap', 'No Base DN given, won`t connect.', \OCP\Util::WARN);
$configurationOK = false;
}
if(empty($this->config['ldapUserDisplayName'])) {
- \OCP\Util::writeLog('user_ldap', 'No user display name attribute specified, won`t connect.', \OCP\Util::WARN);
+ \OCP\Util::writeLog('user_ldap',
+ 'No user display name attribute specified, won`t connect.',
+ \OCP\Util::WARN);
$configurationOK = false;
}
if(empty($this->config['ldapGroupDisplayName'])) {
- \OCP\Util::writeLog('user_ldap', 'No group display name attribute specified, won`t connect.', \OCP\Util::WARN);
+ \OCP\Util::writeLog('user_ldap',
+ 'No group display name attribute specified, won`t connect.',
+ \OCP\Util::WARN);
$configurationOK = false;
}
if(empty($this->config['ldapLoginFilter'])) {
@@ -455,7 +499,9 @@ class Connection {
$configurationOK = false;
}
if(mb_strpos($this->config['ldapLoginFilter'], '%uid', 0, 'UTF-8') === false) {
- \OCP\Util::writeLog('user_ldap', 'Login filter does not contain %uid place holder, won`t connect.', \OCP\Util::WARN);
+ \OCP\Util::writeLog('user_ldap',
+ 'Login filter does not contain %uid place holder, won`t connect.',
+ \OCP\Util::WARN);
\OCP\Util::writeLog('user_ldap', 'Login filter was ' . $this->config['ldapLoginFilter'], \OCP\Util::DEBUG);
$configurationOK = false;
}
@@ -519,13 +565,17 @@ class Connection {
if(!$this->ldapConnectionRes) {
if(!function_exists('ldap_connect')) {
$phpLDAPinstalled = false;
- \OCP\Util::writeLog('user_ldap', 'function ldap_connect is not available. Make sure that the PHP ldap module is installed.', \OCP\Util::ERROR);
+ \OCP\Util::writeLog('user_ldap',
+ 'function ldap_connect is not available. Make sure that the PHP ldap module is installed.',
+ \OCP\Util::ERROR);
return false;
}
if($this->config['turnOffCertCheck']) {
if(putenv('LDAPTLS_REQCERT=never')) {
- \OCP\Util::writeLog('user_ldap', 'Turned off SSL certificate validation successfully.', \OCP\Util::WARN);
+ \OCP\Util::writeLog('user_ldap',
+ 'Turned off SSL certificate validation successfully.',
+ \OCP\Util::WARN);
} else {
\OCP\Util::writeLog('user_ldap', 'Could not turn off SSL certificate validation.', \OCP\Util::WARN);
}
@@ -583,7 +633,9 @@ class Connection {
}
$ldapLogin = @ldap_bind($cr, $this->config['ldapAgentName'], $this->config['ldapAgentPassword']);
if(!$ldapLogin) {
- \OCP\Util::writeLog('user_ldap', 'Bind failed: ' . ldap_errno($cr) . ': ' . ldap_error($cr), \OCP\Util::ERROR);
+ \OCP\Util::writeLog('user_ldap',
+ 'Bind failed: ' . ldap_errno($cr) . ': ' . ldap_error($cr),
+ \OCP\Util::ERROR);
$this->ldapConnectionRes = null;
return false;
}
diff --git a/apps/user_ldap/lib/jobs.php b/apps/user_ldap/lib/jobs.php
index b265a8339ef..094d11db3d5 100644
--- a/apps/user_ldap/lib/jobs.php
+++ b/apps/user_ldap/lib/jobs.php
@@ -42,7 +42,9 @@ class Jobs {
$actualGroups = self::getGroupBE()->getGroups();
if(empty($actualGroups) && empty($knownGroups)) {
- \OCP\Util::writeLog('user_ldap', 'bgJ "updateGroups" – groups do not seem to be configured properly, aborting.', \OCP\Util::INFO);
+ \OCP\Util::writeLog('user_ldap',
+ 'bgJ "updateGroups" – groups do not seem to be configured properly, aborting.',
+ \OCP\Util::INFO);
\OCP\Config::setAppValue('user_ldap', 'bgjUpdateGroupsLastRun', time());
return;
}
@@ -75,19 +77,25 @@ class Jobs {
$hasChanged = false;
foreach(array_diff($knownUsers, $actualUsers) as $removedUser) {
\OCP\Util::emitHook('OC_User', 'post_removeFromGroup', array('uid' => $removedUser, 'gid' => $group));
- \OCP\Util::writeLog('user_ldap', 'bgJ "updateGroups" – "'.$removedUser.'" removed from "'.$group.'".', \OCP\Util::INFO);
+ \OCP\Util::writeLog('user_ldap',
+ 'bgJ "updateGroups" – "'.$removedUser.'" removed from "'.$group.'".',
+ \OCP\Util::INFO);
$hasChanged = true;
}
foreach(array_diff($actualUsers, $knownUsers) as $addedUser) {
\OCP\Util::emitHook('OC_User', 'post_addFromGroup', array('uid' => $addedUser, 'gid' => $group));
- \OCP\Util::writeLog('user_ldap', 'bgJ "updateGroups" – "'.$addedUser.'" added to "'.$group.'".', \OCP\Util::INFO);
+ \OCP\Util::writeLog('user_ldap',
+ 'bgJ "updateGroups" – "'.$addedUser.'" added to "'.$group.'".',
+ \OCP\Util::INFO);
$hasChanged = true;
}
if($hasChanged) {
$query->execute(array(serialize($actualUsers), $group));
}
}
- \OCP\Util::writeLog('user_ldap', 'bgJ "updateGroups" – FINISHED dealing with known Groups.', \OCP\Util::DEBUG);
+ \OCP\Util::writeLog('user_ldap',
+ 'bgJ "updateGroups" – FINISHED dealing with known Groups.',
+ \OCP\Util::DEBUG);
}
static private function handleCreatedGroups($createdGroups) {
@@ -98,11 +106,15 @@ class Jobs {
VALUES (?, ?)
');
foreach($createdGroups as $createdGroup) {
- \OCP\Util::writeLog('user_ldap', 'bgJ "updateGroups" – new group "'.$createdGroup.'" found.', \OCP\Util::INFO);
+ \OCP\Util::writeLog('user_ldap',
+ 'bgJ "updateGroups" – new group "'.$createdGroup.'" found.',
+ \OCP\Util::INFO);
$users = serialize(self::getGroupBE()->usersInGroup($createdGroup));
$query->execute(array($createdGroup, $users));
}
- \OCP\Util::writeLog('user_ldap', 'bgJ "updateGroups" – FINISHED dealing with created Groups.', \OCP\Util::DEBUG);
+ \OCP\Util::writeLog('user_ldap',
+ 'bgJ "updateGroups" – FINISHED dealing with created Groups.',
+ \OCP\Util::DEBUG);
}
static private function handleRemovedGroups($removedGroups) {
@@ -113,10 +125,14 @@ class Jobs {
WHERE `owncloudname` = ?
');
foreach($removedGroups as $removedGroup) {
- \OCP\Util::writeLog('user_ldap', 'bgJ "updateGroups" – group "'.$removedGroup.'" was removed.', \OCP\Util::INFO);
+ \OCP\Util::writeLog('user_ldap',
+ 'bgJ "updateGroups" – group "'.$removedGroup.'" was removed.',
+ \OCP\Util::INFO);
$query->execute(array($removedGroup));
}
- \OCP\Util::writeLog('user_ldap', 'bgJ "updateGroups" – FINISHED dealing with removed groups.', \OCP\Util::DEBUG);
+ \OCP\Util::writeLog('user_ldap',
+ 'bgJ "updateGroups" – FINISHED dealing with removed groups.',
+ \OCP\Util::DEBUG);
}
static private function getConnector() {
@@ -154,4 +170,4 @@ class Jobs {
return self::$groupsFromDB;
}
-} \ No newline at end of file
+}
diff --git a/apps/user_ldap/templates/settings.php b/apps/user_ldap/templates/settings.php
index c6f1834e013..43f87c076d7 100644
--- a/apps/user_ldap/templates/settings.php
+++ b/apps/user_ldap/templates/settings.php
@@ -5,26 +5,56 @@
<li><a href="#ldapSettings-2">Advanced</a></li>
</ul>
<?php if(OCP\App::isEnabled('user_webdavauth')) {
- echo '<p class="ldapwarning">'.$l->t('<b>Warning:</b> Apps user_ldap and user_webdavauth are incompatible. You may experience unexpected behaviour. Please ask your system administrator to disable one of them.').'</p>';
+ echo '<p class="ldapwarning">'.$l->t('<b>Warning:</b> Apps user_ldap and user_webdavauth are incompatible.'
+ .' You may experience unexpected behaviour.'
+ .' Please ask your system administrator to disable one of them.').'</p>';
}
if(!function_exists('ldap_connect')) {
- echo '<p class="ldapwarning">'.$l->t('<b>Warning:</b> The PHP LDAP module is not installed, the backend will not work. Please ask your system administrator to install it.').'</p>';
+ echo '<p class="ldapwarning">'.$l->t('<b>Warning:</b> The PHP LDAP module is not installed,'
+ .' the backend will not work. Please ask your system administrator to install it.').'</p>';
}
?>
<fieldset id="ldapSettings-1">
- <p><label for="ldap_serverconfig_chooser"><?php echo $l->t('Server configuration');?></label><select id="ldap_serverconfig_chooser" name="ldap_serverconfig_chooser">
+ <p><label for="ldap_serverconfig_chooser"><?php echo $l->t('Server configuration');?></label>
+ <select id="ldap_serverconfig_chooser" name="ldap_serverconfig_chooser">
<?php echo $_['serverConfigurationOptions']; ?>
<option value="NEW"><?php echo $l->t('Add Server Configuration');?></option>
</select>
- <button id="ldap_action_delete_configuration" name="ldap_action_delete_configuration">Delete Configuration</button>
+ <button id="ldap_action_delete_configuration"
+ name="ldap_action_delete_configuration">Delete Configuration</button>
</p>
- <p><label for="ldap_host"><?php echo $l->t('Host');?></label><input type="text" id="ldap_host" name="ldap_host" data-default="<?php echo $_['ldap_host_default']; ?>" title="<?php echo $l->t('You can omit the protocol, except you require SSL. Then start with ldaps://');?>"></p>
- <p><label for="ldap_base"><?php echo $l->t('Base DN');?></label><textarea id="ldap_base" name="ldap_base" placeholder="<?php echo $l->t('One Base DN per line');?>" title="<?php echo $l->t('You can specify Base DN for users and groups in the Advanced tab');?>" data-default="<?php echo $_['ldap_base_default']; ?>" ></textarea></p>
- <p><label for="ldap_dn"><?php echo $l->t('User DN');?></label><input type="text" id="ldap_dn" name="ldap_dn" data-default="<?php echo $_['ldap_dn_default']; ?>" title="<?php echo $l->t('The DN of the client user with which the bind shall be done, e.g. uid=agent,dc=example,dc=com. For anonymous access, leave DN and Password empty.');?>" /></p>
- <p><label for="ldap_agent_password"><?php echo $l->t('Password');?></label><input type="password" id="ldap_agent_password" name="ldap_agent_password" data-default="<?php echo $_['ldap_agent_password_default']; ?>" title="<?php echo $l->t('For anonymous access, leave DN and Password empty.');?>" /></p>
- <p><label for="ldap_login_filter"><?php echo $l->t('User Login Filter');?></label><input type="text" id="ldap_login_filter" name="ldap_login_filter" data-default="<?php echo $_['ldap_login_filter_default']; ?>" title="<?php echo $l->t('Defines the filter to apply, when login is attempted. %%uid replaces the username in the login action.');?>" /><br /><small><?php echo $l->t('use %%uid placeholder, e.g. "uid=%%uid"');?></small></p>
- <p><label for="ldap_userlist_filter"><?php echo $l->t('User List Filter');?></label><input type="text" id="ldap_userlist_filter" name="ldap_userlist_filter" data-default="<?php echo $_['ldap_userlist_filter_default']; ?>" title="<?php echo $l->t('Defines the filter to apply, when retrieving users.');?>" /><br /><small><?php echo $l->t('without any placeholder, e.g. "objectClass=person".');?></small></p>
- <p><label for="ldap_group_filter"><?php echo $l->t('Group Filter');?></label><input type="text" id="ldap_group_filter" name="ldap_group_filter" data-default="<?php echo $_['ldap_group_filter_default']; ?>" title="<?php echo $l->t('Defines the filter to apply, when retrieving groups.');?>" /><br /><small><?php echo $l->t('without any placeholder, e.g. "objectClass=posixGroup".');?></small></p>
+ <p><label for="ldap_host"><?php echo $l->t('Host');?></label>
+ <input type="text" id="ldap_host" name="ldap_host" data-default="<?php echo $_['ldap_host_default']; ?>"
+ title="<?php echo $l->t('You can omit the protocol, except you require SSL.'
+ .' Then start with ldaps://');?>"></p>
+ <p><label for="ldap_base"><?php echo $l->t('Base DN');?></label>
+ <textarea id="ldap_base" name="ldap_base" placeholder="<?php echo $l->t('One Base DN per line');?>"
+ title="<?php echo $l->t('You can specify Base DN for users and groups in the Advanced tab');?>"
+ data-default="<?php echo $_['ldap_base_default']; ?>" ></textarea></p>
+ <p><label for="ldap_dn"><?php echo $l->t('User DN');?></label>
+ <input type="text" id="ldap_dn" name="ldap_dn" data-default="<?php echo $_['ldap_dn_default']; ?>"
+ title="<?php echo $l->t('The DN of the client user with which the bind shall be done,'
+ .' e.g. uid=agent,dc=example,dc=com. For anonymous access, leave DN and Password empty.');?>" /></p>
+ <p><label for="ldap_agent_password"><?php echo $l->t('Password');?></label>
+ <input type="password" id="ldap_agent_password" name="ldap_agent_password"
+ data-default="<?php echo $_['ldap_agent_password_default']; ?>"
+ title="<?php echo $l->t('For anonymous access, leave DN and Password empty.');?>" /></p>
+ <p><label for="ldap_login_filter"><?php echo $l->t('User Login Filter');?></label>
+ <input type="text" id="ldap_login_filter" name="ldap_login_filter"
+ data-default="<?php echo $_['ldap_login_filter_default']; ?>"
+ title="<?php echo $l->t('Defines the filter to apply, when login is attempted.'
+ .' %%uid replaces the username in the login action.');?>" />
+ <br /><small><?php echo $l->t('use %%uid placeholder, e.g. "uid=%%uid"');?></small></p>
+ <p><label for="ldap_userlist_filter"><?php echo $l->t('User List Filter');?></label>
+ <input type="text" id="ldap_userlist_filter" name="ldap_userlist_filter"
+ data-default="<?php echo $_['ldap_userlist_filter_default']; ?>"
+ title="<?php echo $l->t('Defines the filter to apply, when retrieving users.');?>" />
+ <br /><small><?php echo $l->t('without any placeholder, e.g. "objectClass=person".');?></small></p>
+ <p><label for="ldap_group_filter"><?php echo $l->t('Group Filter');?></label>
+ <input type="text" id="ldap_group_filter" name="ldap_group_filter"
+ data-default="<?php echo $_['ldap_group_filter_default']; ?>"
+ title="<?php echo $l->t('Defines the filter to apply, when retrieving groups.');?>" />
+ <br /><small><?php echo $l->t('without any placeholder, e.g. "objectClass=posixGroup".');?></small></p>
</fieldset>
<fieldset id="ldapSettings-2">
<div id="ldapAdvancedAccordion">
diff --git a/apps/user_ldap/user_ldap.php b/apps/user_ldap/user_ldap.php
index 7778c37c794..2b247362448 100644
--- a/apps/user_ldap/user_ldap.php
+++ b/apps/user_ldap/user_ldap.php
@@ -112,7 +112,8 @@ class USER_LDAP extends lib\Access implements \OCP\UserInterface {
return $ldap_users;
}
- // if we'd pass -1 to LDAP search, we'd end up in a Protocol error. With a limit of 0, we get 0 results. So we pass null.
+ // if we'd pass -1 to LDAP search, we'd end up in a Protocol
+ // error. With a limit of 0, we get 0 results. So we pass null.
if($limit <= 0) {
$limit = null;
}
@@ -121,9 +122,12 @@ class USER_LDAP extends lib\Access implements \OCP\UserInterface {
$this->getFilterPartForUserSearch($search)
));
- \OCP\Util::writeLog('user_ldap', 'getUsers: Options: search '.$search.' limit '.$limit.' offset '.$offset.' Filter: '.$filter, \OCP\Util::DEBUG);
+ \OCP\Util::writeLog('user_ldap',
+ 'getUsers: Options: search '.$search.' limit '.$limit.' offset '.$offset.' Filter: '.$filter,
+ \OCP\Util::DEBUG);
//do the search and translate results to owncloud names
- $ldap_users = $this->fetchListOfUsers($filter, array($this->connection->ldapUserDisplayName, 'dn'), $limit, $offset);
+ $ldap_users = $this->fetchListOfUsers($filter, array($this->connection->ldapUserDisplayName, 'dn'),
+ $limit, $offset);
$ldap_users = $this->ownCloudUserNames($ldap_users);
\OCP\Util::writeLog('user_ldap', 'getUsers: '.count($ldap_users). ' Users found', \OCP\Util::DEBUG);
@@ -189,11 +193,13 @@ class USER_LDAP extends lib\Access implements \OCP\UserInterface {
//check for / at the beginning or pattern c:\ resp. c:/
if(
'/' == $path[0]
- || (3 < strlen($path) && ctype_alpha($path[0]) && $path[1] == ':' && ('\\' == $path[2] || '/' == $path[2]))
+ || (3 < strlen($path) && ctype_alpha($path[0])
+ && $path[1] == ':' && ('\\' == $path[2] || '/' == $path[2]))
) {
$homedir = $path;
} else {
- $homedir = \OCP\Config::getSystemValue('datadirectory', \OC::$SERVERROOT.'/data' ) . '/' . $homedir[0];
+ $homedir = \OCP\Config::getSystemValue('datadirectory',
+ \OC::$SERVERROOT.'/data' ) . '/' . $homedir[0];
}
$this->connection->writeToCache($cacheKey, $homedir);
return $homedir;
@@ -267,4 +273,4 @@ class USER_LDAP extends lib\Access implements \OCP\UserInterface {
public function hasUserListings() {
return true;
}
-} \ No newline at end of file
+}