nextcloud / server

apps/dav/lib/SystemTag/SystemTagsObjectMappingCollection.php

Doc Comments +3 added lines

@@ -89,6 +89,9 @@
 		$this->user = $user;
 	}
 
+	/**
+	 * @param string $tagId
+	 */
 	function createFile($tagId, $data = null) {
 		try {
 			$tags = $this->tagManager->getTagsByIds([$tagId]);

Indentation +165 added lines, -165 removed lines

@@ -39,169 +39,169 @@
  */
 class SystemTagsObjectMappingCollection implements ICollection {
 
-	/**
-	 * @var string
-	 */
-	private $objectId;
-
-	/**
-	 * @var string
-	 */
-	private $objectType;
-
-	/**
-	 * @var ISystemTagManager
-	 */
-	private $tagManager;
-
-	/**
-	 * @var ISystemTagObjectMapper
-	 */
-	private $tagMapper;
-
-	/**
-	 * User
-	 *
-	 * @var IUser
-	 */
-	private $user;
-
-
-	/**
-	 * Constructor
-	 *
-	 * @param string $objectId object id
-	 * @param string $objectType object type
-	 * @param IUser $user user
-	 * @param ISystemTagManager $tagManager tag manager
-	 * @param ISystemTagObjectMapper $tagMapper tag mapper
-	 */
-	public function __construct(
-		$objectId,
-		$objectType,
-		IUser $user,
-		ISystemTagManager $tagManager,
-		ISystemTagObjectMapper $tagMapper
-	) {
-		$this->tagManager = $tagManager;
-		$this->tagMapper = $tagMapper;
-		$this->objectId = $objectId;
-		$this->objectType = $objectType;
-		$this->user = $user;
-	}
-
-	function createFile($tagId, $data = null) {
-		try {
-			$tags = $this->tagManager->getTagsByIds([$tagId]);
-			$tag = current($tags);
-			if (!$this->tagManager->canUserSeeTag($tag, $this->user)) {
-				throw new PreconditionFailed('Tag with id ' . $tagId . ' does not exist, cannot assign');
-			}
-			if (!$this->tagManager->canUserAssignTag($tag, $this->user)) {
-				throw new Forbidden('No permission to assign tag ' . $tagId);
-			}
-
-			$this->tagMapper->assignTags($this->objectId, $this->objectType, $tagId);
-		} catch (TagNotFoundException $e) {
-			throw new PreconditionFailed('Tag with id ' . $tagId . ' does not exist, cannot assign');
-		}
-	}
-
-	function createDirectory($name) {
-		throw new Forbidden('Permission denied to create collections');
-	}
-
-	function getChild($tagId) {
-		try {
-			if ($this->tagMapper->haveTag([$this->objectId], $this->objectType, $tagId, true)) {
-				$tag = $this->tagManager->getTagsByIds([$tagId]);
-				$tag = current($tag);
-				if ($this->tagManager->canUserSeeTag($tag, $this->user)) {
-					return $this->makeNode($tag);
-				}
-			}
-			throw new NotFound('Tag with id ' . $tagId . ' not present for object ' . $this->objectId);
-		} catch (\InvalidArgumentException $e) {
-			throw new BadRequest('Invalid tag id', 0, $e);
-		} catch (TagNotFoundException $e) {
-			throw new NotFound('Tag with id ' . $tagId . ' not found', 0, $e);
-		}
-	}
-
-	function getChildren() {
-		$tagIds = current($this->tagMapper->getTagIdsForObjects([$this->objectId], $this->objectType));
-		if (empty($tagIds)) {
-			return [];
-		}
-		$tags = $this->tagManager->getTagsByIds($tagIds);
-
-		// filter out non-visible tags
-		$tags = array_filter($tags, function($tag) {
-			return $this->tagManager->canUserSeeTag($tag, $this->user);
-		});
-
-		return array_values(array_map(function($tag) {
-			return $this->makeNode($tag);
-		}, $tags));
-	}
-
-	function childExists($tagId) {
-		try {
-			$result = ($this->tagMapper->haveTag([$this->objectId], $this->objectType, $tagId, true));
-
-			if ($result) {
-				$tags = $this->tagManager->getTagsByIds([$tagId]);
-				$tag = current($tags);
-				if (!$this->tagManager->canUserSeeTag($tag, $this->user)) {
-					return false;
-				}
-			}
-
-			return $result;
-		} catch (\InvalidArgumentException $e) {
-			throw new BadRequest('Invalid tag id', 0, $e);
-		} catch (TagNotFoundException $e) {
-			return false;
-		}
-	}
-
-	function delete() {
-		throw new Forbidden('Permission denied to delete this collection');
-	}
-
-	function getName() {
-		return $this->objectId;
-	}
-
-	function setName($name) {
-		throw new Forbidden('Permission denied to rename this collection');
-	}
-
-	/**
-	 * Returns the last modification time, as a unix timestamp
-	 *
-	 * @return int
-	 */
-	function getLastModified() {
-		return null;
-	}
-
-	/**
-	 * Create a sabre node for the mapping of the 
-	 * given system tag to the collection's object
-	 *
-	 * @param ISystemTag $tag
-	 *
-	 * @return SystemTagMappingNode
-	 */
-	private function makeNode(ISystemTag $tag) {
-		return new SystemTagMappingNode(
-			$tag,
-			$this->objectId,
-			$this->objectType,
-			$this->user,
-			$this->tagManager,
-			$this->tagMapper
-		);
-	}
+    /**
+     * @var string
+     */
+    private $objectId;
+
+    /**
+     * @var string
+     */
+    private $objectType;
+
+    /**
+     * @var ISystemTagManager
+     */
+    private $tagManager;
+
+    /**
+     * @var ISystemTagObjectMapper
+     */
+    private $tagMapper;
+
+    /**
+     * User
+     *
+     * @var IUser
+     */
+    private $user;
+
+
+    /**
+     * Constructor
+     *
+     * @param string $objectId object id
+     * @param string $objectType object type
+     * @param IUser $user user
+     * @param ISystemTagManager $tagManager tag manager
+     * @param ISystemTagObjectMapper $tagMapper tag mapper
+     */
+    public function __construct(
+        $objectId,
+        $objectType,
+        IUser $user,
+        ISystemTagManager $tagManager,
+        ISystemTagObjectMapper $tagMapper
+    ) {
+        $this->tagManager = $tagManager;
+        $this->tagMapper = $tagMapper;
+        $this->objectId = $objectId;
+        $this->objectType = $objectType;
+        $this->user = $user;
+    }
+
+    function createFile($tagId, $data = null) {
+        try {
+            $tags = $this->tagManager->getTagsByIds([$tagId]);
+            $tag = current($tags);
+            if (!$this->tagManager->canUserSeeTag($tag, $this->user)) {
+                throw new PreconditionFailed('Tag with id ' . $tagId . ' does not exist, cannot assign');
+            }
+            if (!$this->tagManager->canUserAssignTag($tag, $this->user)) {
+                throw new Forbidden('No permission to assign tag ' . $tagId);
+            }
+
+            $this->tagMapper->assignTags($this->objectId, $this->objectType, $tagId);
+        } catch (TagNotFoundException $e) {
+            throw new PreconditionFailed('Tag with id ' . $tagId . ' does not exist, cannot assign');
+        }
+    }
+
+    function createDirectory($name) {
+        throw new Forbidden('Permission denied to create collections');
+    }
+
+    function getChild($tagId) {
+        try {
+            if ($this->tagMapper->haveTag([$this->objectId], $this->objectType, $tagId, true)) {
+                $tag = $this->tagManager->getTagsByIds([$tagId]);
+                $tag = current($tag);
+                if ($this->tagManager->canUserSeeTag($tag, $this->user)) {
+                    return $this->makeNode($tag);
+                }
+            }
+            throw new NotFound('Tag with id ' . $tagId . ' not present for object ' . $this->objectId);
+        } catch (\InvalidArgumentException $e) {
+            throw new BadRequest('Invalid tag id', 0, $e);
+        } catch (TagNotFoundException $e) {
+            throw new NotFound('Tag with id ' . $tagId . ' not found', 0, $e);
+        }
+    }
+
+    function getChildren() {
+        $tagIds = current($this->tagMapper->getTagIdsForObjects([$this->objectId], $this->objectType));
+        if (empty($tagIds)) {
+            return [];
+        }
+        $tags = $this->tagManager->getTagsByIds($tagIds);
+
+        // filter out non-visible tags
+        $tags = array_filter($tags, function($tag) {
+            return $this->tagManager->canUserSeeTag($tag, $this->user);
+        });
+
+        return array_values(array_map(function($tag) {
+            return $this->makeNode($tag);
+        }, $tags));
+    }
+
+    function childExists($tagId) {
+        try {
+            $result = ($this->tagMapper->haveTag([$this->objectId], $this->objectType, $tagId, true));
+
+            if ($result) {
+                $tags = $this->tagManager->getTagsByIds([$tagId]);
+                $tag = current($tags);
+                if (!$this->tagManager->canUserSeeTag($tag, $this->user)) {
+                    return false;
+                }
+            }
+
+            return $result;
+        } catch (\InvalidArgumentException $e) {
+            throw new BadRequest('Invalid tag id', 0, $e);
+        } catch (TagNotFoundException $e) {
+            return false;
+        }
+    }
+
+    function delete() {
+        throw new Forbidden('Permission denied to delete this collection');
+    }
+
+    function getName() {
+        return $this->objectId;
+    }
+
+    function setName($name) {
+        throw new Forbidden('Permission denied to rename this collection');
+    }
+
+    /**
+     * Returns the last modification time, as a unix timestamp
+     *
+     * @return int
+     */
+    function getLastModified() {
+        return null;
+    }
+
+    /**
+     * Create a sabre node for the mapping of the 
+     * given system tag to the collection's object
+     *
+     * @param ISystemTag $tag
+     *
+     * @return SystemTagMappingNode
+     */
+    private function makeNode(ISystemTag $tag) {
+        return new SystemTagMappingNode(
+            $tag,
+            $this->objectId,
+            $this->objectType,
+            $this->user,
+            $this->tagManager,
+            $this->tagMapper
+        );
+    }
 }

Spacing +5 added lines, -5 removed lines

@@ -95,15 +95,15 @@ 
 			$tags = $this->tagManager->getTagsByIds([$tagId]);
 			$tag = current($tags);
 			if (!$this->tagManager->canUserSeeTag($tag, $this->user)) {
-				throw new PreconditionFailed('Tag with id ' . $tagId . ' does not exist, cannot assign');
+				throw new PreconditionFailed('Tag with id '.$tagId.' does not exist, cannot assign');
 			}
 			if (!$this->tagManager->canUserAssignTag($tag, $this->user)) {
-				throw new Forbidden('No permission to assign tag ' . $tagId);
+				throw new Forbidden('No permission to assign tag '.$tagId);
 			}
 
 			$this->tagMapper->assignTags($this->objectId, $this->objectType, $tagId);
 		} catch (TagNotFoundException $e) {
-			throw new PreconditionFailed('Tag with id ' . $tagId . ' does not exist, cannot assign');
+			throw new PreconditionFailed('Tag with id '.$tagId.' does not exist, cannot assign');
 		}
 	}
 
@@ -120,11 +120,11 @@ 
 					return $this->makeNode($tag);
 				}
 			}
-			throw new NotFound('Tag with id ' . $tagId . ' not present for object ' . $this->objectId);
+			throw new NotFound('Tag with id '.$tagId.' not present for object '.$this->objectId);
 		} catch (\InvalidArgumentException $e) {
 			throw new BadRequest('Invalid tag id', 0, $e);
 		} catch (TagNotFoundException $e) {
-			throw new NotFound('Tag with id ' . $tagId . ' not found', 0, $e);
+			throw new NotFound('Tag with id '.$tagId.' not found', 0, $e);
 		}
 	}
 

lib/private/DB/Migrator.php

Doc Comments +8 added lines

@@ -273,6 +273,10 @@ 
 		return '/^' . preg_quote($this->config->getSystemValue('dbtableprefix', 'oc_')) . '/';
 	}
 
+	/**
+	 * @param integer $step
+	 * @param integer $max
+	 */
 	protected function emit($sql, $step, $max) {
 		if ($this->noEmit) {
 			return;
@@ -283,6 +287,10 @@ 
 		$this->dispatcher->dispatch('\OC\DB\Migrator::executeSql', new GenericEvent($sql, [$step+1, $max]));
 	}
 
+	/**
+	 * @param integer $step
+	 * @param integer $max
+	 */
 	private function emitCheckStep($tableName, $step, $max) {
 		if(is_null($this->dispatcher)) {
 			return;

Indentation +267 added lines, -267 removed lines

@@ -43,271 +43,271 @@
 
 class Migrator {
 
-	/**
-	 * @var \Doctrine\DBAL\Connection $connection
-	 */
-	protected $connection;
-
-	/**
-	 * @var ISecureRandom
-	 */
-	private $random;
-
-	/** @var IConfig */
-	protected $config;
-
-	/** @var EventDispatcher  */
-	private $dispatcher;
-
-	/** @var bool */
-	private $noEmit = false;
-
-	/**
-	 * @param \Doctrine\DBAL\Connection|Connection $connection
-	 * @param ISecureRandom $random
-	 * @param IConfig $config
-	 * @param EventDispatcher $dispatcher
-	 */
-	public function __construct(\Doctrine\DBAL\Connection $connection,
-								ISecureRandom $random,
-								IConfig $config,
-								EventDispatcher $dispatcher = null) {
-		$this->connection = $connection;
-		$this->random = $random;
-		$this->config = $config;
-		$this->dispatcher = $dispatcher;
-	}
-
-	/**
-	 * @param \Doctrine\DBAL\Schema\Schema $targetSchema
-	 */
-	public function migrate(Schema $targetSchema) {
-		$this->noEmit = true;
-		$this->applySchema($targetSchema);
-	}
-
-	/**
-	 * @param \Doctrine\DBAL\Schema\Schema $targetSchema
-	 * @return string
-	 */
-	public function generateChangeScript(Schema $targetSchema) {
-		$schemaDiff = $this->getDiff($targetSchema, $this->connection);
-
-		$script = '';
-		$sqls = $schemaDiff->toSql($this->connection->getDatabasePlatform());
-		foreach ($sqls as $sql) {
-			$script .= $this->convertStatementToScript($sql);
-		}
-
-		return $script;
-	}
-
-	/**
-	 * @param Schema $targetSchema
-	 * @throws \OC\DB\MigrationException
-	 */
-	public function checkMigrate(Schema $targetSchema) {
-		$this->noEmit = true;
-		/**@var \Doctrine\DBAL\Schema\Table[] $tables */
-		$tables = $targetSchema->getTables();
-		$filterExpression = $this->getFilterExpression();
-		$this->connection->getConfiguration()->
-			setFilterSchemaAssetsExpression($filterExpression);
-		$existingTables = $this->connection->getSchemaManager()->listTableNames();
-
-		$step = 0;
-		foreach ($tables as $table) {
-			if (strpos($table->getName(), '.')) {
-				list(, $tableName) = explode('.', $table->getName());
-			} else {
-				$tableName = $table->getName();
-			}
-			$this->emitCheckStep($tableName, $step++, count($tables));
-			// don't need to check for new tables
-			if (array_search($tableName, $existingTables) !== false) {
-				$this->checkTableMigrate($table);
-			}
-		}
-	}
-
-	/**
-	 * Create a unique name for the temporary table
-	 *
-	 * @param string $name
-	 * @return string
-	 */
-	protected function generateTemporaryTableName($name) {
-		return $this->config->getSystemValue('dbtableprefix', 'oc_') . $name . '_' . $this->random->generate(13, ISecureRandom::CHAR_LOWER . ISecureRandom::CHAR_DIGITS);
-	}
-
-	/**
-	 * Check the migration of a table on a copy so we can detect errors before messing with the real table
-	 *
-	 * @param \Doctrine\DBAL\Schema\Table $table
-	 * @throws \OC\DB\MigrationException
-	 */
-	protected function checkTableMigrate(Table $table) {
-		$name = $table->getName();
-		$tmpName = $this->generateTemporaryTableName($name);
-
-		$this->copyTable($name, $tmpName);
-
-		//create the migration schema for the temporary table
-		$tmpTable = $this->renameTableSchema($table, $tmpName);
-		$schemaConfig = new SchemaConfig();
-		$schemaConfig->setName($this->connection->getDatabase());
-		$schema = new Schema(array($tmpTable), array(), $schemaConfig);
-
-		try {
-			$this->applySchema($schema);
-			$this->dropTable($tmpName);
-		} catch (DBALException $e) {
-			// pgsql needs to commit it's failed transaction before doing anything else
-			if ($this->connection->isTransactionActive()) {
-				$this->connection->commit();
-			}
-			$this->dropTable($tmpName);
-			throw new MigrationException($table->getName(), $e->getMessage());
-		}
-	}
-
-	/**
-	 * @param \Doctrine\DBAL\Schema\Table $table
-	 * @param string $newName
-	 * @return \Doctrine\DBAL\Schema\Table
-	 */
-	protected function renameTableSchema(Table $table, $newName) {
-		/**
-		 * @var \Doctrine\DBAL\Schema\Index[] $indexes
-		 */
-		$indexes = $table->getIndexes();
-		$newIndexes = array();
-		foreach ($indexes as $index) {
-			if ($index->isPrimary()) {
-				// do not rename primary key
-				$indexName = $index->getName();
-			} else {
-				// avoid conflicts in index names
-				$indexName = $this->config->getSystemValue('dbtableprefix', 'oc_') . $this->random->generate(13, ISecureRandom::CHAR_LOWER);
-			}
-			$newIndexes[] = new Index($indexName, $index->getColumns(), $index->isUnique(), $index->isPrimary());
-		}
-
-		// foreign keys are not supported so we just set it to an empty array
-		return new Table($newName, $table->getColumns(), $newIndexes, array(), 0, $table->getOptions());
-	}
-
-	/**
-	 * @param Schema $targetSchema
-	 * @param \Doctrine\DBAL\Connection $connection
-	 * @return \Doctrine\DBAL\Schema\SchemaDiff
-	 * @throws DBALException
-	 */
-	protected function getDiff(Schema $targetSchema, \Doctrine\DBAL\Connection $connection) {
-		// adjust varchar columns with a length higher then getVarcharMaxLength to clob
-		foreach ($targetSchema->getTables() as $table) {
-			foreach ($table->getColumns() as $column) {
-				if ($column->getType() instanceof StringType) {
-					if ($column->getLength() > $connection->getDatabasePlatform()->getVarcharMaxLength()) {
-						$column->setType(Type::getType('text'));
-						$column->setLength(null);
-					}
-				}
-			}
-		}
-
-		$filterExpression = $this->getFilterExpression();
-		$this->connection->getConfiguration()->
-		setFilterSchemaAssetsExpression($filterExpression);
-		$sourceSchema = $connection->getSchemaManager()->createSchema();
-
-		// remove tables we don't know about
-		/** @var $table \Doctrine\DBAL\Schema\Table */
-		foreach ($sourceSchema->getTables() as $table) {
-			if (!$targetSchema->hasTable($table->getName())) {
-				$sourceSchema->dropTable($table->getName());
-			}
-		}
-		// remove sequences we don't know about
-		foreach ($sourceSchema->getSequences() as $table) {
-			if (!$targetSchema->hasSequence($table->getName())) {
-				$sourceSchema->dropSequence($table->getName());
-			}
-		}
-
-		$comparator = new Comparator();
-		return $comparator->compare($sourceSchema, $targetSchema);
-	}
-
-	/**
-	 * @param \Doctrine\DBAL\Schema\Schema $targetSchema
-	 * @param \Doctrine\DBAL\Connection $connection
-	 */
-	protected function applySchema(Schema $targetSchema, \Doctrine\DBAL\Connection $connection = null) {
-		if (is_null($connection)) {
-			$connection = $this->connection;
-		}
-
-		$schemaDiff = $this->getDiff($targetSchema, $connection);
-
-		$connection->beginTransaction();
-		$sqls = $schemaDiff->toSql($connection->getDatabasePlatform());
-		$step = 0;
-		foreach ($sqls as $sql) {
-			$this->emit($sql, $step++, count($sqls));
-			$connection->query($sql);
-		}
-		$connection->commit();
-	}
-
-	/**
-	 * @param string $sourceName
-	 * @param string $targetName
-	 */
-	protected function copyTable($sourceName, $targetName) {
-		$quotedSource = $this->connection->quoteIdentifier($sourceName);
-		$quotedTarget = $this->connection->quoteIdentifier($targetName);
-
-		$this->connection->exec('CREATE TABLE ' . $quotedTarget . ' (LIKE ' . $quotedSource . ')');
-		$this->connection->exec('INSERT INTO ' . $quotedTarget . ' SELECT * FROM ' . $quotedSource);
-	}
-
-	/**
-	 * @param string $name
-	 */
-	protected function dropTable($name) {
-		$this->connection->exec('DROP TABLE ' . $this->connection->quoteIdentifier($name));
-	}
-
-	/**
-	 * @param $statement
-	 * @return string
-	 */
-	protected function convertStatementToScript($statement) {
-		$script = $statement . ';';
-		$script .= PHP_EOL;
-		$script .= PHP_EOL;
-		return $script;
-	}
-
-	protected function getFilterExpression() {
-		return '/^' . preg_quote($this->config->getSystemValue('dbtableprefix', 'oc_')) . '/';
-	}
-
-	protected function emit($sql, $step, $max) {
-		if ($this->noEmit) {
-			return;
-		}
-		if(is_null($this->dispatcher)) {
-			return;
-		}
-		$this->dispatcher->dispatch('\OC\DB\Migrator::executeSql', new GenericEvent($sql, [$step+1, $max]));
-	}
-
-	private function emitCheckStep($tableName, $step, $max) {
-		if(is_null($this->dispatcher)) {
-			return;
-		}
-		$this->dispatcher->dispatch('\OC\DB\Migrator::checkTable', new GenericEvent($tableName, [$step+1, $max]));
-	}
+    /**
+     * @var \Doctrine\DBAL\Connection $connection
+     */
+    protected $connection;
+
+    /**
+     * @var ISecureRandom
+     */
+    private $random;
+
+    /** @var IConfig */
+    protected $config;
+
+    /** @var EventDispatcher  */
+    private $dispatcher;
+
+    /** @var bool */
+    private $noEmit = false;
+
+    /**
+     * @param \Doctrine\DBAL\Connection|Connection $connection
+     * @param ISecureRandom $random
+     * @param IConfig $config
+     * @param EventDispatcher $dispatcher
+     */
+    public function __construct(\Doctrine\DBAL\Connection $connection,
+                                ISecureRandom $random,
+                                IConfig $config,
+                                EventDispatcher $dispatcher = null) {
+        $this->connection = $connection;
+        $this->random = $random;
+        $this->config = $config;
+        $this->dispatcher = $dispatcher;
+    }
+
+    /**
+     * @param \Doctrine\DBAL\Schema\Schema $targetSchema
+     */
+    public function migrate(Schema $targetSchema) {
+        $this->noEmit = true;
+        $this->applySchema($targetSchema);
+    }
+
+    /**
+     * @param \Doctrine\DBAL\Schema\Schema $targetSchema
+     * @return string
+     */
+    public function generateChangeScript(Schema $targetSchema) {
+        $schemaDiff = $this->getDiff($targetSchema, $this->connection);
+
+        $script = '';
+        $sqls = $schemaDiff->toSql($this->connection->getDatabasePlatform());
+        foreach ($sqls as $sql) {
+            $script .= $this->convertStatementToScript($sql);
+        }
+
+        return $script;
+    }
+
+    /**
+     * @param Schema $targetSchema
+     * @throws \OC\DB\MigrationException
+     */
+    public function checkMigrate(Schema $targetSchema) {
+        $this->noEmit = true;
+        /**@var \Doctrine\DBAL\Schema\Table[] $tables */
+        $tables = $targetSchema->getTables();
+        $filterExpression = $this->getFilterExpression();
+        $this->connection->getConfiguration()->
+            setFilterSchemaAssetsExpression($filterExpression);
+        $existingTables = $this->connection->getSchemaManager()->listTableNames();
+
+        $step = 0;
+        foreach ($tables as $table) {
+            if (strpos($table->getName(), '.')) {
+                list(, $tableName) = explode('.', $table->getName());
+            } else {
+                $tableName = $table->getName();
+            }
+            $this->emitCheckStep($tableName, $step++, count($tables));
+            // don't need to check for new tables
+            if (array_search($tableName, $existingTables) !== false) {
+                $this->checkTableMigrate($table);
+            }
+        }
+    }
+
+    /**
+     * Create a unique name for the temporary table
+     *
+     * @param string $name
+     * @return string
+     */
+    protected function generateTemporaryTableName($name) {
+        return $this->config->getSystemValue('dbtableprefix', 'oc_') . $name . '_' . $this->random->generate(13, ISecureRandom::CHAR_LOWER . ISecureRandom::CHAR_DIGITS);
+    }
+
+    /**
+     * Check the migration of a table on a copy so we can detect errors before messing with the real table
+     *
+     * @param \Doctrine\DBAL\Schema\Table $table
+     * @throws \OC\DB\MigrationException
+     */
+    protected function checkTableMigrate(Table $table) {
+        $name = $table->getName();
+        $tmpName = $this->generateTemporaryTableName($name);
+
+        $this->copyTable($name, $tmpName);
+
+        //create the migration schema for the temporary table
+        $tmpTable = $this->renameTableSchema($table, $tmpName);
+        $schemaConfig = new SchemaConfig();
+        $schemaConfig->setName($this->connection->getDatabase());
+        $schema = new Schema(array($tmpTable), array(), $schemaConfig);
+
+        try {
+            $this->applySchema($schema);
+            $this->dropTable($tmpName);
+        } catch (DBALException $e) {
+            // pgsql needs to commit it's failed transaction before doing anything else
+            if ($this->connection->isTransactionActive()) {
+                $this->connection->commit();
+            }
+            $this->dropTable($tmpName);
+            throw new MigrationException($table->getName(), $e->getMessage());
+        }
+    }
+
+    /**
+     * @param \Doctrine\DBAL\Schema\Table $table
+     * @param string $newName
+     * @return \Doctrine\DBAL\Schema\Table
+     */
+    protected function renameTableSchema(Table $table, $newName) {
+        /**
+         * @var \Doctrine\DBAL\Schema\Index[] $indexes
+         */
+        $indexes = $table->getIndexes();
+        $newIndexes = array();
+        foreach ($indexes as $index) {
+            if ($index->isPrimary()) {
+                // do not rename primary key
+                $indexName = $index->getName();
+            } else {
+                // avoid conflicts in index names
+                $indexName = $this->config->getSystemValue('dbtableprefix', 'oc_') . $this->random->generate(13, ISecureRandom::CHAR_LOWER);
+            }
+            $newIndexes[] = new Index($indexName, $index->getColumns(), $index->isUnique(), $index->isPrimary());
+        }
+
+        // foreign keys are not supported so we just set it to an empty array
+        return new Table($newName, $table->getColumns(), $newIndexes, array(), 0, $table->getOptions());
+    }
+
+    /**
+     * @param Schema $targetSchema
+     * @param \Doctrine\DBAL\Connection $connection
+     * @return \Doctrine\DBAL\Schema\SchemaDiff
+     * @throws DBALException
+     */
+    protected function getDiff(Schema $targetSchema, \Doctrine\DBAL\Connection $connection) {
+        // adjust varchar columns with a length higher then getVarcharMaxLength to clob
+        foreach ($targetSchema->getTables() as $table) {
+            foreach ($table->getColumns() as $column) {
+                if ($column->getType() instanceof StringType) {
+                    if ($column->getLength() > $connection->getDatabasePlatform()->getVarcharMaxLength()) {
+                        $column->setType(Type::getType('text'));
+                        $column->setLength(null);
+                    }
+                }
+            }
+        }
+
+        $filterExpression = $this->getFilterExpression();
+        $this->connection->getConfiguration()->
+        setFilterSchemaAssetsExpression($filterExpression);
+        $sourceSchema = $connection->getSchemaManager()->createSchema();
+
+        // remove tables we don't know about
+        /** @var $table \Doctrine\DBAL\Schema\Table */
+        foreach ($sourceSchema->getTables() as $table) {
+            if (!$targetSchema->hasTable($table->getName())) {
+                $sourceSchema->dropTable($table->getName());
+            }
+        }
+        // remove sequences we don't know about
+        foreach ($sourceSchema->getSequences() as $table) {
+            if (!$targetSchema->hasSequence($table->getName())) {
+                $sourceSchema->dropSequence($table->getName());
+            }
+        }
+
+        $comparator = new Comparator();
+        return $comparator->compare($sourceSchema, $targetSchema);
+    }
+
+    /**
+     * @param \Doctrine\DBAL\Schema\Schema $targetSchema
+     * @param \Doctrine\DBAL\Connection $connection
+     */
+    protected function applySchema(Schema $targetSchema, \Doctrine\DBAL\Connection $connection = null) {
+        if (is_null($connection)) {
+            $connection = $this->connection;
+        }
+
+        $schemaDiff = $this->getDiff($targetSchema, $connection);
+
+        $connection->beginTransaction();
+        $sqls = $schemaDiff->toSql($connection->getDatabasePlatform());
+        $step = 0;
+        foreach ($sqls as $sql) {
+            $this->emit($sql, $step++, count($sqls));
+            $connection->query($sql);
+        }
+        $connection->commit();
+    }
+
+    /**
+     * @param string $sourceName
+     * @param string $targetName
+     */
+    protected function copyTable($sourceName, $targetName) {
+        $quotedSource = $this->connection->quoteIdentifier($sourceName);
+        $quotedTarget = $this->connection->quoteIdentifier($targetName);
+
+        $this->connection->exec('CREATE TABLE ' . $quotedTarget . ' (LIKE ' . $quotedSource . ')');
+        $this->connection->exec('INSERT INTO ' . $quotedTarget . ' SELECT * FROM ' . $quotedSource);
+    }
+
+    /**
+     * @param string $name
+     */
+    protected function dropTable($name) {
+        $this->connection->exec('DROP TABLE ' . $this->connection->quoteIdentifier($name));
+    }
+
+    /**
+     * @param $statement
+     * @return string
+     */
+    protected function convertStatementToScript($statement) {
+        $script = $statement . ';';
+        $script .= PHP_EOL;
+        $script .= PHP_EOL;
+        return $script;
+    }
+
+    protected function getFilterExpression() {
+        return '/^' . preg_quote($this->config->getSystemValue('dbtableprefix', 'oc_')) . '/';
+    }
+
+    protected function emit($sql, $step, $max) {
+        if ($this->noEmit) {
+            return;
+        }
+        if(is_null($this->dispatcher)) {
+            return;
+        }
+        $this->dispatcher->dispatch('\OC\DB\Migrator::executeSql', new GenericEvent($sql, [$step+1, $max]));
+    }
+
+    private function emitCheckStep($tableName, $step, $max) {
+        if(is_null($this->dispatcher)) {
+            return;
+        }
+        $this->dispatcher->dispatch('\OC\DB\Migrator::checkTable', new GenericEvent($tableName, [$step+1, $max]));
+    }
 }

Spacing +11 added lines, -11 removed lines

@@ -137,7 +137,7 @@ 
 	 * @return string
 	 */
 	protected function generateTemporaryTableName($name) {
-		return $this->config->getSystemValue('dbtableprefix', 'oc_') . $name . '_' . $this->random->generate(13, ISecureRandom::CHAR_LOWER . ISecureRandom::CHAR_DIGITS);
+		return $this->config->getSystemValue('dbtableprefix', 'oc_').$name.'_'.$this->random->generate(13, ISecureRandom::CHAR_LOWER.ISecureRandom::CHAR_DIGITS);
 	}
 
 	/**
@@ -188,7 +188,7 @@ 
 				$indexName = $index->getName();
 			} else {
 				// avoid conflicts in index names
-				$indexName = $this->config->getSystemValue('dbtableprefix', 'oc_') . $this->random->generate(13, ISecureRandom::CHAR_LOWER);
+				$indexName = $this->config->getSystemValue('dbtableprefix', 'oc_').$this->random->generate(13, ISecureRandom::CHAR_LOWER);
 			}
 			$newIndexes[] = new Index($indexName, $index->getColumns(), $index->isUnique(), $index->isPrimary());
 		}
@@ -268,15 +268,15 @@ 
 		$quotedSource = $this->connection->quoteIdentifier($sourceName);
 		$quotedTarget = $this->connection->quoteIdentifier($targetName);
 
-		$this->connection->exec('CREATE TABLE ' . $quotedTarget . ' (LIKE ' . $quotedSource . ')');
-		$this->connection->exec('INSERT INTO ' . $quotedTarget . ' SELECT * FROM ' . $quotedSource);
+		$this->connection->exec('CREATE TABLE '.$quotedTarget.' (LIKE '.$quotedSource.')');
+		$this->connection->exec('INSERT INTO '.$quotedTarget.' SELECT * FROM '.$quotedSource);
 	}
 
 	/**
 	 * @param string $name
 	 */
 	protected function dropTable($name) {
-		$this->connection->exec('DROP TABLE ' . $this->connection->quoteIdentifier($name));
+		$this->connection->exec('DROP TABLE '.$this->connection->quoteIdentifier($name));
 	}
 
 	/**
@@ -284,30 +284,30 @@ 
 	 * @return string
 	 */
 	protected function convertStatementToScript($statement) {
-		$script = $statement . ';';
+		$script = $statement.';';
 		$script .= PHP_EOL;
 		$script .= PHP_EOL;
 		return $script;
 	}
 
 	protected function getFilterExpression() {
-		return '/^' . preg_quote($this->config->getSystemValue('dbtableprefix', 'oc_')) . '/';
+		return '/^'.preg_quote($this->config->getSystemValue('dbtableprefix', 'oc_')).'/';
 	}
 
 	protected function emit($sql, $step, $max) {
 		if ($this->noEmit) {
 			return;
 		}
-		if(is_null($this->dispatcher)) {
+		if (is_null($this->dispatcher)) {
 			return;
 		}
-		$this->dispatcher->dispatch('\OC\DB\Migrator::executeSql', new GenericEvent($sql, [$step+1, $max]));
+		$this->dispatcher->dispatch('\OC\DB\Migrator::executeSql', new GenericEvent($sql, [$step + 1, $max]));
 	}
 
 	private function emitCheckStep($tableName, $step, $max) {
-		if(is_null($this->dispatcher)) {
+		if (is_null($this->dispatcher)) {
 			return;
 		}
-		$this->dispatcher->dispatch('\OC\DB\Migrator::checkTable', new GenericEvent($tableName, [$step+1, $max]));
+		$this->dispatcher->dispatch('\OC\DB\Migrator::checkTable', new GenericEvent($tableName, [$step + 1, $max]));
 	}
 }

settings/Controller/CheckSetupController.php

Doc Comments +2 added lines, -1 removed lines

@@ -103,6 +103,7 @@ 
 
 	/**
 	* Chceks if the ownCloud server can connect to a specific URL using both HTTPS and HTTP
+	* @param string $sitename
 	* @return bool
 	*/
 	private function isSiteReachable($sitename) {
@@ -285,7 +286,7 @@ 
 
 	/**
 	 * @NoCSRFRequired
-	 * @return DataResponse
+	 * @return DataDisplayResponse
 	 */
 	public function getFailedIntegrityCheckFiles() {
 		if(!$this->checker->isCodeCheckEnforced()) {

Spacing +26 added lines, -26 removed lines

@@ -104,7 +104,7 @@ 
 						'www.google.com',
 						'www.github.com'];
 
-		foreach($siteArray as $site) {
+		foreach ($siteArray as $site) {
 			if ($this->isSiteReachable($site)) {
 				return true;
 			}
@@ -117,8 +117,8 @@ 
 	* @return bool
 	*/
 	private function isSiteReachable($sitename) {
-		$httpSiteName = 'http://' . $sitename . '/';
-		$httpsSiteName = 'https://' . $sitename . '/';
+		$httpSiteName = 'http://'.$sitename.'/';
+		$httpsSiteName = 'https://'.$sitename.'/';
 
 		try {
 			$client = $this->clientService->newClient();
@@ -145,9 +145,9 @@ 
 	 * @return bool
 	 */
 	private function isUrandomAvailable() {
-		if(@file_exists('/dev/urandom')) {
+		if (@file_exists('/dev/urandom')) {
 			$file = fopen('/dev/urandom', 'rb');
-			if($file) {
+			if ($file) {
 				fclose($file);
 				return true;
 			}
@@ -178,40 +178,40 @@ 
 		// Don't run check when:
 		// 1. Server has `has_internet_connection` set to false
 		// 2. AppStore AND S2S is disabled
-		if(!$this->config->getSystemValue('has_internet_connection', true)) {
+		if (!$this->config->getSystemValue('has_internet_connection', true)) {
 			return '';
 		}
-		if(!$this->config->getSystemValue('appstoreenabled', true)
+		if (!$this->config->getSystemValue('appstoreenabled', true)
 			&& $this->config->getAppValue('files_sharing', 'outgoing_server2server_share_enabled', 'yes') === 'no'
 			&& $this->config->getAppValue('files_sharing', 'incoming_server2server_share_enabled', 'yes') === 'no') {
 			return '';
 		}
 
 		$versionString = $this->getCurlVersion();
-		if(isset($versionString['ssl_version'])) {
+		if (isset($versionString['ssl_version'])) {
 			$versionString = $versionString['ssl_version'];
 		} else {
 			return '';
 		}
 
-		$features = (string)$this->l10n->t('installing and updating apps via the app store or Federated Cloud Sharing');
-		if(!$this->config->getSystemValue('appstoreenabled', true)) {
-			$features = (string)$this->l10n->t('Federated Cloud Sharing');
+		$features = (string) $this->l10n->t('installing and updating apps via the app store or Federated Cloud Sharing');
+		if (!$this->config->getSystemValue('appstoreenabled', true)) {
+			$features = (string) $this->l10n->t('Federated Cloud Sharing');
 		}
 
 		// Check if at least OpenSSL after 1.01d or 1.0.2b
-		if(strpos($versionString, 'OpenSSL/') === 0) {
+		if (strpos($versionString, 'OpenSSL/') === 0) {
 			$majorVersion = substr($versionString, 8, 5);
 			$patchRelease = substr($versionString, 13, 6);
 
-			if(($majorVersion === '1.0.1' && ord($patchRelease) < ord('d')) ||
+			if (($majorVersion === '1.0.1' && ord($patchRelease) < ord('d')) ||
 				($majorVersion === '1.0.2' && ord($patchRelease) < ord('b'))) {
 				return (string) $this->l10n->t('cURL is using an outdated %s version (%s). Please update your operating system or features such as %s will not work reliably.', ['OpenSSL', $versionString, $features]);
 			}
 		}
 
 		// Check if NSS and perform heuristic check
-		if(strpos($versionString, 'NSS/') === 0) {
+		if (strpos($versionString, 'NSS/') === 0) {
 			try {
 				$firstClient = $this->clientService->newClient();
 				$firstClient->get('https://www.owncloud.org/');
@@ -219,7 +219,7 @@ 
 				$secondClient = $this->clientService->newClient();
 				$secondClient->get('https://owncloud.org/');
 			} catch (ClientException $e) {
-				if($e->getResponse()->getStatusCode() === 400) {
+				if ($e->getResponse()->getStatusCode() === 400) {
 					return (string) $this->l10n->t('cURL is using an outdated %s version (%s). Please update your operating system or features such as %s will not work reliably.', ['NSS', $versionString, $features]);
 				}
 			}
@@ -300,13 +300,13 @@ 
 	 * @return DataResponse
 	 */
 	public function getFailedIntegrityCheckFiles() {
-		if(!$this->checker->isCodeCheckEnforced()) {
+		if (!$this->checker->isCodeCheckEnforced()) {
 			return new DataDisplayResponse('Integrity checker has been disabled. Integrity cannot be verified.');
 		}
 
 		$completeResults = $this->checker->getResults();
 
-		if(!empty($completeResults)) {
+		if (!empty($completeResults)) {
 			$formattedTextResponse = 'Technical information
 =====================
 The following list covers which files have failed the integrity check. Please read
@@ -316,12 +316,12 @@ 
 Results
 =======
 ';
-			foreach($completeResults as $context => $contextResult) {
+			foreach ($completeResults as $context => $contextResult) {
 				$formattedTextResponse .= "- $context\n";
 
-				foreach($contextResult as $category => $result) {
+				foreach ($contextResult as $category => $result) {
 					$formattedTextResponse .= "\t- $category\n";
-					if($category !== 'EXCEPTION') {
+					if ($category !== 'EXCEPTION') {
 						foreach ($result as $key => $results) {
 							$formattedTextResponse .= "\t\t- $key\n";
 						}
@@ -364,27 +364,27 @@ 
 
 		$isOpcacheProperlySetUp = true;
 
-		if(!$iniWrapper->getBool('opcache.enable')) {
+		if (!$iniWrapper->getBool('opcache.enable')) {
 			$isOpcacheProperlySetUp = false;
 		}
 
-		if(!$iniWrapper->getBool('opcache.save_comments')) {
+		if (!$iniWrapper->getBool('opcache.save_comments')) {
 			$isOpcacheProperlySetUp = false;
 		}
 
-		if(!$iniWrapper->getBool('opcache.enable_cli')) {
+		if (!$iniWrapper->getBool('opcache.enable_cli')) {
 			$isOpcacheProperlySetUp = false;
 		}
 
-		if($iniWrapper->getNumeric('opcache.max_accelerated_files') < 10000) {
+		if ($iniWrapper->getNumeric('opcache.max_accelerated_files') < 10000) {
 			$isOpcacheProperlySetUp = false;
 		}
 
-		if($iniWrapper->getNumeric('opcache.memory_consumption') < 128) {
+		if ($iniWrapper->getNumeric('opcache.memory_consumption') < 128) {
 			$isOpcacheProperlySetUp = false;
 		}
 
-		if($iniWrapper->getNumeric('opcache.interned_strings_buffer') < 8) {
+		if ($iniWrapper->getNumeric('opcache.interned_strings_buffer') < 8) {
 			$isOpcacheProperlySetUp = false;
 		}
 

Indentation +372 added lines, -372 removed lines

@@ -46,282 +46,282 @@ 
  * @package OC\Settings\Controller
  */
 class CheckSetupController extends Controller {
-	/** @var IConfig */
-	private $config;
-	/** @var IClientService */
-	private $clientService;
-	/** @var \OC_Util */
-	private $util;
-	/** @var IURLGenerator */
-	private $urlGenerator;
-	/** @var IL10N */
-	private $l10n;
-	/** @var Checker */
-	private $checker;
-	/** @var ILogger */
-	private $logger;
-
-	/**
-	 * @param string $AppName
-	 * @param IRequest $request
-	 * @param IConfig $config
-	 * @param IClientService $clientService
-	 * @param IURLGenerator $urlGenerator
-	 * @param \OC_Util $util
-	 * @param IL10N $l10n
-	 * @param Checker $checker
-	 * @param ILogger $logger
-	 */
-	public function __construct($AppName,
-								IRequest $request,
-								IConfig $config,
-								IClientService $clientService,
-								IURLGenerator $urlGenerator,
-								\OC_Util $util,
-								IL10N $l10n,
-								Checker $checker,
-								ILogger $logger) {
-		parent::__construct($AppName, $request);
-		$this->config = $config;
-		$this->clientService = $clientService;
-		$this->util = $util;
-		$this->urlGenerator = $urlGenerator;
-		$this->l10n = $l10n;
-		$this->checker = $checker;
-		$this->logger = $logger;
-	}
-
-	/**
-	 * Checks if the ownCloud server can connect to the internet using HTTPS and HTTP
-	 * @return bool
-	 */
-	private function isInternetConnectionWorking() {
-		if ($this->config->getSystemValue('has_internet_connection', true) === false) {
-			return false;
-		}
-
-		$siteArray = ['www.nextcloud.com',
-						'www.google.com',
-						'www.github.com'];
-
-		foreach($siteArray as $site) {
-			if ($this->isSiteReachable($site)) {
-				return true;
-			}
-		}
-		return false;
-	}
-
-	/**
-	* Chceks if the ownCloud server can connect to a specific URL using both HTTPS and HTTP
-	* @return bool
-	*/
-	private function isSiteReachable($sitename) {
-		$httpSiteName = 'http://' . $sitename . '/';
-		$httpsSiteName = 'https://' . $sitename . '/';
-
-		try {
-			$client = $this->clientService->newClient();
-			$client->get($httpSiteName);
-			$client->get($httpsSiteName);
-		} catch (\Exception $e) {
-			$this->logger->logException($e, ['app' => 'internet_connection_check']);
-			return false;
-		}
-		return true;
-	}
-
-	/**
-	 * Checks whether a local memcache is installed or not
-	 * @return bool
-	 */
-	private function isMemcacheConfigured() {
-		return $this->config->getSystemValue('memcache.local', null) !== null;
-	}
-
-	/**
-	 * Whether /dev/urandom is available to the PHP controller
-	 *
-	 * @return bool
-	 */
-	private function isUrandomAvailable() {
-		if(@file_exists('/dev/urandom')) {
-			$file = fopen('/dev/urandom', 'rb');
-			if($file) {
-				fclose($file);
-				return true;
-			}
-		}
-
-		return false;
-	}
-
-	/**
-	 * Public for the sake of unit-testing
-	 *
-	 * @return array
-	 */
-	protected function getCurlVersion() {
-		return curl_version();
-	}
-
-	/**
-	 * Check if the used  SSL lib is outdated. Older OpenSSL and NSS versions do
-	 * have multiple bugs which likely lead to problems in combination with
-	 * functionality required by ownCloud such as SNI.
-	 *
-	 * @link https://github.com/owncloud/core/issues/17446#issuecomment-122877546
-	 * @link https://bugzilla.redhat.com/show_bug.cgi?id=1241172
-	 * @return string
-	 */
-	private function isUsedTlsLibOutdated() {
-		// Don't run check when:
-		// 1. Server has `has_internet_connection` set to false
-		// 2. AppStore AND S2S is disabled
-		if(!$this->config->getSystemValue('has_internet_connection', true)) {
-			return '';
-		}
-		if(!$this->config->getSystemValue('appstoreenabled', true)
-			&& $this->config->getAppValue('files_sharing', 'outgoing_server2server_share_enabled', 'yes') === 'no'
-			&& $this->config->getAppValue('files_sharing', 'incoming_server2server_share_enabled', 'yes') === 'no') {
-			return '';
-		}
-
-		$versionString = $this->getCurlVersion();
-		if(isset($versionString['ssl_version'])) {
-			$versionString = $versionString['ssl_version'];
-		} else {
-			return '';
-		}
-
-		$features = (string)$this->l10n->t('installing and updating apps via the app store or Federated Cloud Sharing');
-		if(!$this->config->getSystemValue('appstoreenabled', true)) {
-			$features = (string)$this->l10n->t('Federated Cloud Sharing');
-		}
-
-		// Check if at least OpenSSL after 1.01d or 1.0.2b
-		if(strpos($versionString, 'OpenSSL/') === 0) {
-			$majorVersion = substr($versionString, 8, 5);
-			$patchRelease = substr($versionString, 13, 6);
-
-			if(($majorVersion === '1.0.1' && ord($patchRelease) < ord('d')) ||
-				($majorVersion === '1.0.2' && ord($patchRelease) < ord('b'))) {
-				return (string) $this->l10n->t('cURL is using an outdated %s version (%s). Please update your operating system or features such as %s will not work reliably.', ['OpenSSL', $versionString, $features]);
-			}
-		}
-
-		// Check if NSS and perform heuristic check
-		if(strpos($versionString, 'NSS/') === 0) {
-			try {
-				$firstClient = $this->clientService->newClient();
-				$firstClient->get('https://www.owncloud.org/');
-
-				$secondClient = $this->clientService->newClient();
-				$secondClient->get('https://owncloud.org/');
-			} catch (ClientException $e) {
-				if($e->getResponse()->getStatusCode() === 400) {
-					return (string) $this->l10n->t('cURL is using an outdated %s version (%s). Please update your operating system or features such as %s will not work reliably.', ['NSS', $versionString, $features]);
-				}
-			}
-		}
-
-		return '';
-	}
-
-	/**
-	 * Whether the version is outdated
-	 *
-	 * @return bool
-	 */
-	protected function isPhpOutdated() {
-		if (version_compare(PHP_VERSION, '5.5.0') === -1) {
-			return true;
-		}
-
-		return false;
-	}
-
-	/**
-	 * Whether the php version is still supported (at time of release)
-	 * according to: https://secure.php.net/supported-versions.php
-	 *
-	 * @return array
-	 */
-	private function isPhpSupported() {
-		return ['eol' => $this->isPhpOutdated(), 'version' => PHP_VERSION];
-	}
-
-	/**
-	 * Check if the reverse proxy configuration is working as expected
-	 *
-	 * @return bool
-	 */
-	private function forwardedForHeadersWorking() {
-		$trustedProxies = $this->config->getSystemValue('trusted_proxies', []);
-		$remoteAddress = $this->request->getRemoteAddress();
-
-		if (is_array($trustedProxies) && in_array($remoteAddress, $trustedProxies)) {
-			return false;
-		}
-
-		// either not enabled or working correctly
-		return true;
-	}
-
-	/**
-	 * Checks if the correct memcache module for PHP is installed. Only
-	 * fails if memcached is configured and the working module is not installed.
-	 *
-	 * @return bool
-	 */
-	private function isCorrectMemcachedPHPModuleInstalled() {
-		if ($this->config->getSystemValue('memcache.distributed', null) !== '\OC\Memcache\Memcached') {
-			return true;
-		}
-
-		// there are two different memcached modules for PHP
-		// we only support memcached and not memcache
-		// https://code.google.com/p/memcached/wiki/PHPClientComparison
-		return !(!extension_loaded('memcached') && extension_loaded('memcache'));
-	}
-
-	/**
-	 * Checks if set_time_limit is not disabled.
-	 *
-	 * @return bool
-	 */
-	private function isSettimelimitAvailable() {
-		if (function_exists('set_time_limit')
-			&& strpos(@ini_get('disable_functions'), 'set_time_limit') === false) {
-			return true;
-		}
-
-		return false;
-	}
-
-	/**
-	 * @return RedirectResponse
-	 */
-	public function rescanFailedIntegrityCheck() {
-		$this->checker->runInstanceVerification();
-		return new RedirectResponse(
-			$this->urlGenerator->linkToRoute('settings.AdminSettings.index')
-		);
-	}
-
-	/**
-	 * @NoCSRFRequired
-	 * @return DataResponse
-	 */
-	public function getFailedIntegrityCheckFiles() {
-		if(!$this->checker->isCodeCheckEnforced()) {
-			return new DataDisplayResponse('Integrity checker has been disabled. Integrity cannot be verified.');
-		}
-
-		$completeResults = $this->checker->getResults();
-
-		if(!empty($completeResults)) {
-			$formattedTextResponse = 'Technical information
+    /** @var IConfig */
+    private $config;
+    /** @var IClientService */
+    private $clientService;
+    /** @var \OC_Util */
+    private $util;
+    /** @var IURLGenerator */
+    private $urlGenerator;
+    /** @var IL10N */
+    private $l10n;
+    /** @var Checker */
+    private $checker;
+    /** @var ILogger */
+    private $logger;
+
+    /**
+     * @param string $AppName
+     * @param IRequest $request
+     * @param IConfig $config
+     * @param IClientService $clientService
+     * @param IURLGenerator $urlGenerator
+     * @param \OC_Util $util
+     * @param IL10N $l10n
+     * @param Checker $checker
+     * @param ILogger $logger
+     */
+    public function __construct($AppName,
+                                IRequest $request,
+                                IConfig $config,
+                                IClientService $clientService,
+                                IURLGenerator $urlGenerator,
+                                \OC_Util $util,
+                                IL10N $l10n,
+                                Checker $checker,
+                                ILogger $logger) {
+        parent::__construct($AppName, $request);
+        $this->config = $config;
+        $this->clientService = $clientService;
+        $this->util = $util;
+        $this->urlGenerator = $urlGenerator;
+        $this->l10n = $l10n;
+        $this->checker = $checker;
+        $this->logger = $logger;
+    }
+
+    /**
+     * Checks if the ownCloud server can connect to the internet using HTTPS and HTTP
+     * @return bool
+     */
+    private function isInternetConnectionWorking() {
+        if ($this->config->getSystemValue('has_internet_connection', true) === false) {
+            return false;
+        }
+
+        $siteArray = ['www.nextcloud.com',
+                        'www.google.com',
+                        'www.github.com'];
+
+        foreach($siteArray as $site) {
+            if ($this->isSiteReachable($site)) {
+                return true;
+            }
+        }
+        return false;
+    }
+
+    /**
+     * Chceks if the ownCloud server can connect to a specific URL using both HTTPS and HTTP
+     * @return bool
+     */
+    private function isSiteReachable($sitename) {
+        $httpSiteName = 'http://' . $sitename . '/';
+        $httpsSiteName = 'https://' . $sitename . '/';
+
+        try {
+            $client = $this->clientService->newClient();
+            $client->get($httpSiteName);
+            $client->get($httpsSiteName);
+        } catch (\Exception $e) {
+            $this->logger->logException($e, ['app' => 'internet_connection_check']);
+            return false;
+        }
+        return true;
+    }
+
+    /**
+     * Checks whether a local memcache is installed or not
+     * @return bool
+     */
+    private function isMemcacheConfigured() {
+        return $this->config->getSystemValue('memcache.local', null) !== null;
+    }
+
+    /**
+     * Whether /dev/urandom is available to the PHP controller
+     *
+     * @return bool
+     */
+    private function isUrandomAvailable() {
+        if(@file_exists('/dev/urandom')) {
+            $file = fopen('/dev/urandom', 'rb');
+            if($file) {
+                fclose($file);
+                return true;
+            }
+        }
+
+        return false;
+    }
+
+    /**
+     * Public for the sake of unit-testing
+     *
+     * @return array
+     */
+    protected function getCurlVersion() {
+        return curl_version();
+    }
+
+    /**
+     * Check if the used  SSL lib is outdated. Older OpenSSL and NSS versions do
+     * have multiple bugs which likely lead to problems in combination with
+     * functionality required by ownCloud such as SNI.
+     *
+     * @link https://github.com/owncloud/core/issues/17446#issuecomment-122877546
+     * @link https://bugzilla.redhat.com/show_bug.cgi?id=1241172
+     * @return string
+     */
+    private function isUsedTlsLibOutdated() {
+        // Don't run check when:
+        // 1. Server has `has_internet_connection` set to false
+        // 2. AppStore AND S2S is disabled
+        if(!$this->config->getSystemValue('has_internet_connection', true)) {
+            return '';
+        }
+        if(!$this->config->getSystemValue('appstoreenabled', true)
+            && $this->config->getAppValue('files_sharing', 'outgoing_server2server_share_enabled', 'yes') === 'no'
+            && $this->config->getAppValue('files_sharing', 'incoming_server2server_share_enabled', 'yes') === 'no') {
+            return '';
+        }
+
+        $versionString = $this->getCurlVersion();
+        if(isset($versionString['ssl_version'])) {
+            $versionString = $versionString['ssl_version'];
+        } else {
+            return '';
+        }
+
+        $features = (string)$this->l10n->t('installing and updating apps via the app store or Federated Cloud Sharing');
+        if(!$this->config->getSystemValue('appstoreenabled', true)) {
+            $features = (string)$this->l10n->t('Federated Cloud Sharing');
+        }
+
+        // Check if at least OpenSSL after 1.01d or 1.0.2b
+        if(strpos($versionString, 'OpenSSL/') === 0) {
+            $majorVersion = substr($versionString, 8, 5);
+            $patchRelease = substr($versionString, 13, 6);
+
+            if(($majorVersion === '1.0.1' && ord($patchRelease) < ord('d')) ||
+                ($majorVersion === '1.0.2' && ord($patchRelease) < ord('b'))) {
+                return (string) $this->l10n->t('cURL is using an outdated %s version (%s). Please update your operating system or features such as %s will not work reliably.', ['OpenSSL', $versionString, $features]);
+            }
+        }
+
+        // Check if NSS and perform heuristic check
+        if(strpos($versionString, 'NSS/') === 0) {
+            try {
+                $firstClient = $this->clientService->newClient();
+                $firstClient->get('https://www.owncloud.org/');
+
+                $secondClient = $this->clientService->newClient();
+                $secondClient->get('https://owncloud.org/');
+            } catch (ClientException $e) {
+                if($e->getResponse()->getStatusCode() === 400) {
+                    return (string) $this->l10n->t('cURL is using an outdated %s version (%s). Please update your operating system or features such as %s will not work reliably.', ['NSS', $versionString, $features]);
+                }
+            }
+        }
+
+        return '';
+    }
+
+    /**
+     * Whether the version is outdated
+     *
+     * @return bool
+     */
+    protected function isPhpOutdated() {
+        if (version_compare(PHP_VERSION, '5.5.0') === -1) {
+            return true;
+        }
+
+        return false;
+    }
+
+    /**
+     * Whether the php version is still supported (at time of release)
+     * according to: https://secure.php.net/supported-versions.php
+     *
+     * @return array
+     */
+    private function isPhpSupported() {
+        return ['eol' => $this->isPhpOutdated(), 'version' => PHP_VERSION];
+    }
+
+    /**
+     * Check if the reverse proxy configuration is working as expected
+     *
+     * @return bool
+     */
+    private function forwardedForHeadersWorking() {
+        $trustedProxies = $this->config->getSystemValue('trusted_proxies', []);
+        $remoteAddress = $this->request->getRemoteAddress();
+
+        if (is_array($trustedProxies) && in_array($remoteAddress, $trustedProxies)) {
+            return false;
+        }
+
+        // either not enabled or working correctly
+        return true;
+    }
+
+    /**
+     * Checks if the correct memcache module for PHP is installed. Only
+     * fails if memcached is configured and the working module is not installed.
+     *
+     * @return bool
+     */
+    private function isCorrectMemcachedPHPModuleInstalled() {
+        if ($this->config->getSystemValue('memcache.distributed', null) !== '\OC\Memcache\Memcached') {
+            return true;
+        }
+
+        // there are two different memcached modules for PHP
+        // we only support memcached and not memcache
+        // https://code.google.com/p/memcached/wiki/PHPClientComparison
+        return !(!extension_loaded('memcached') && extension_loaded('memcache'));
+    }
+
+    /**
+     * Checks if set_time_limit is not disabled.
+     *
+     * @return bool
+     */
+    private function isSettimelimitAvailable() {
+        if (function_exists('set_time_limit')
+            && strpos(@ini_get('disable_functions'), 'set_time_limit') === false) {
+            return true;
+        }
+
+        return false;
+    }
+
+    /**
+     * @return RedirectResponse
+     */
+    public function rescanFailedIntegrityCheck() {
+        $this->checker->runInstanceVerification();
+        return new RedirectResponse(
+            $this->urlGenerator->linkToRoute('settings.AdminSettings.index')
+        );
+    }
+
+    /**
+     * @NoCSRFRequired
+     * @return DataResponse
+     */
+    public function getFailedIntegrityCheckFiles() {
+        if(!$this->checker->isCodeCheckEnforced()) {
+            return new DataDisplayResponse('Integrity checker has been disabled. Integrity cannot be verified.');
+        }
+
+        $completeResults = $this->checker->getResults();
+
+        if(!empty($completeResults)) {
+            $formattedTextResponse = 'Technical information
 =====================
 The following list covers which files have failed the integrity check. Please read
 the previous linked documentation to learn more about the errors and how to fix
@@ -330,103 +330,103 @@ 
 Results
 =======
 ';
-			foreach($completeResults as $context => $contextResult) {
-				$formattedTextResponse .= "- $context\n";
-
-				foreach($contextResult as $category => $result) {
-					$formattedTextResponse .= "\t- $category\n";
-					if($category !== 'EXCEPTION') {
-						foreach ($result as $key => $results) {
-							$formattedTextResponse .= "\t\t- $key\n";
-						}
-					} else {
-						foreach ($result as $key => $results) {
-							$formattedTextResponse .= "\t\t- $results\n";
-						}
-					}
-
-				}
-			}
-
-			$formattedTextResponse .= '
+            foreach($completeResults as $context => $contextResult) {
+                $formattedTextResponse .= "- $context\n";
+
+                foreach($contextResult as $category => $result) {
+                    $formattedTextResponse .= "\t- $category\n";
+                    if($category !== 'EXCEPTION') {
+                        foreach ($result as $key => $results) {
+                            $formattedTextResponse .= "\t\t- $key\n";
+                        }
+                    } else {
+                        foreach ($result as $key => $results) {
+                            $formattedTextResponse .= "\t\t- $results\n";
+                        }
+                    }
+
+                }
+            }
+
+            $formattedTextResponse .= '
 Raw output
 ==========
 ';
-			$formattedTextResponse .= print_r($completeResults, true);
-		} else {
-			$formattedTextResponse = 'No errors have been found.';
-		}
-
-
-		$response = new DataDisplayResponse(
-			$formattedTextResponse,
-			Http::STATUS_OK,
-			[
-				'Content-Type' => 'text/plain',
-			]
-		);
-
-		return $response;
-	}
-
-	/**
-	 * Checks whether a PHP opcache is properly set up
-	 * @return bool
-	 */
-	protected function isOpcacheProperlySetup() {
-		$iniWrapper = new IniGetWrapper();
-
-		$isOpcacheProperlySetUp = true;
-
-		if(!$iniWrapper->getBool('opcache.enable')) {
-			$isOpcacheProperlySetUp = false;
-		}
-
-		if(!$iniWrapper->getBool('opcache.save_comments')) {
-			$isOpcacheProperlySetUp = false;
-		}
-
-		if(!$iniWrapper->getBool('opcache.enable_cli')) {
-			$isOpcacheProperlySetUp = false;
-		}
-
-		if($iniWrapper->getNumeric('opcache.max_accelerated_files') < 10000) {
-			$isOpcacheProperlySetUp = false;
-		}
-
-		if($iniWrapper->getNumeric('opcache.memory_consumption') < 128) {
-			$isOpcacheProperlySetUp = false;
-		}
-
-		if($iniWrapper->getNumeric('opcache.interned_strings_buffer') < 8) {
-			$isOpcacheProperlySetUp = false;
-		}
-
-		return $isOpcacheProperlySetUp;
-	}
-
-	/**
-	 * @return DataResponse
-	 */
-	public function check() {
-		return new DataResponse(
-			[
-				'serverHasInternetConnection' => $this->isInternetConnectionWorking(),
-				'isMemcacheConfigured' => $this->isMemcacheConfigured(),
-				'memcacheDocs' => $this->urlGenerator->linkToDocs('admin-performance'),
-				'isUrandomAvailable' => $this->isUrandomAvailable(),
-				'securityDocs' => $this->urlGenerator->linkToDocs('admin-security'),
-				'isUsedTlsLibOutdated' => $this->isUsedTlsLibOutdated(),
-				'phpSupported' => $this->isPhpSupported(),
-				'forwardedForHeadersWorking' => $this->forwardedForHeadersWorking(),
-				'reverseProxyDocs' => $this->urlGenerator->linkToDocs('admin-reverse-proxy'),
-				'isCorrectMemcachedPHPModuleInstalled' => $this->isCorrectMemcachedPHPModuleInstalled(),
-				'hasPassedCodeIntegrityCheck' => $this->checker->hasPassedCheck(),
-				'codeIntegrityCheckerDocumentation' => $this->urlGenerator->linkToDocs('admin-code-integrity'),
-				'isOpcacheProperlySetup' => $this->isOpcacheProperlySetup(),
-				'phpOpcacheDocumentation' => $this->urlGenerator->linkToDocs('admin-php-opcache'),
-				'isSettimelimitAvailable' => $this->isSettimelimitAvailable(),
-			]
-		);
-	}
+            $formattedTextResponse .= print_r($completeResults, true);
+        } else {
+            $formattedTextResponse = 'No errors have been found.';
+        }
+
+
+        $response = new DataDisplayResponse(
+            $formattedTextResponse,
+            Http::STATUS_OK,
+            [
+                'Content-Type' => 'text/plain',
+            ]
+        );
+
+        return $response;
+    }
+
+    /**
+     * Checks whether a PHP opcache is properly set up
+     * @return bool
+     */
+    protected function isOpcacheProperlySetup() {
+        $iniWrapper = new IniGetWrapper();
+
+        $isOpcacheProperlySetUp = true;
+
+        if(!$iniWrapper->getBool('opcache.enable')) {
+            $isOpcacheProperlySetUp = false;
+        }
+
+        if(!$iniWrapper->getBool('opcache.save_comments')) {
+            $isOpcacheProperlySetUp = false;
+        }
+
+        if(!$iniWrapper->getBool('opcache.enable_cli')) {
+            $isOpcacheProperlySetUp = false;
+        }
+
+        if($iniWrapper->getNumeric('opcache.max_accelerated_files') < 10000) {
+            $isOpcacheProperlySetUp = false;
+        }
+
+        if($iniWrapper->getNumeric('opcache.memory_consumption') < 128) {
+            $isOpcacheProperlySetUp = false;
+        }
+
+        if($iniWrapper->getNumeric('opcache.interned_strings_buffer') < 8) {
+            $isOpcacheProperlySetUp = false;
+        }
+
+        return $isOpcacheProperlySetUp;
+    }
+
+    /**
+     * @return DataResponse
+     */
+    public function check() {
+        return new DataResponse(
+            [
+                'serverHasInternetConnection' => $this->isInternetConnectionWorking(),
+                'isMemcacheConfigured' => $this->isMemcacheConfigured(),
+                'memcacheDocs' => $this->urlGenerator->linkToDocs('admin-performance'),
+                'isUrandomAvailable' => $this->isUrandomAvailable(),
+                'securityDocs' => $this->urlGenerator->linkToDocs('admin-security'),
+                'isUsedTlsLibOutdated' => $this->isUsedTlsLibOutdated(),
+                'phpSupported' => $this->isPhpSupported(),
+                'forwardedForHeadersWorking' => $this->forwardedForHeadersWorking(),
+                'reverseProxyDocs' => $this->urlGenerator->linkToDocs('admin-reverse-proxy'),
+                'isCorrectMemcachedPHPModuleInstalled' => $this->isCorrectMemcachedPHPModuleInstalled(),
+                'hasPassedCodeIntegrityCheck' => $this->checker->hasPassedCheck(),
+                'codeIntegrityCheckerDocumentation' => $this->urlGenerator->linkToDocs('admin-code-integrity'),
+                'isOpcacheProperlySetup' => $this->isOpcacheProperlySetup(),
+                'phpOpcacheDocumentation' => $this->urlGenerator->linkToDocs('admin-php-opcache'),
+                'isSettimelimitAvailable' => $this->isSettimelimitAvailable(),
+            ]
+        );
+    }
 }

apps/user_ldap/lib/Wizard.php

Doc Comments +1 added lines, -1 removed lines

@@ -1104,7 +1104,7 @@
 	}
 
 	/**
-	 * @param array $reqs
+	 * @param string[] $reqs
 	 * @return bool
 	 */
 	private function checkRequirements($reqs) {

Indentation +1318 added lines, -1318 removed lines

@@ -37,1324 +37,1324 @@
 use OC\ServerNotAvailableException;
 
 class Wizard extends LDAPUtility {
-	/** @var \OCP\IL10N */
-	static protected $l;
-	protected $access;
-	protected $cr;
-	protected $configuration;
-	protected $result;
-	protected $resultCache = array();
-
-	const LRESULT_PROCESSED_OK = 2;
-	const LRESULT_PROCESSED_INVALID = 3;
-	const LRESULT_PROCESSED_SKIP = 4;
-
-	const LFILTER_LOGIN      = 2;
-	const LFILTER_USER_LIST  = 3;
-	const LFILTER_GROUP_LIST = 4;
-
-	const LFILTER_MODE_ASSISTED = 2;
-	const LFILTER_MODE_RAW = 1;
-
-	const LDAP_NW_TIMEOUT = 4;
-
-	/**
-	 * Constructor
-	 * @param Configuration $configuration an instance of Configuration
-	 * @param ILDAPWrapper $ldap an instance of ILDAPWrapper
-	 * @param Access $access
-	 */
-	public function __construct(Configuration $configuration, ILDAPWrapper $ldap, Access $access) {
-		parent::__construct($ldap);
-		$this->configuration = $configuration;
-		if(is_null(Wizard::$l)) {
-			Wizard::$l = \OC::$server->getL10N('user_ldap');
-		}
-		$this->access = $access;
-		$this->result = new WizardResult();
-	}
-
-	public function  __destruct() {
-		if($this->result->hasChanges()) {
-			$this->configuration->saveConfiguration();
-		}
-	}
-
-	/**
-	 * counts entries in the LDAP directory
-	 *
-	 * @param string $filter the LDAP search filter
-	 * @param string $type a string being either 'users' or 'groups';
-	 * @return bool|int
-	 * @throws \Exception
-	 */
-	public function countEntries($filter, $type) {
-		$reqs = array('ldapHost', 'ldapPort', 'ldapBase');
-		if($type === 'users') {
-			$reqs[] = 'ldapUserFilter';
-		}
-		if(!$this->checkRequirements($reqs)) {
-			throw new \Exception('Requirements not met', 400);
-		}
-
-		$attr = array('dn'); // default
-		$limit = 1001;
-		if($type === 'groups') {
-			$result =  $this->access->countGroups($filter, $attr, $limit);
-		} else if($type === 'users') {
-			$result = $this->access->countUsers($filter, $attr, $limit);
-		} else if ($type === 'objects') {
-			$result = $this->access->countObjects($limit);
-		} else {
-			throw new \Exception('internal error: invalid object type', 500);
-		}
-
-		return $result;
-	}
-
-	/**
-	 * formats the return value of a count operation to the string to be
-	 * inserted.
-	 *
-	 * @param bool|int $count
-	 * @return int|string
-	 */
-	private function formatCountResult($count) {
-		$formatted = ($count !== false) ? $count : 0;
-		if($formatted > 1000) {
-			$formatted = '> 1000';
-		}
-		return $formatted;
-	}
-
-	public function countGroups() {
-		$filter = $this->configuration->ldapGroupFilter;
-
-		if(empty($filter)) {
-			$output = self::$l->n('%s group found', '%s groups found', 0, array(0));
-			$this->result->addChange('ldap_group_count', $output);
-			return $this->result;
-		}
-
-		try {
-			$groupsTotal = $this->formatCountResult($this->countEntries($filter, 'groups'));
-		} catch (\Exception $e) {
-			//400 can be ignored, 500 is forwarded
-			if($e->getCode() === 500) {
-				throw $e;
-			}
-			return false;
-		}
-		$output = self::$l->n('%s group found', '%s groups found', $groupsTotal, array($groupsTotal));
-		$this->result->addChange('ldap_group_count', $output);
-		return $this->result;
-	}
-
-	/**
-	 * @return WizardResult
-	 * @throws \Exception
-	 */
-	public function countUsers() {
-		$filter = $this->access->getFilterForUserCount();
-
-		$usersTotal = $this->formatCountResult($this->countEntries($filter, 'users'));
-		$output = self::$l->n('%s user found', '%s users found', $usersTotal, array($usersTotal));
-		$this->result->addChange('ldap_user_count', $output);
-		return $this->result;
-	}
-
-	/**
-	 * counts any objects in the currently set base dn
-	 *
-	 * @return WizardResult
-	 * @throws \Exception
-	 */
-	public function countInBaseDN() {
-		// we don't need to provide a filter in this case
-		$total = $this->countEntries(null, 'objects');
-		if($total === false) {
-			throw new \Exception('invalid results received');
-		}
-		$this->result->addChange('ldap_test_base', $total);
-		return $this->result;
-	}
-
-	/**
-	 * counts users with a specified attribute
-	 * @param string $attr
-	 * @param bool $existsCheck
-	 * @return int|bool
-	 */
-	public function countUsersWithAttribute($attr, $existsCheck = false) {
-		if(!$this->checkRequirements(array('ldapHost',
-										   'ldapPort',
-										   'ldapBase',
-										   'ldapUserFilter',
-										   ))) {
-			return  false;
-		}
-
-		$filter = $this->access->combineFilterWithAnd(array(
-			$this->configuration->ldapUserFilter,
-			$attr . '=*'
-		));
-
-		$limit = ($existsCheck === false) ? null : 1;
-
-		return $this->access->countUsers($filter, array('dn'), $limit);
-	}
-
-	/**
-	 * detects the display name attribute. If a setting is already present that
-	 * returns at least one hit, the detection will be canceled.
-	 * @return WizardResult|bool
-	 * @throws \Exception
-	 */
-	public function detectUserDisplayNameAttribute() {
-		if(!$this->checkRequirements(array('ldapHost',
-										'ldapPort',
-										'ldapBase',
-										'ldapUserFilter',
-										))) {
-			return  false;
-		}
-
-		$attr = $this->configuration->ldapUserDisplayName;
-		if ($attr !== '' && $attr !== 'displayName') {
-			// most likely not the default value with upper case N,
-			// verify it still produces a result
-			$count = intval($this->countUsersWithAttribute($attr, true));
-			if($count > 0) {
-				//no change, but we sent it back to make sure the user interface
-				//is still correct, even if the ajax call was cancelled meanwhile
-				$this->result->addChange('ldap_display_name', $attr);
-				return $this->result;
-			}
-		}
-
-		// first attribute that has at least one result wins
-		$displayNameAttrs = array('displayname', 'cn');
-		foreach ($displayNameAttrs as $attr) {
-			$count = intval($this->countUsersWithAttribute($attr, true));
-
-			if($count > 0) {
-				$this->applyFind('ldap_display_name', $attr);
-				return $this->result;
-			}
-		};
-
-		throw new \Exception(self::$l->t('Could not detect user display name attribute. Please specify it yourself in advanced ldap settings.'));
-	}
-
-	/**
-	 * detects the most often used email attribute for users applying to the
-	 * user list filter. If a setting is already present that returns at least
-	 * one hit, the detection will be canceled.
-	 * @return WizardResult|bool
-	 */
-	public function detectEmailAttribute() {
-		if(!$this->checkRequirements(array('ldapHost',
-										   'ldapPort',
-										   'ldapBase',
-										   'ldapUserFilter',
-										   ))) {
-			return  false;
-		}
-
-		$attr = $this->configuration->ldapEmailAttribute;
-		if ($attr !== '') {
-			$count = intval($this->countUsersWithAttribute($attr, true));
-			if($count > 0) {
-				return false;
-			}
-			$writeLog = true;
-		} else {
-			$writeLog = false;
-		}
-
-		$emailAttributes = array('mail', 'mailPrimaryAddress');
-		$winner = '';
-		$maxUsers = 0;
-		foreach($emailAttributes as $attr) {
-			$count = $this->countUsersWithAttribute($attr);
-			if($count > $maxUsers) {
-				$maxUsers = $count;
-				$winner = $attr;
-			}
-		}
-
-		if($winner !== '') {
-			$this->applyFind('ldap_email_attr', $winner);
-			if($writeLog) {
-				\OCP\Util::writeLog('user_ldap', 'The mail attribute has ' .
-					'automatically been reset, because the original value ' .
-					'did not return any results.', \OCP\Util::INFO);
-			}
-		}
-
-		return $this->result;
-	}
-
-	/**
-	 * @return WizardResult
-	 * @throws \Exception
-	 */
-	public function determineAttributes() {
-		if(!$this->checkRequirements(array('ldapHost',
-										   'ldapPort',
-										   'ldapBase',
-										   'ldapUserFilter',
-										   ))) {
-			return  false;
-		}
-
-		$attributes = $this->getUserAttributes();
-
-		natcasesort($attributes);
-		$attributes = array_values($attributes);
-
-		$this->result->addOptions('ldap_loginfilter_attributes', $attributes);
-
-		$selected = $this->configuration->ldapLoginFilterAttributes;
-		if(is_array($selected) && !empty($selected)) {
-			$this->result->addChange('ldap_loginfilter_attributes', $selected);
-		}
-
-		return $this->result;
-	}
-
-	/**
-	 * detects the available LDAP attributes
-	 * @return array|false The instance's WizardResult instance
-	 * @throws \Exception
-	 */
-	private function getUserAttributes() {
-		if(!$this->checkRequirements(array('ldapHost',
-										   'ldapPort',
-										   'ldapBase',
-										   'ldapUserFilter',
-										   ))) {
-			return  false;
-		}
-		$cr = $this->getConnection();
-		if(!$cr) {
-			throw new \Exception('Could not connect to LDAP');
-		}
-
-		$base = $this->configuration->ldapBase[0];
-		$filter = $this->configuration->ldapUserFilter;
-		$rr = $this->ldap->search($cr, $base, $filter, array(), 1, 1);
-		if(!$this->ldap->isResource($rr)) {
-			return false;
-		}
-		$er = $this->ldap->firstEntry($cr, $rr);
-		$attributes = $this->ldap->getAttributes($cr, $er);
-		$pureAttributes = array();
-		for($i = 0; $i < $attributes['count']; $i++) {
-			$pureAttributes[] = $attributes[$i];
-		}
-
-		return $pureAttributes;
-	}
-
-	/**
-	 * detects the available LDAP groups
-	 * @return WizardResult|false the instance's WizardResult instance
-	 */
-	public function determineGroupsForGroups() {
-		return $this->determineGroups('ldap_groupfilter_groups',
-									  'ldapGroupFilterGroups',
-									  false);
-	}
-
-	/**
-	 * detects the available LDAP groups
-	 * @return WizardResult|false the instance's WizardResult instance
-	 */
-	public function determineGroupsForUsers() {
-		return $this->determineGroups('ldap_userfilter_groups',
-									  'ldapUserFilterGroups');
-	}
-
-	/**
-	 * detects the available LDAP groups
-	 * @param string $dbKey
-	 * @param string $confKey
-	 * @param bool $testMemberOf
-	 * @return WizardResult|false the instance's WizardResult instance
-	 * @throws \Exception
-	 */
-	private function determineGroups($dbKey, $confKey, $testMemberOf = true) {
-		if(!$this->checkRequirements(array('ldapHost',
-										   'ldapPort',
-										   'ldapBase',
-										   ))) {
-			return  false;
-		}
-		$cr = $this->getConnection();
-		if(!$cr) {
-			throw new \Exception('Could not connect to LDAP');
-		}
-
-		$this->fetchGroups($dbKey, $confKey);
-
-		if($testMemberOf) {
-			$this->configuration->hasMemberOfFilterSupport = $this->testMemberOf();
-			$this->result->markChange();
-			if(!$this->configuration->hasMemberOfFilterSupport) {
-				throw new \Exception('memberOf is not supported by the server');
-			}
-		}
-
-		return $this->result;
-	}
-
-	/**
-	 * fetches all groups from LDAP and adds them to the result object
-	 *
-	 * @param string $dbKey
-	 * @param string $confKey
-	 * @return array $groupEntries
-	 * @throws \Exception
-	 */
-	public function fetchGroups($dbKey, $confKey) {
-		$obclasses = array('posixGroup', 'group', 'zimbraDistributionList', 'groupOfNames');
-
-		$filterParts = array();
-		foreach($obclasses as $obclass) {
-			$filterParts[] = 'objectclass='.$obclass;
-		}
-		//we filter for everything
-		//- that looks like a group and
-		//- has the group display name set
-		$filter = $this->access->combineFilterWithOr($filterParts);
-		$filter = $this->access->combineFilterWithAnd(array($filter, 'cn=*'));
-
-		$groupNames = array();
-		$groupEntries = array();
-		$limit = 400;
-		$offset = 0;
-		do {
-			// we need to request dn additionally here, otherwise memberOf
-			// detection will fail later
-			$result = $this->access->searchGroups($filter, array('cn', 'dn'), $limit, $offset);
-			foreach($result as $item) {
-				if(!isset($item['cn']) && !is_array($item['cn']) && !isset($item['cn'][0])) {
-					// just in case - no issue known
-					continue;
-				}
-				$groupNames[] = $item['cn'][0];
-				$groupEntries[] = $item;
-			}
-			$offset += $limit;
-		} while ($this->access->hasMoreResults());
-
-		if(count($groupNames) > 0) {
-			natsort($groupNames);
-			$this->result->addOptions($dbKey, array_values($groupNames));
-		} else {
-			throw new \Exception(self::$l->t('Could not find the desired feature'));
-		}
-
-		$setFeatures = $this->configuration->$confKey;
-		if(is_array($setFeatures) && !empty($setFeatures)) {
-			//something is already configured? pre-select it.
-			$this->result->addChange($dbKey, $setFeatures);
-		}
-		return $groupEntries;
-	}
-
-	public function determineGroupMemberAssoc() {
-		if(!$this->checkRequirements(array('ldapHost',
-										   'ldapPort',
-										   'ldapGroupFilter',
-										   ))) {
-			return  false;
-		}
-		$attribute = $this->detectGroupMemberAssoc();
-		if($attribute === false) {
-			return false;
-		}
-		$this->configuration->setConfiguration(array('ldapGroupMemberAssocAttr' => $attribute));
-		$this->result->addChange('ldap_group_member_assoc_attribute', $attribute);
-
-		return $this->result;
-	}
-
-	/**
-	 * Detects the available object classes
-	 * @return WizardResult|false the instance's WizardResult instance
-	 * @throws \Exception
-	 */
-	public function determineGroupObjectClasses() {
-		if(!$this->checkRequirements(array('ldapHost',
-										   'ldapPort',
-										   'ldapBase',
-										   ))) {
-			return  false;
-		}
-		$cr = $this->getConnection();
-		if(!$cr) {
-			throw new \Exception('Could not connect to LDAP');
-		}
-
-		$obclasses = array('groupOfNames', 'groupOfUniqueNames', 'group', 'posixGroup', '*');
-		$this->determineFeature($obclasses,
-								'objectclass',
-								'ldap_groupfilter_objectclass',
-								'ldapGroupFilterObjectclass',
-								false);
-
-		return $this->result;
-	}
-
-	/**
-	 * detects the available object classes
-	 * @return WizardResult
-	 * @throws \Exception
-	 */
-	public function determineUserObjectClasses() {
-		if(!$this->checkRequirements(array('ldapHost',
-										   'ldapPort',
-										   'ldapBase',
-										   ))) {
-			return  false;
-		}
-		$cr = $this->getConnection();
-		if(!$cr) {
-			throw new \Exception('Could not connect to LDAP');
-		}
-
-		$obclasses = array('inetOrgPerson', 'person', 'organizationalPerson',
-						   'user', 'posixAccount', '*');
-		$filter = $this->configuration->ldapUserFilter;
-		//if filter is empty, it is probably the first time the wizard is called
-		//then, apply suggestions.
-		$this->determineFeature($obclasses,
-								'objectclass',
-								'ldap_userfilter_objectclass',
-								'ldapUserFilterObjectclass',
-								empty($filter));
-
-		return $this->result;
-	}
-
-	/**
-	 * @return WizardResult|false
-	 * @throws \Exception
-	 */
-	public function getGroupFilter() {
-		if(!$this->checkRequirements(array('ldapHost',
-										   'ldapPort',
-										   'ldapBase',
-										   ))) {
-			return false;
-		}
-		//make sure the use display name is set
-		$displayName = $this->configuration->ldapGroupDisplayName;
-		if ($displayName === '') {
-			$d = $this->configuration->getDefaults();
-			$this->applyFind('ldap_group_display_name',
-							 $d['ldap_group_display_name']);
-		}
-		$filter = $this->composeLdapFilter(self::LFILTER_GROUP_LIST);
-
-		$this->applyFind('ldap_group_filter', $filter);
-		return $this->result;
-	}
-
-	/**
-	 * @return WizardResult|false
-	 * @throws \Exception
-	 */
-	public function getUserListFilter() {
-		if(!$this->checkRequirements(array('ldapHost',
-										   'ldapPort',
-										   'ldapBase',
-										   ))) {
-			return false;
-		}
-		//make sure the use display name is set
-		$displayName = $this->configuration->ldapUserDisplayName;
-		if ($displayName === '') {
-			$d = $this->configuration->getDefaults();
-			$this->applyFind('ldap_display_name', $d['ldap_display_name']);
-		}
-		$filter = $this->composeLdapFilter(self::LFILTER_USER_LIST);
-		if(!$filter) {
-			throw new \Exception('Cannot create filter');
-		}
-
-		$this->applyFind('ldap_userlist_filter', $filter);
-		return $this->result;
-	}
-
-	/**
-	 * @return bool|WizardResult
-	 * @throws \Exception
-	 */
-	public function getUserLoginFilter() {
-		if(!$this->checkRequirements(array('ldapHost',
-										   'ldapPort',
-										   'ldapBase',
-										   'ldapUserFilter',
-										   ))) {
-			return false;
-		}
-
-		$filter = $this->composeLdapFilter(self::LFILTER_LOGIN);
-		if(!$filter) {
-			throw new \Exception('Cannot create filter');
-		}
-
-		$this->applyFind('ldap_login_filter', $filter);
-		return $this->result;
-	}
-
-	/**
-	 * @return bool|WizardResult
-	 * @param string $loginName
-	 * @throws \Exception
-	 */
-	public function testLoginName($loginName) {
-		if(!$this->checkRequirements(array('ldapHost',
-			'ldapPort',
-			'ldapBase',
-			'ldapLoginFilter',
-		))) {
-			return false;
-		}
-
-		$cr = $this->access->connection->getConnectionResource();
-		if(!$this->ldap->isResource($cr)) {
-			throw new \Exception('connection error');
-		}
-
-		if(mb_strpos($this->access->connection->ldapLoginFilter, '%uid', 0, 'UTF-8')
-			=== false) {
-			throw new \Exception('missing placeholder');
-		}
-
-		$users = $this->access->countUsersByLoginName($loginName);
-		if($this->ldap->errno($cr) !== 0) {
-			throw new \Exception($this->ldap->error($cr));
-		}
-		$filter = str_replace('%uid', $loginName, $this->access->connection->ldapLoginFilter);
-		$this->result->addChange('ldap_test_loginname', $users);
-		$this->result->addChange('ldap_test_effective_filter', $filter);
-		return $this->result;
-	}
-
-	/**
-	 * Tries to determine the port, requires given Host, User DN and Password
-	 * @return WizardResult|false WizardResult on success, false otherwise
-	 * @throws \Exception
-	 */
-	public function guessPortAndTLS() {
-		if(!$this->checkRequirements(array('ldapHost',
-										   ))) {
-			return false;
-		}
-		$this->checkHost();
-		$portSettings = $this->getPortSettingsToTry();
-
-		if(!is_array($portSettings)) {
-			throw new \Exception(print_r($portSettings, true));
-		}
-
-		//proceed from the best configuration and return on first success
-		foreach($portSettings as $setting) {
-			$p = $setting['port'];
-			$t = $setting['tls'];
-			\OCP\Util::writeLog('user_ldap', 'Wiz: trying port '. $p . ', TLS '. $t, \OCP\Util::DEBUG);
-			//connectAndBind may throw Exception, it needs to be catched by the
-			//callee of this method
-
-			try {
-				$settingsFound = $this->connectAndBind($p, $t);
-			} catch (\Exception $e) {
-				// any reply other than -1 (= cannot connect) is already okay,
-				// because then we found the server
-				// unavailable startTLS returns -11
-				if($e->getCode() > 0) {
-					$settingsFound = true;
-				} else {
-					throw $e;
-				}
-			}
-
-			if ($settingsFound === true) {
-				$config = array(
-					'ldapPort' => $p,
-					'ldapTLS' => intval($t)
-				);
-				$this->configuration->setConfiguration($config);
-				\OCP\Util::writeLog('user_ldap', 'Wiz: detected Port ' . $p, \OCP\Util::DEBUG);
-				$this->result->addChange('ldap_port', $p);
-				return $this->result;
-			}
-		}
-
-		//custom port, undetected (we do not brute force)
-		return false;
-	}
-
-	/**
-	 * tries to determine a base dn from User DN or LDAP Host
-	 * @return WizardResult|false WizardResult on success, false otherwise
-	 */
-	public function guessBaseDN() {
-		if(!$this->checkRequirements(array('ldapHost',
-										   'ldapPort',
-										   ))) {
-			return false;
-		}
-
-		//check whether a DN is given in the agent name (99.9% of all cases)
-		$base = null;
-		$i = stripos($this->configuration->ldapAgentName, 'dc=');
-		if($i !== false) {
-			$base = substr($this->configuration->ldapAgentName, $i);
-			if($this->testBaseDN($base)) {
-				$this->applyFind('ldap_base', $base);
-				return $this->result;
-			}
-		}
-
-		//this did not help :(
-		//Let's see whether we can parse the Host URL and convert the domain to
-		//a base DN
-		$helper = new Helper(\OC::$server->getConfig());
-		$domain = $helper->getDomainFromURL($this->configuration->ldapHost);
-		if(!$domain) {
-			return false;
-		}
-
-		$dparts = explode('.', $domain);
-		while(count($dparts) > 0) {
-			$base2 = 'dc=' . implode(',dc=', $dparts);
-			if ($base !== $base2 && $this->testBaseDN($base2)) {
-				$this->applyFind('ldap_base', $base2);
-				return $this->result;
-			}
-			array_shift($dparts);
-		}
-
-		return false;
-	}
-
-	/**
-	 * sets the found value for the configuration key in the WizardResult
-	 * as well as in the Configuration instance
-	 * @param string $key the configuration key
-	 * @param string $value the (detected) value
-	 *
-	 */
-	private function applyFind($key, $value) {
-		$this->result->addChange($key, $value);
-		$this->configuration->setConfiguration(array($key => $value));
-	}
-
-	/**
-	 * Checks, whether a port was entered in the Host configuration
-	 * field. In this case the port will be stripped off, but also stored as
-	 * setting.
-	 */
-	private function checkHost() {
-		$host = $this->configuration->ldapHost;
-		$hostInfo = parse_url($host);
-
-		//removes Port from Host
-		if(is_array($hostInfo) && isset($hostInfo['port'])) {
-			$port = $hostInfo['port'];
-			$host = str_replace(':'.$port, '', $host);
-			$this->applyFind('ldap_host', $host);
-			$this->applyFind('ldap_port', $port);
-		}
-	}
-
-	/**
-	 * tries to detect the group member association attribute which is
-	 * one of 'uniqueMember', 'memberUid', 'member'
-	 * @return string|false, string with the attribute name, false on error
-	 * @throws \Exception
-	 */
-	private function detectGroupMemberAssoc() {
-		$possibleAttrs = array('uniqueMember', 'memberUid', 'member');
-		$filter = $this->configuration->ldapGroupFilter;
-		if(empty($filter)) {
-			return false;
-		}
-		$cr = $this->getConnection();
-		if(!$cr) {
-			throw new \Exception('Could not connect to LDAP');
-		}
-		$base = $this->configuration->ldapBase[0];
-		$rr = $this->ldap->search($cr, $base, $filter, $possibleAttrs, 0, 1000);
-		if(!$this->ldap->isResource($rr)) {
-			return false;
-		}
-		$er = $this->ldap->firstEntry($cr, $rr);
-		while(is_resource($er)) {
-			$this->ldap->getDN($cr, $er);
-			$attrs = $this->ldap->getAttributes($cr, $er);
-			$result = array();
-			$possibleAttrsCount = count($possibleAttrs);
-			for($i = 0; $i < $possibleAttrsCount; $i++) {
-				if(isset($attrs[$possibleAttrs[$i]])) {
-					$result[$possibleAttrs[$i]] = $attrs[$possibleAttrs[$i]]['count'];
-				}
-			}
-			if(!empty($result)) {
-				natsort($result);
-				return key($result);
-			}
-
-			$er = $this->ldap->nextEntry($cr, $er);
-		}
-
-		return false;
-	}
-
-	/**
-	 * Checks whether for a given BaseDN results will be returned
-	 * @param string $base the BaseDN to test
-	 * @return bool true on success, false otherwise
-	 * @throws \Exception
-	 */
-	private function testBaseDN($base) {
-		$cr = $this->getConnection();
-		if(!$cr) {
-			throw new \Exception('Could not connect to LDAP');
-		}
-
-		//base is there, let's validate it. If we search for anything, we should
-		//get a result set > 0 on a proper base
-		$rr = $this->ldap->search($cr, $base, 'objectClass=*', array('dn'), 0, 1);
-		if(!$this->ldap->isResource($rr)) {
-			$errorNo  = $this->ldap->errno($cr);
-			$errorMsg = $this->ldap->error($cr);
-			\OCP\Util::writeLog('user_ldap', 'Wiz: Could not search base '.$base.
-							' Error '.$errorNo.': '.$errorMsg, \OCP\Util::INFO);
-			return false;
-		}
-		$entries = $this->ldap->countEntries($cr, $rr);
-		return ($entries !== false) && ($entries > 0);
-	}
-
-	/**
-	 * Checks whether the server supports memberOf in LDAP Filter.
-	 * Note: at least in OpenLDAP, availability of memberOf is dependent on
-	 * a configured objectClass. I.e. not necessarily for all available groups
-	 * memberOf does work.
-	 *
-	 * @return bool true if it does, false otherwise
-	 * @throws \Exception
-	 */
-	private function testMemberOf() {
-		$cr = $this->getConnection();
-		if(!$cr) {
-			throw new \Exception('Could not connect to LDAP');
-		}
-		$result = $this->access->countUsers('memberOf=*', array('memberOf'), 1);
-		if(is_int($result) &&  $result > 0) {
-			return true;
-		}
-		return false;
-	}
-
-	/**
-	 * creates an LDAP Filter from given configuration
-	 * @param integer $filterType int, for which use case the filter shall be created
-	 * can be any of self::LFILTER_USER_LIST, self::LFILTER_LOGIN or
-	 * self::LFILTER_GROUP_LIST
-	 * @return string|false string with the filter on success, false otherwise
-	 * @throws \Exception
-	 */
-	private function composeLdapFilter($filterType) {
-		$filter = '';
-		$parts = 0;
-		switch ($filterType) {
-			case self::LFILTER_USER_LIST:
-				$objcs = $this->configuration->ldapUserFilterObjectclass;
-				//glue objectclasses
-				if(is_array($objcs) && count($objcs) > 0) {
-					$filter .= '(|';
-					foreach($objcs as $objc) {
-						$filter .= '(objectclass=' . $objc . ')';
-					}
-					$filter .= ')';
-					$parts++;
-				}
-				//glue group memberships
-				if($this->configuration->hasMemberOfFilterSupport) {
-					$cns = $this->configuration->ldapUserFilterGroups;
-					if(is_array($cns) && count($cns) > 0) {
-						$filter .= '(|';
-						$cr = $this->getConnection();
-						if(!$cr) {
-							throw new \Exception('Could not connect to LDAP');
-						}
-						$base = $this->configuration->ldapBase[0];
-						foreach($cns as $cn) {
-							$rr = $this->ldap->search($cr, $base, 'cn=' . $cn, array('dn', 'primaryGroupToken'));
-							if(!$this->ldap->isResource($rr)) {
-								continue;
-							}
-							$er = $this->ldap->firstEntry($cr, $rr);
-							$attrs = $this->ldap->getAttributes($cr, $er);
-							$dn = $this->ldap->getDN($cr, $er);
-							if ($dn == false || $dn === '') {
-								continue;
-							}
-							$filterPart = '(memberof=' . $dn . ')';
-							if(isset($attrs['primaryGroupToken'])) {
-								$pgt = $attrs['primaryGroupToken'][0];
-								$primaryFilterPart = '(primaryGroupID=' . $pgt .')';
-								$filterPart = '(|' . $filterPart . $primaryFilterPart . ')';
-							}
-							$filter .= $filterPart;
-						}
-						$filter .= ')';
-					}
-					$parts++;
-				}
-				//wrap parts in AND condition
-				if($parts > 1) {
-					$filter = '(&' . $filter . ')';
-				}
-				if ($filter === '') {
-					$filter = '(objectclass=*)';
-				}
-				break;
-
-			case self::LFILTER_GROUP_LIST:
-				$objcs = $this->configuration->ldapGroupFilterObjectclass;
-				//glue objectclasses
-				if(is_array($objcs) && count($objcs) > 0) {
-					$filter .= '(|';
-					foreach($objcs as $objc) {
-						$filter .= '(objectclass=' . $objc . ')';
-					}
-					$filter .= ')';
-					$parts++;
-				}
-				//glue group memberships
-				$cns = $this->configuration->ldapGroupFilterGroups;
-				if(is_array($cns) && count($cns) > 0) {
-					$filter .= '(|';
-					foreach($cns as $cn) {
-						$filter .= '(cn=' . $cn . ')';
-					}
-					$filter .= ')';
-				}
-				$parts++;
-				//wrap parts in AND condition
-				if($parts > 1) {
-					$filter = '(&' . $filter . ')';
-				}
-				break;
-
-			case self::LFILTER_LOGIN:
-				$ulf = $this->configuration->ldapUserFilter;
-				$loginpart = '=%uid';
-				$filterUsername = '';
-				$userAttributes = $this->getUserAttributes();
-				$userAttributes = array_change_key_case(array_flip($userAttributes));
-				$parts = 0;
-
-				if($this->configuration->ldapLoginFilterUsername === '1') {
-					$attr = '';
-					if(isset($userAttributes['uid'])) {
-						$attr = 'uid';
-					} else if(isset($userAttributes['samaccountname'])) {
-						$attr = 'samaccountname';
-					} else if(isset($userAttributes['cn'])) {
-						//fallback
-						$attr = 'cn';
-					}
-					if ($attr !== '') {
-						$filterUsername = '(' . $attr . $loginpart . ')';
-						$parts++;
-					}
-				}
-
-				$filterEmail = '';
-				if($this->configuration->ldapLoginFilterEmail === '1') {
-					$filterEmail = '(|(mailPrimaryAddress=%uid)(mail=%uid))';
-					$parts++;
-				}
-
-				$filterAttributes = '';
-				$attrsToFilter = $this->configuration->ldapLoginFilterAttributes;
-				if(is_array($attrsToFilter) && count($attrsToFilter) > 0) {
-					$filterAttributes = '(|';
-					foreach($attrsToFilter as $attribute) {
-						$filterAttributes .= '(' . $attribute . $loginpart . ')';
-					}
-					$filterAttributes .= ')';
-					$parts++;
-				}
-
-				$filterLogin = '';
-				if($parts > 1) {
-					$filterLogin = '(|';
-				}
-				$filterLogin .= $filterUsername;
-				$filterLogin .= $filterEmail;
-				$filterLogin .= $filterAttributes;
-				if($parts > 1) {
-					$filterLogin .= ')';
-				}
-
-				$filter = '(&'.$ulf.$filterLogin.')';
-				break;
-		}
-
-		\OCP\Util::writeLog('user_ldap', 'Wiz: Final filter '.$filter, \OCP\Util::DEBUG);
-
-		return $filter;
-	}
-
-	/**
-	 * Connects and Binds to an LDAP Server
-	 * @param int $port the port to connect with
-	 * @param bool $tls whether startTLS is to be used
-	 * @param bool $ncc
-	 * @return bool
-	 * @throws \Exception
-	 */
-	private function connectAndBind($port = 389, $tls = false, $ncc = false) {
-		if($ncc) {
-			//No certificate check
-			//FIXME: undo afterwards
-			putenv('LDAPTLS_REQCERT=never');
-		}
-
-		//connect, does not really trigger any server communication
-		\OCP\Util::writeLog('user_ldap', 'Wiz: Checking Host Info ', \OCP\Util::DEBUG);
-		$host = $this->configuration->ldapHost;
-		$hostInfo = parse_url($host);
-		if(!$hostInfo) {
-			throw new \Exception(self::$l->t('Invalid Host'));
-		}
-		\OCP\Util::writeLog('user_ldap', 'Wiz: Attempting to connect ', \OCP\Util::DEBUG);
-		$cr = $this->ldap->connect($host, $port);
-		if(!is_resource($cr)) {
-			throw new \Exception(self::$l->t('Invalid Host'));
-		}
-
-		\OCP\Util::writeLog('user_ldap', 'Wiz: Setting LDAP Options ', \OCP\Util::DEBUG);
-		//set LDAP options
-		$this->ldap->setOption($cr, LDAP_OPT_PROTOCOL_VERSION, 3);
-		$this->ldap->setOption($cr, LDAP_OPT_REFERRALS, 0);
-		$this->ldap->setOption($cr, LDAP_OPT_NETWORK_TIMEOUT, self::LDAP_NW_TIMEOUT);
-
-		try {
-			if($tls) {
-				$isTlsWorking = @$this->ldap->startTls($cr);
-				if(!$isTlsWorking) {
-					return false;
-				}
-			}
-
-			\OCP\Util::writeLog('user_ldap', 'Wiz: Attemping to Bind ', \OCP\Util::DEBUG);
-			//interesting part: do the bind!
-			$login = $this->ldap->bind($cr,
-				$this->configuration->ldapAgentName,
-				$this->configuration->ldapAgentPassword
-			);
-			$errNo = $this->ldap->errno($cr);
-			$error = ldap_error($cr);
-			$this->ldap->unbind($cr);
-		} catch(ServerNotAvailableException $e) {
-			return false;
-		}
-
-		if($login === true) {
-			$this->ldap->unbind($cr);
-			if($ncc) {
-				throw new \Exception('Certificate cannot be validated.');
-			}
-			\OCP\Util::writeLog('user_ldap', 'Wiz: Bind successful to Port '. $port . ' TLS ' . intval($tls), \OCP\Util::DEBUG);
-			return true;
-		}
-
-		if($errNo === -1 || ($errNo === 2 && $ncc)) {
-			//host, port or TLS wrong
-			return false;
-		} else if ($errNo === 2) {
-			return $this->connectAndBind($port, $tls, true);
-		}
-		throw new \Exception($error, $errNo);
-	}
-
-	/**
-	 * checks whether a valid combination of agent and password has been
-	 * provided (either two values or nothing for anonymous connect)
-	 * @return bool, true if everything is fine, false otherwise
-	 */
-	private function checkAgentRequirements() {
-		$agent = $this->configuration->ldapAgentName;
-		$pwd = $this->configuration->ldapAgentPassword;
-
-		return
-			($agent !== '' && $pwd !== '')
-			||  ($agent === '' && $pwd === '')
-		;
-	}
-
-	/**
-	 * @param array $reqs
-	 * @return bool
-	 */
-	private function checkRequirements($reqs) {
-		$this->checkAgentRequirements();
-		foreach($reqs as $option) {
-			$value = $this->configuration->$option;
-			if(empty($value)) {
-				return false;
-			}
-		}
-		return true;
-	}
-
-	/**
-	 * does a cumulativeSearch on LDAP to get different values of a
-	 * specified attribute
-	 * @param string[] $filters array, the filters that shall be used in the search
-	 * @param string $attr the attribute of which a list of values shall be returned
-	 * @param int $dnReadLimit the amount of how many DNs should be analyzed.
-	 * The lower, the faster
-	 * @param string $maxF string. if not null, this variable will have the filter that
-	 * yields most result entries
-	 * @return array|false an array with the values on success, false otherwise
-	 */
-	public function cumulativeSearchOnAttribute($filters, $attr, $dnReadLimit = 3, &$maxF = null) {
-		$dnRead = array();
-		$foundItems = array();
-		$maxEntries = 0;
-		if(!is_array($this->configuration->ldapBase)
-		   || !isset($this->configuration->ldapBase[0])) {
-			return false;
-		}
-		$base = $this->configuration->ldapBase[0];
-		$cr = $this->getConnection();
-		if(!$this->ldap->isResource($cr)) {
-			return false;
-		}
-		$lastFilter = null;
-		if(isset($filters[count($filters)-1])) {
-			$lastFilter = $filters[count($filters)-1];
-		}
-		foreach($filters as $filter) {
-			if($lastFilter === $filter && count($foundItems) > 0) {
-				//skip when the filter is a wildcard and results were found
-				continue;
-			}
-			// 20k limit for performance and reason
-			$rr = $this->ldap->search($cr, $base, $filter, array($attr), 0, 20000);
-			if(!$this->ldap->isResource($rr)) {
-				continue;
-			}
-			$entries = $this->ldap->countEntries($cr, $rr);
-			$getEntryFunc = 'firstEntry';
-			if(($entries !== false) && ($entries > 0)) {
-				if(!is_null($maxF) && $entries > $maxEntries) {
-					$maxEntries = $entries;
-					$maxF = $filter;
-				}
-				$dnReadCount = 0;
-				do {
-					$entry = $this->ldap->$getEntryFunc($cr, $rr);
-					$getEntryFunc = 'nextEntry';
-					if(!$this->ldap->isResource($entry)) {
-						continue 2;
-					}
-					$rr = $entry; //will be expected by nextEntry next round
-					$attributes = $this->ldap->getAttributes($cr, $entry);
-					$dn = $this->ldap->getDN($cr, $entry);
-					if($dn === false || in_array($dn, $dnRead)) {
-						continue;
-					}
-					$newItems = array();
-					$state = $this->getAttributeValuesFromEntry($attributes,
-																$attr,
-																$newItems);
-					$dnReadCount++;
-					$foundItems = array_merge($foundItems, $newItems);
-					$this->resultCache[$dn][$attr] = $newItems;
-					$dnRead[] = $dn;
-				} while(($state === self::LRESULT_PROCESSED_SKIP
-						|| $this->ldap->isResource($entry))
-						&& ($dnReadLimit === 0 || $dnReadCount < $dnReadLimit));
-			}
-		}
-
-		return array_unique($foundItems);
-	}
-
-	/**
-	 * determines if and which $attr are available on the LDAP server
-	 * @param string[] $objectclasses the objectclasses to use as search filter
-	 * @param string $attr the attribute to look for
-	 * @param string $dbkey the dbkey of the setting the feature is connected to
-	 * @param string $confkey the confkey counterpart for the $dbkey as used in the
-	 * Configuration class
-	 * @param bool $po whether the objectClass with most result entries
-	 * shall be pre-selected via the result
-	 * @return array|false list of found items.
-	 * @throws \Exception
-	 */
-	private function determineFeature($objectclasses, $attr, $dbkey, $confkey, $po = false) {
-		$cr = $this->getConnection();
-		if(!$cr) {
-			throw new \Exception('Could not connect to LDAP');
-		}
-		$p = 'objectclass=';
-		foreach($objectclasses as $key => $value) {
-			$objectclasses[$key] = $p.$value;
-		}
-		$maxEntryObjC = '';
-
-		//how deep to dig?
-		//When looking for objectclasses, testing few entries is sufficient,
-		$dig = 3;
-
-		$availableFeatures =
-			$this->cumulativeSearchOnAttribute($objectclasses, $attr,
-											   $dig, $maxEntryObjC);
-		if(is_array($availableFeatures)
-		   && count($availableFeatures) > 0) {
-			natcasesort($availableFeatures);
-			//natcasesort keeps indices, but we must get rid of them for proper
-			//sorting in the web UI. Therefore: array_values
-			$this->result->addOptions($dbkey, array_values($availableFeatures));
-		} else {
-			throw new \Exception(self::$l->t('Could not find the desired feature'));
-		}
-
-		$setFeatures = $this->configuration->$confkey;
-		if(is_array($setFeatures) && !empty($setFeatures)) {
-			//something is already configured? pre-select it.
-			$this->result->addChange($dbkey, $setFeatures);
-		} else if ($po && $maxEntryObjC !== '') {
-			//pre-select objectclass with most result entries
-			$maxEntryObjC = str_replace($p, '', $maxEntryObjC);
-			$this->applyFind($dbkey, $maxEntryObjC);
-			$this->result->addChange($dbkey, $maxEntryObjC);
-		}
-
-		return $availableFeatures;
-	}
-
-	/**
-	 * appends a list of values fr
-	 * @param resource $result the return value from ldap_get_attributes
-	 * @param string $attribute the attribute values to look for
-	 * @param array &$known new values will be appended here
-	 * @return int, state on of the class constants LRESULT_PROCESSED_OK,
-	 * LRESULT_PROCESSED_INVALID or LRESULT_PROCESSED_SKIP
-	 */
-	private function getAttributeValuesFromEntry($result, $attribute, &$known) {
-		if(!is_array($result)
-		   || !isset($result['count'])
-		   || !$result['count'] > 0) {
-			return self::LRESULT_PROCESSED_INVALID;
-		}
-
-		// strtolower on all keys for proper comparison
-		$result = \OCP\Util::mb_array_change_key_case($result);
-		$attribute = strtolower($attribute);
-		if(isset($result[$attribute])) {
-			foreach($result[$attribute] as $key => $val) {
-				if($key === 'count') {
-					continue;
-				}
-				if(!in_array($val, $known)) {
-					$known[] = $val;
-				}
-			}
-			return self::LRESULT_PROCESSED_OK;
-		} else {
-			return self::LRESULT_PROCESSED_SKIP;
-		}
-	}
-
-	/**
-	 * @return bool|mixed
-	 */
-	private function getConnection() {
-		if(!is_null($this->cr)) {
-			return $this->cr;
-		}
-
-		$cr = $this->ldap->connect(
-			$this->configuration->ldapHost,
-			$this->configuration->ldapPort
-		);
-
-		$this->ldap->setOption($cr, LDAP_OPT_PROTOCOL_VERSION, 3);
-		$this->ldap->setOption($cr, LDAP_OPT_REFERRALS, 0);
-		$this->ldap->setOption($cr, LDAP_OPT_NETWORK_TIMEOUT, self::LDAP_NW_TIMEOUT);
-		if($this->configuration->ldapTLS === 1) {
-			$this->ldap->startTls($cr);
-		}
-
-		$lo = @$this->ldap->bind($cr,
-								 $this->configuration->ldapAgentName,
-								 $this->configuration->ldapAgentPassword);
-		if($lo === true) {
-			$this->$cr = $cr;
-			return $cr;
-		}
-
-		return false;
-	}
-
-	/**
-	 * @return array
-	 */
-	private function getDefaultLdapPortSettings() {
-		static $settings = array(
-								array('port' => 7636, 'tls' => false),
-								array('port' =>  636, 'tls' => false),
-								array('port' => 7389, 'tls' => true),
-								array('port' =>  389, 'tls' => true),
-								array('port' => 7389, 'tls' => false),
-								array('port' =>  389, 'tls' => false),
-						  );
-		return $settings;
-	}
-
-	/**
-	 * @return array
-	 */
-	private function getPortSettingsToTry() {
-		//389 ← LDAP / Unencrypted or StartTLS
-		//636 ← LDAPS / SSL
-		//7xxx ← UCS. need to be checked first, because both ports may be open
-		$host = $this->configuration->ldapHost;
-		$port = intval($this->configuration->ldapPort);
-		$portSettings = array();
-
-		//In case the port is already provided, we will check this first
-		if($port > 0) {
-			$hostInfo = parse_url($host);
-			if(!(is_array($hostInfo)
-				&& isset($hostInfo['scheme'])
-				&& stripos($hostInfo['scheme'], 'ldaps') !== false)) {
-				$portSettings[] = array('port' => $port, 'tls' => true);
-			}
-			$portSettings[] =array('port' => $port, 'tls' => false);
-		}
-
-		//default ports
-		$portSettings = array_merge($portSettings,
-		                            $this->getDefaultLdapPortSettings());
-
-		return $portSettings;
-	}
+    /** @var \OCP\IL10N */
+    static protected $l;
+    protected $access;
+    protected $cr;
+    protected $configuration;
+    protected $result;
+    protected $resultCache = array();
+
+    const LRESULT_PROCESSED_OK = 2;
+    const LRESULT_PROCESSED_INVALID = 3;
+    const LRESULT_PROCESSED_SKIP = 4;
+
+    const LFILTER_LOGIN      = 2;
+    const LFILTER_USER_LIST  = 3;
+    const LFILTER_GROUP_LIST = 4;
+
+    const LFILTER_MODE_ASSISTED = 2;
+    const LFILTER_MODE_RAW = 1;
+
+    const LDAP_NW_TIMEOUT = 4;
+
+    /**
+     * Constructor
+     * @param Configuration $configuration an instance of Configuration
+     * @param ILDAPWrapper $ldap an instance of ILDAPWrapper
+     * @param Access $access
+     */
+    public function __construct(Configuration $configuration, ILDAPWrapper $ldap, Access $access) {
+        parent::__construct($ldap);
+        $this->configuration = $configuration;
+        if(is_null(Wizard::$l)) {
+            Wizard::$l = \OC::$server->getL10N('user_ldap');
+        }
+        $this->access = $access;
+        $this->result = new WizardResult();
+    }
+
+    public function  __destruct() {
+        if($this->result->hasChanges()) {
+            $this->configuration->saveConfiguration();
+        }
+    }
+
+    /**
+     * counts entries in the LDAP directory
+     *
+     * @param string $filter the LDAP search filter
+     * @param string $type a string being either 'users' or 'groups';
+     * @return bool|int
+     * @throws \Exception
+     */
+    public function countEntries($filter, $type) {
+        $reqs = array('ldapHost', 'ldapPort', 'ldapBase');
+        if($type === 'users') {
+            $reqs[] = 'ldapUserFilter';
+        }
+        if(!$this->checkRequirements($reqs)) {
+            throw new \Exception('Requirements not met', 400);
+        }
+
+        $attr = array('dn'); // default
+        $limit = 1001;
+        if($type === 'groups') {
+            $result =  $this->access->countGroups($filter, $attr, $limit);
+        } else if($type === 'users') {
+            $result = $this->access->countUsers($filter, $attr, $limit);
+        } else if ($type === 'objects') {
+            $result = $this->access->countObjects($limit);
+        } else {
+            throw new \Exception('internal error: invalid object type', 500);
+        }
+
+        return $result;
+    }
+
+    /**
+     * formats the return value of a count operation to the string to be
+     * inserted.
+     *
+     * @param bool|int $count
+     * @return int|string
+     */
+    private function formatCountResult($count) {
+        $formatted = ($count !== false) ? $count : 0;
+        if($formatted > 1000) {
+            $formatted = '> 1000';
+        }
+        return $formatted;
+    }
+
+    public function countGroups() {
+        $filter = $this->configuration->ldapGroupFilter;
+
+        if(empty($filter)) {
+            $output = self::$l->n('%s group found', '%s groups found', 0, array(0));
+            $this->result->addChange('ldap_group_count', $output);
+            return $this->result;
+        }
+
+        try {
+            $groupsTotal = $this->formatCountResult($this->countEntries($filter, 'groups'));
+        } catch (\Exception $e) {
+            //400 can be ignored, 500 is forwarded
+            if($e->getCode() === 500) {
+                throw $e;
+            }
+            return false;
+        }
+        $output = self::$l->n('%s group found', '%s groups found', $groupsTotal, array($groupsTotal));
+        $this->result->addChange('ldap_group_count', $output);
+        return $this->result;
+    }
+
+    /**
+     * @return WizardResult
+     * @throws \Exception
+     */
+    public function countUsers() {
+        $filter = $this->access->getFilterForUserCount();
+
+        $usersTotal = $this->formatCountResult($this->countEntries($filter, 'users'));
+        $output = self::$l->n('%s user found', '%s users found', $usersTotal, array($usersTotal));
+        $this->result->addChange('ldap_user_count', $output);
+        return $this->result;
+    }
+
+    /**
+     * counts any objects in the currently set base dn
+     *
+     * @return WizardResult
+     * @throws \Exception
+     */
+    public function countInBaseDN() {
+        // we don't need to provide a filter in this case
+        $total = $this->countEntries(null, 'objects');
+        if($total === false) {
+            throw new \Exception('invalid results received');
+        }
+        $this->result->addChange('ldap_test_base', $total);
+        return $this->result;
+    }
+
+    /**
+     * counts users with a specified attribute
+     * @param string $attr
+     * @param bool $existsCheck
+     * @return int|bool
+     */
+    public function countUsersWithAttribute($attr, $existsCheck = false) {
+        if(!$this->checkRequirements(array('ldapHost',
+                                            'ldapPort',
+                                            'ldapBase',
+                                            'ldapUserFilter',
+                                            ))) {
+            return  false;
+        }
+
+        $filter = $this->access->combineFilterWithAnd(array(
+            $this->configuration->ldapUserFilter,
+            $attr . '=*'
+        ));
+
+        $limit = ($existsCheck === false) ? null : 1;
+
+        return $this->access->countUsers($filter, array('dn'), $limit);
+    }
+
+    /**
+     * detects the display name attribute. If a setting is already present that
+     * returns at least one hit, the detection will be canceled.
+     * @return WizardResult|bool
+     * @throws \Exception
+     */
+    public function detectUserDisplayNameAttribute() {
+        if(!$this->checkRequirements(array('ldapHost',
+                                        'ldapPort',
+                                        'ldapBase',
+                                        'ldapUserFilter',
+                                        ))) {
+            return  false;
+        }
+
+        $attr = $this->configuration->ldapUserDisplayName;
+        if ($attr !== '' && $attr !== 'displayName') {
+            // most likely not the default value with upper case N,
+            // verify it still produces a result
+            $count = intval($this->countUsersWithAttribute($attr, true));
+            if($count > 0) {
+                //no change, but we sent it back to make sure the user interface
+                //is still correct, even if the ajax call was cancelled meanwhile
+                $this->result->addChange('ldap_display_name', $attr);
+                return $this->result;
+            }
+        }
+
+        // first attribute that has at least one result wins
+        $displayNameAttrs = array('displayname', 'cn');
+        foreach ($displayNameAttrs as $attr) {
+            $count = intval($this->countUsersWithAttribute($attr, true));
+
+            if($count > 0) {
+                $this->applyFind('ldap_display_name', $attr);
+                return $this->result;
+            }
+        };
+
+        throw new \Exception(self::$l->t('Could not detect user display name attribute. Please specify it yourself in advanced ldap settings.'));
+    }
+
+    /**
+     * detects the most often used email attribute for users applying to the
+     * user list filter. If a setting is already present that returns at least
+     * one hit, the detection will be canceled.
+     * @return WizardResult|bool
+     */
+    public function detectEmailAttribute() {
+        if(!$this->checkRequirements(array('ldapHost',
+                                            'ldapPort',
+                                            'ldapBase',
+                                            'ldapUserFilter',
+                                            ))) {
+            return  false;
+        }
+
+        $attr = $this->configuration->ldapEmailAttribute;
+        if ($attr !== '') {
+            $count = intval($this->countUsersWithAttribute($attr, true));
+            if($count > 0) {
+                return false;
+            }
+            $writeLog = true;
+        } else {
+            $writeLog = false;
+        }
+
+        $emailAttributes = array('mail', 'mailPrimaryAddress');
+        $winner = '';
+        $maxUsers = 0;
+        foreach($emailAttributes as $attr) {
+            $count = $this->countUsersWithAttribute($attr);
+            if($count > $maxUsers) {
+                $maxUsers = $count;
+                $winner = $attr;
+            }
+        }
+
+        if($winner !== '') {
+            $this->applyFind('ldap_email_attr', $winner);
+            if($writeLog) {
+                \OCP\Util::writeLog('user_ldap', 'The mail attribute has ' .
+                    'automatically been reset, because the original value ' .
+                    'did not return any results.', \OCP\Util::INFO);
+            }
+        }
+
+        return $this->result;
+    }
+
+    /**
+     * @return WizardResult
+     * @throws \Exception
+     */
+    public function determineAttributes() {
+        if(!$this->checkRequirements(array('ldapHost',
+                                            'ldapPort',
+                                            'ldapBase',
+                                            'ldapUserFilter',
+                                            ))) {
+            return  false;
+        }
+
+        $attributes = $this->getUserAttributes();
+
+        natcasesort($attributes);
+        $attributes = array_values($attributes);
+
+        $this->result->addOptions('ldap_loginfilter_attributes', $attributes);
+
+        $selected = $this->configuration->ldapLoginFilterAttributes;
+        if(is_array($selected) && !empty($selected)) {
+            $this->result->addChange('ldap_loginfilter_attributes', $selected);
+        }
+
+        return $this->result;
+    }
+
+    /**
+     * detects the available LDAP attributes
+     * @return array|false The instance's WizardResult instance
+     * @throws \Exception
+     */
+    private function getUserAttributes() {
+        if(!$this->checkRequirements(array('ldapHost',
+                                            'ldapPort',
+                                            'ldapBase',
+                                            'ldapUserFilter',
+                                            ))) {
+            return  false;
+        }
+        $cr = $this->getConnection();
+        if(!$cr) {
+            throw new \Exception('Could not connect to LDAP');
+        }
+
+        $base = $this->configuration->ldapBase[0];
+        $filter = $this->configuration->ldapUserFilter;
+        $rr = $this->ldap->search($cr, $base, $filter, array(), 1, 1);
+        if(!$this->ldap->isResource($rr)) {
+            return false;
+        }
+        $er = $this->ldap->firstEntry($cr, $rr);
+        $attributes = $this->ldap->getAttributes($cr, $er);
+        $pureAttributes = array();
+        for($i = 0; $i < $attributes['count']; $i++) {
+            $pureAttributes[] = $attributes[$i];
+        }
+
+        return $pureAttributes;
+    }
+
+    /**
+     * detects the available LDAP groups
+     * @return WizardResult|false the instance's WizardResult instance
+     */
+    public function determineGroupsForGroups() {
+        return $this->determineGroups('ldap_groupfilter_groups',
+                                        'ldapGroupFilterGroups',
+                                        false);
+    }
+
+    /**
+     * detects the available LDAP groups
+     * @return WizardResult|false the instance's WizardResult instance
+     */
+    public function determineGroupsForUsers() {
+        return $this->determineGroups('ldap_userfilter_groups',
+                                        'ldapUserFilterGroups');
+    }
+
+    /**
+     * detects the available LDAP groups
+     * @param string $dbKey
+     * @param string $confKey
+     * @param bool $testMemberOf
+     * @return WizardResult|false the instance's WizardResult instance
+     * @throws \Exception
+     */
+    private function determineGroups($dbKey, $confKey, $testMemberOf = true) {
+        if(!$this->checkRequirements(array('ldapHost',
+                                            'ldapPort',
+                                            'ldapBase',
+                                            ))) {
+            return  false;
+        }
+        $cr = $this->getConnection();
+        if(!$cr) {
+            throw new \Exception('Could not connect to LDAP');
+        }
+
+        $this->fetchGroups($dbKey, $confKey);
+
+        if($testMemberOf) {
+            $this->configuration->hasMemberOfFilterSupport = $this->testMemberOf();
+            $this->result->markChange();
+            if(!$this->configuration->hasMemberOfFilterSupport) {
+                throw new \Exception('memberOf is not supported by the server');
+            }
+        }
+
+        return $this->result;
+    }
+
+    /**
+     * fetches all groups from LDAP and adds them to the result object
+     *
+     * @param string $dbKey
+     * @param string $confKey
+     * @return array $groupEntries
+     * @throws \Exception
+     */
+    public function fetchGroups($dbKey, $confKey) {
+        $obclasses = array('posixGroup', 'group', 'zimbraDistributionList', 'groupOfNames');
+
+        $filterParts = array();
+        foreach($obclasses as $obclass) {
+            $filterParts[] = 'objectclass='.$obclass;
+        }
+        //we filter for everything
+        //- that looks like a group and
+        //- has the group display name set
+        $filter = $this->access->combineFilterWithOr($filterParts);
+        $filter = $this->access->combineFilterWithAnd(array($filter, 'cn=*'));
+
+        $groupNames = array();
+        $groupEntries = array();
+        $limit = 400;
+        $offset = 0;
+        do {
+            // we need to request dn additionally here, otherwise memberOf
+            // detection will fail later
+            $result = $this->access->searchGroups($filter, array('cn', 'dn'), $limit, $offset);
+            foreach($result as $item) {
+                if(!isset($item['cn']) && !is_array($item['cn']) && !isset($item['cn'][0])) {
+                    // just in case - no issue known
+                    continue;
+                }
+                $groupNames[] = $item['cn'][0];
+                $groupEntries[] = $item;
+            }
+            $offset += $limit;
+        } while ($this->access->hasMoreResults());
+
+        if(count($groupNames) > 0) {
+            natsort($groupNames);
+            $this->result->addOptions($dbKey, array_values($groupNames));
+        } else {
+            throw new \Exception(self::$l->t('Could not find the desired feature'));
+        }
+
+        $setFeatures = $this->configuration->$confKey;
+        if(is_array($setFeatures) && !empty($setFeatures)) {
+            //something is already configured? pre-select it.
+            $this->result->addChange($dbKey, $setFeatures);
+        }
+        return $groupEntries;
+    }
+
+    public function determineGroupMemberAssoc() {
+        if(!$this->checkRequirements(array('ldapHost',
+                                            'ldapPort',
+                                            'ldapGroupFilter',
+                                            ))) {
+            return  false;
+        }
+        $attribute = $this->detectGroupMemberAssoc();
+        if($attribute === false) {
+            return false;
+        }
+        $this->configuration->setConfiguration(array('ldapGroupMemberAssocAttr' => $attribute));
+        $this->result->addChange('ldap_group_member_assoc_attribute', $attribute);
+
+        return $this->result;
+    }
+
+    /**
+     * Detects the available object classes
+     * @return WizardResult|false the instance's WizardResult instance
+     * @throws \Exception
+     */
+    public function determineGroupObjectClasses() {
+        if(!$this->checkRequirements(array('ldapHost',
+                                            'ldapPort',
+                                            'ldapBase',
+                                            ))) {
+            return  false;
+        }
+        $cr = $this->getConnection();
+        if(!$cr) {
+            throw new \Exception('Could not connect to LDAP');
+        }
+
+        $obclasses = array('groupOfNames', 'groupOfUniqueNames', 'group', 'posixGroup', '*');
+        $this->determineFeature($obclasses,
+                                'objectclass',
+                                'ldap_groupfilter_objectclass',
+                                'ldapGroupFilterObjectclass',
+                                false);
+
+        return $this->result;
+    }
+
+    /**
+     * detects the available object classes
+     * @return WizardResult
+     * @throws \Exception
+     */
+    public function determineUserObjectClasses() {
+        if(!$this->checkRequirements(array('ldapHost',
+                                            'ldapPort',
+                                            'ldapBase',
+                                            ))) {
+            return  false;
+        }
+        $cr = $this->getConnection();
+        if(!$cr) {
+            throw new \Exception('Could not connect to LDAP');
+        }
+
+        $obclasses = array('inetOrgPerson', 'person', 'organizationalPerson',
+                            'user', 'posixAccount', '*');
+        $filter = $this->configuration->ldapUserFilter;
+        //if filter is empty, it is probably the first time the wizard is called
+        //then, apply suggestions.
+        $this->determineFeature($obclasses,
+                                'objectclass',
+                                'ldap_userfilter_objectclass',
+                                'ldapUserFilterObjectclass',
+                                empty($filter));
+
+        return $this->result;
+    }
+
+    /**
+     * @return WizardResult|false
+     * @throws \Exception
+     */
+    public function getGroupFilter() {
+        if(!$this->checkRequirements(array('ldapHost',
+                                            'ldapPort',
+                                            'ldapBase',
+                                            ))) {
+            return false;
+        }
+        //make sure the use display name is set
+        $displayName = $this->configuration->ldapGroupDisplayName;
+        if ($displayName === '') {
+            $d = $this->configuration->getDefaults();
+            $this->applyFind('ldap_group_display_name',
+                                $d['ldap_group_display_name']);
+        }
+        $filter = $this->composeLdapFilter(self::LFILTER_GROUP_LIST);
+
+        $this->applyFind('ldap_group_filter', $filter);
+        return $this->result;
+    }
+
+    /**
+     * @return WizardResult|false
+     * @throws \Exception
+     */
+    public function getUserListFilter() {
+        if(!$this->checkRequirements(array('ldapHost',
+                                            'ldapPort',
+                                            'ldapBase',
+                                            ))) {
+            return false;
+        }
+        //make sure the use display name is set
+        $displayName = $this->configuration->ldapUserDisplayName;
+        if ($displayName === '') {
+            $d = $this->configuration->getDefaults();
+            $this->applyFind('ldap_display_name', $d['ldap_display_name']);
+        }
+        $filter = $this->composeLdapFilter(self::LFILTER_USER_LIST);
+        if(!$filter) {
+            throw new \Exception('Cannot create filter');
+        }
+
+        $this->applyFind('ldap_userlist_filter', $filter);
+        return $this->result;
+    }
+
+    /**
+     * @return bool|WizardResult
+     * @throws \Exception
+     */
+    public function getUserLoginFilter() {
+        if(!$this->checkRequirements(array('ldapHost',
+                                            'ldapPort',
+                                            'ldapBase',
+                                            'ldapUserFilter',
+                                            ))) {
+            return false;
+        }
+
+        $filter = $this->composeLdapFilter(self::LFILTER_LOGIN);
+        if(!$filter) {
+            throw new \Exception('Cannot create filter');
+        }
+
+        $this->applyFind('ldap_login_filter', $filter);
+        return $this->result;
+    }
+
+    /**
+     * @return bool|WizardResult
+     * @param string $loginName
+     * @throws \Exception
+     */
+    public function testLoginName($loginName) {
+        if(!$this->checkRequirements(array('ldapHost',
+            'ldapPort',
+            'ldapBase',
+            'ldapLoginFilter',
+        ))) {
+            return false;
+        }
+
+        $cr = $this->access->connection->getConnectionResource();
+        if(!$this->ldap->isResource($cr)) {
+            throw new \Exception('connection error');
+        }
+
+        if(mb_strpos($this->access->connection->ldapLoginFilter, '%uid', 0, 'UTF-8')
+            === false) {
+            throw new \Exception('missing placeholder');
+        }
+
+        $users = $this->access->countUsersByLoginName($loginName);
+        if($this->ldap->errno($cr) !== 0) {
+            throw new \Exception($this->ldap->error($cr));
+        }
+        $filter = str_replace('%uid', $loginName, $this->access->connection->ldapLoginFilter);
+        $this->result->addChange('ldap_test_loginname', $users);
+        $this->result->addChange('ldap_test_effective_filter', $filter);
+        return $this->result;
+    }
+
+    /**
+     * Tries to determine the port, requires given Host, User DN and Password
+     * @return WizardResult|false WizardResult on success, false otherwise
+     * @throws \Exception
+     */
+    public function guessPortAndTLS() {
+        if(!$this->checkRequirements(array('ldapHost',
+                                            ))) {
+            return false;
+        }
+        $this->checkHost();
+        $portSettings = $this->getPortSettingsToTry();
+
+        if(!is_array($portSettings)) {
+            throw new \Exception(print_r($portSettings, true));
+        }
+
+        //proceed from the best configuration and return on first success
+        foreach($portSettings as $setting) {
+            $p = $setting['port'];
+            $t = $setting['tls'];
+            \OCP\Util::writeLog('user_ldap', 'Wiz: trying port '. $p . ', TLS '. $t, \OCP\Util::DEBUG);
+            //connectAndBind may throw Exception, it needs to be catched by the
+            //callee of this method
+
+            try {
+                $settingsFound = $this->connectAndBind($p, $t);
+            } catch (\Exception $e) {
+                // any reply other than -1 (= cannot connect) is already okay,
+                // because then we found the server
+                // unavailable startTLS returns -11
+                if($e->getCode() > 0) {
+                    $settingsFound = true;
+                } else {
+                    throw $e;
+                }
+            }
+
+            if ($settingsFound === true) {
+                $config = array(
+                    'ldapPort' => $p,
+                    'ldapTLS' => intval($t)
+                );
+                $this->configuration->setConfiguration($config);
+                \OCP\Util::writeLog('user_ldap', 'Wiz: detected Port ' . $p, \OCP\Util::DEBUG);
+                $this->result->addChange('ldap_port', $p);
+                return $this->result;
+            }
+        }
+
+        //custom port, undetected (we do not brute force)
+        return false;
+    }
+
+    /**
+     * tries to determine a base dn from User DN or LDAP Host
+     * @return WizardResult|false WizardResult on success, false otherwise
+     */
+    public function guessBaseDN() {
+        if(!$this->checkRequirements(array('ldapHost',
+                                            'ldapPort',
+                                            ))) {
+            return false;
+        }
+
+        //check whether a DN is given in the agent name (99.9% of all cases)
+        $base = null;
+        $i = stripos($this->configuration->ldapAgentName, 'dc=');
+        if($i !== false) {
+            $base = substr($this->configuration->ldapAgentName, $i);
+            if($this->testBaseDN($base)) {
+                $this->applyFind('ldap_base', $base);
+                return $this->result;
+            }
+        }
+
+        //this did not help :(
+        //Let's see whether we can parse the Host URL and convert the domain to
+        //a base DN
+        $helper = new Helper(\OC::$server->getConfig());
+        $domain = $helper->getDomainFromURL($this->configuration->ldapHost);
+        if(!$domain) {
+            return false;
+        }
+
+        $dparts = explode('.', $domain);
+        while(count($dparts) > 0) {
+            $base2 = 'dc=' . implode(',dc=', $dparts);
+            if ($base !== $base2 && $this->testBaseDN($base2)) {
+                $this->applyFind('ldap_base', $base2);
+                return $this->result;
+            }
+            array_shift($dparts);
+        }
+
+        return false;
+    }
+
+    /**
+     * sets the found value for the configuration key in the WizardResult
+     * as well as in the Configuration instance
+     * @param string $key the configuration key
+     * @param string $value the (detected) value
+     *
+     */
+    private function applyFind($key, $value) {
+        $this->result->addChange($key, $value);
+        $this->configuration->setConfiguration(array($key => $value));
+    }
+
+    /**
+     * Checks, whether a port was entered in the Host configuration
+     * field. In this case the port will be stripped off, but also stored as
+     * setting.
+     */
+    private function checkHost() {
+        $host = $this->configuration->ldapHost;
+        $hostInfo = parse_url($host);
+
+        //removes Port from Host
+        if(is_array($hostInfo) && isset($hostInfo['port'])) {
+            $port = $hostInfo['port'];
+            $host = str_replace(':'.$port, '', $host);
+            $this->applyFind('ldap_host', $host);
+            $this->applyFind('ldap_port', $port);
+        }
+    }
+
+    /**
+     * tries to detect the group member association attribute which is
+     * one of 'uniqueMember', 'memberUid', 'member'
+     * @return string|false, string with the attribute name, false on error
+     * @throws \Exception
+     */
+    private function detectGroupMemberAssoc() {
+        $possibleAttrs = array('uniqueMember', 'memberUid', 'member');
+        $filter = $this->configuration->ldapGroupFilter;
+        if(empty($filter)) {
+            return false;
+        }
+        $cr = $this->getConnection();
+        if(!$cr) {
+            throw new \Exception('Could not connect to LDAP');
+        }
+        $base = $this->configuration->ldapBase[0];
+        $rr = $this->ldap->search($cr, $base, $filter, $possibleAttrs, 0, 1000);
+        if(!$this->ldap->isResource($rr)) {
+            return false;
+        }
+        $er = $this->ldap->firstEntry($cr, $rr);
+        while(is_resource($er)) {
+            $this->ldap->getDN($cr, $er);
+            $attrs = $this->ldap->getAttributes($cr, $er);
+            $result = array();
+            $possibleAttrsCount = count($possibleAttrs);
+            for($i = 0; $i < $possibleAttrsCount; $i++) {
+                if(isset($attrs[$possibleAttrs[$i]])) {
+                    $result[$possibleAttrs[$i]] = $attrs[$possibleAttrs[$i]]['count'];
+                }
+            }
+            if(!empty($result)) {
+                natsort($result);
+                return key($result);
+            }
+
+            $er = $this->ldap->nextEntry($cr, $er);
+        }
+
+        return false;
+    }
+
+    /**
+     * Checks whether for a given BaseDN results will be returned
+     * @param string $base the BaseDN to test
+     * @return bool true on success, false otherwise
+     * @throws \Exception
+     */
+    private function testBaseDN($base) {
+        $cr = $this->getConnection();
+        if(!$cr) {
+            throw new \Exception('Could not connect to LDAP');
+        }
+
+        //base is there, let's validate it. If we search for anything, we should
+        //get a result set > 0 on a proper base
+        $rr = $this->ldap->search($cr, $base, 'objectClass=*', array('dn'), 0, 1);
+        if(!$this->ldap->isResource($rr)) {
+            $errorNo  = $this->ldap->errno($cr);
+            $errorMsg = $this->ldap->error($cr);
+            \OCP\Util::writeLog('user_ldap', 'Wiz: Could not search base '.$base.
+                            ' Error '.$errorNo.': '.$errorMsg, \OCP\Util::INFO);
+            return false;
+        }
+        $entries = $this->ldap->countEntries($cr, $rr);
+        return ($entries !== false) && ($entries > 0);
+    }
+
+    /**
+     * Checks whether the server supports memberOf in LDAP Filter.
+     * Note: at least in OpenLDAP, availability of memberOf is dependent on
+     * a configured objectClass. I.e. not necessarily for all available groups
+     * memberOf does work.
+     *
+     * @return bool true if it does, false otherwise
+     * @throws \Exception
+     */
+    private function testMemberOf() {
+        $cr = $this->getConnection();
+        if(!$cr) {
+            throw new \Exception('Could not connect to LDAP');
+        }
+        $result = $this->access->countUsers('memberOf=*', array('memberOf'), 1);
+        if(is_int($result) &&  $result > 0) {
+            return true;
+        }
+        return false;
+    }
+
+    /**
+     * creates an LDAP Filter from given configuration
+     * @param integer $filterType int, for which use case the filter shall be created
+     * can be any of self::LFILTER_USER_LIST, self::LFILTER_LOGIN or
+     * self::LFILTER_GROUP_LIST
+     * @return string|false string with the filter on success, false otherwise
+     * @throws \Exception
+     */
+    private function composeLdapFilter($filterType) {
+        $filter = '';
+        $parts = 0;
+        switch ($filterType) {
+            case self::LFILTER_USER_LIST:
+                $objcs = $this->configuration->ldapUserFilterObjectclass;
+                //glue objectclasses
+                if(is_array($objcs) && count($objcs) > 0) {
+                    $filter .= '(|';
+                    foreach($objcs as $objc) {
+                        $filter .= '(objectclass=' . $objc . ')';
+                    }
+                    $filter .= ')';
+                    $parts++;
+                }
+                //glue group memberships
+                if($this->configuration->hasMemberOfFilterSupport) {
+                    $cns = $this->configuration->ldapUserFilterGroups;
+                    if(is_array($cns) && count($cns) > 0) {
+                        $filter .= '(|';
+                        $cr = $this->getConnection();
+                        if(!$cr) {
+                            throw new \Exception('Could not connect to LDAP');
+                        }
+                        $base = $this->configuration->ldapBase[0];
+                        foreach($cns as $cn) {
+                            $rr = $this->ldap->search($cr, $base, 'cn=' . $cn, array('dn', 'primaryGroupToken'));
+                            if(!$this->ldap->isResource($rr)) {
+                                continue;
+                            }
+                            $er = $this->ldap->firstEntry($cr, $rr);
+                            $attrs = $this->ldap->getAttributes($cr, $er);
+                            $dn = $this->ldap->getDN($cr, $er);
+                            if ($dn == false || $dn === '') {
+                                continue;
+                            }
+                            $filterPart = '(memberof=' . $dn . ')';
+                            if(isset($attrs['primaryGroupToken'])) {
+                                $pgt = $attrs['primaryGroupToken'][0];
+                                $primaryFilterPart = '(primaryGroupID=' . $pgt .')';
+                                $filterPart = '(|' . $filterPart . $primaryFilterPart . ')';
+                            }
+                            $filter .= $filterPart;
+                        }
+                        $filter .= ')';
+                    }
+                    $parts++;
+                }
+                //wrap parts in AND condition
+                if($parts > 1) {
+                    $filter = '(&' . $filter . ')';
+                }
+                if ($filter === '') {
+                    $filter = '(objectclass=*)';
+                }
+                break;
+
+            case self::LFILTER_GROUP_LIST:
+                $objcs = $this->configuration->ldapGroupFilterObjectclass;
+                //glue objectclasses
+                if(is_array($objcs) && count($objcs) > 0) {
+                    $filter .= '(|';
+                    foreach($objcs as $objc) {
+                        $filter .= '(objectclass=' . $objc . ')';
+                    }
+                    $filter .= ')';
+                    $parts++;
+                }
+                //glue group memberships
+                $cns = $this->configuration->ldapGroupFilterGroups;
+                if(is_array($cns) && count($cns) > 0) {
+                    $filter .= '(|';
+                    foreach($cns as $cn) {
+                        $filter .= '(cn=' . $cn . ')';
+                    }
+                    $filter .= ')';
+                }
+                $parts++;
+                //wrap parts in AND condition
+                if($parts > 1) {
+                    $filter = '(&' . $filter . ')';
+                }
+                break;
+
+            case self::LFILTER_LOGIN:
+                $ulf = $this->configuration->ldapUserFilter;
+                $loginpart = '=%uid';
+                $filterUsername = '';
+                $userAttributes = $this->getUserAttributes();
+                $userAttributes = array_change_key_case(array_flip($userAttributes));
+                $parts = 0;
+
+                if($this->configuration->ldapLoginFilterUsername === '1') {
+                    $attr = '';
+                    if(isset($userAttributes['uid'])) {
+                        $attr = 'uid';
+                    } else if(isset($userAttributes['samaccountname'])) {
+                        $attr = 'samaccountname';
+                    } else if(isset($userAttributes['cn'])) {
+                        //fallback
+                        $attr = 'cn';
+                    }
+                    if ($attr !== '') {
+                        $filterUsername = '(' . $attr . $loginpart . ')';
+                        $parts++;
+                    }
+                }
+
+                $filterEmail = '';
+                if($this->configuration->ldapLoginFilterEmail === '1') {
+                    $filterEmail = '(|(mailPrimaryAddress=%uid)(mail=%uid))';
+                    $parts++;
+                }
+
+                $filterAttributes = '';
+                $attrsToFilter = $this->configuration->ldapLoginFilterAttributes;
+                if(is_array($attrsToFilter) && count($attrsToFilter) > 0) {
+                    $filterAttributes = '(|';
+                    foreach($attrsToFilter as $attribute) {
+                        $filterAttributes .= '(' . $attribute . $loginpart . ')';
+                    }
+                    $filterAttributes .= ')';
+                    $parts++;
+                }
+
+                $filterLogin = '';
+                if($parts > 1) {
+                    $filterLogin = '(|';
+                }
+                $filterLogin .= $filterUsername;
+                $filterLogin .= $filterEmail;
+                $filterLogin .= $filterAttributes;
+                if($parts > 1) {
+                    $filterLogin .= ')';
+                }
+
+                $filter = '(&'.$ulf.$filterLogin.')';
+                break;
+        }
+
+        \OCP\Util::writeLog('user_ldap', 'Wiz: Final filter '.$filter, \OCP\Util::DEBUG);
+
+        return $filter;
+    }
+
+    /**
+     * Connects and Binds to an LDAP Server
+     * @param int $port the port to connect with
+     * @param bool $tls whether startTLS is to be used
+     * @param bool $ncc
+     * @return bool
+     * @throws \Exception
+     */
+    private function connectAndBind($port = 389, $tls = false, $ncc = false) {
+        if($ncc) {
+            //No certificate check
+            //FIXME: undo afterwards
+            putenv('LDAPTLS_REQCERT=never');
+        }
+
+        //connect, does not really trigger any server communication
+        \OCP\Util::writeLog('user_ldap', 'Wiz: Checking Host Info ', \OCP\Util::DEBUG);
+        $host = $this->configuration->ldapHost;
+        $hostInfo = parse_url($host);
+        if(!$hostInfo) {
+            throw new \Exception(self::$l->t('Invalid Host'));
+        }
+        \OCP\Util::writeLog('user_ldap', 'Wiz: Attempting to connect ', \OCP\Util::DEBUG);
+        $cr = $this->ldap->connect($host, $port);
+        if(!is_resource($cr)) {
+            throw new \Exception(self::$l->t('Invalid Host'));
+        }
+
+        \OCP\Util::writeLog('user_ldap', 'Wiz: Setting LDAP Options ', \OCP\Util::DEBUG);
+        //set LDAP options
+        $this->ldap->setOption($cr, LDAP_OPT_PROTOCOL_VERSION, 3);
+        $this->ldap->setOption($cr, LDAP_OPT_REFERRALS, 0);
+        $this->ldap->setOption($cr, LDAP_OPT_NETWORK_TIMEOUT, self::LDAP_NW_TIMEOUT);
+
+        try {
+            if($tls) {
+                $isTlsWorking = @$this->ldap->startTls($cr);
+                if(!$isTlsWorking) {
+                    return false;
+                }
+            }
+
+            \OCP\Util::writeLog('user_ldap', 'Wiz: Attemping to Bind ', \OCP\Util::DEBUG);
+            //interesting part: do the bind!
+            $login = $this->ldap->bind($cr,
+                $this->configuration->ldapAgentName,
+                $this->configuration->ldapAgentPassword
+            );
+            $errNo = $this->ldap->errno($cr);
+            $error = ldap_error($cr);
+            $this->ldap->unbind($cr);
+        } catch(ServerNotAvailableException $e) {
+            return false;
+        }
+
+        if($login === true) {
+            $this->ldap->unbind($cr);
+            if($ncc) {
+                throw new \Exception('Certificate cannot be validated.');
+            }
+            \OCP\Util::writeLog('user_ldap', 'Wiz: Bind successful to Port '. $port . ' TLS ' . intval($tls), \OCP\Util::DEBUG);
+            return true;
+        }
+
+        if($errNo === -1 || ($errNo === 2 && $ncc)) {
+            //host, port or TLS wrong
+            return false;
+        } else if ($errNo === 2) {
+            return $this->connectAndBind($port, $tls, true);
+        }
+        throw new \Exception($error, $errNo);
+    }
+
+    /**
+     * checks whether a valid combination of agent and password has been
+     * provided (either two values or nothing for anonymous connect)
+     * @return bool, true if everything is fine, false otherwise
+     */
+    private function checkAgentRequirements() {
+        $agent = $this->configuration->ldapAgentName;
+        $pwd = $this->configuration->ldapAgentPassword;
+
+        return
+            ($agent !== '' && $pwd !== '')
+            ||  ($agent === '' && $pwd === '')
+        ;
+    }
+
+    /**
+     * @param array $reqs
+     * @return bool
+     */
+    private function checkRequirements($reqs) {
+        $this->checkAgentRequirements();
+        foreach($reqs as $option) {
+            $value = $this->configuration->$option;
+            if(empty($value)) {
+                return false;
+            }
+        }
+        return true;
+    }
+
+    /**
+     * does a cumulativeSearch on LDAP to get different values of a
+     * specified attribute
+     * @param string[] $filters array, the filters that shall be used in the search
+     * @param string $attr the attribute of which a list of values shall be returned
+     * @param int $dnReadLimit the amount of how many DNs should be analyzed.
+     * The lower, the faster
+     * @param string $maxF string. if not null, this variable will have the filter that
+     * yields most result entries
+     * @return array|false an array with the values on success, false otherwise
+     */
+    public function cumulativeSearchOnAttribute($filters, $attr, $dnReadLimit = 3, &$maxF = null) {
+        $dnRead = array();
+        $foundItems = array();
+        $maxEntries = 0;
+        if(!is_array($this->configuration->ldapBase)
+           || !isset($this->configuration->ldapBase[0])) {
+            return false;
+        }
+        $base = $this->configuration->ldapBase[0];
+        $cr = $this->getConnection();
+        if(!$this->ldap->isResource($cr)) {
+            return false;
+        }
+        $lastFilter = null;
+        if(isset($filters[count($filters)-1])) {
+            $lastFilter = $filters[count($filters)-1];
+        }
+        foreach($filters as $filter) {
+            if($lastFilter === $filter && count($foundItems) > 0) {
+                //skip when the filter is a wildcard and results were found
+                continue;
+            }
+            // 20k limit for performance and reason
+            $rr = $this->ldap->search($cr, $base, $filter, array($attr), 0, 20000);
+            if(!$this->ldap->isResource($rr)) {
+                continue;
+            }
+            $entries = $this->ldap->countEntries($cr, $rr);
+            $getEntryFunc = 'firstEntry';
+            if(($entries !== false) && ($entries > 0)) {
+                if(!is_null($maxF) && $entries > $maxEntries) {
+                    $maxEntries = $entries;
+                    $maxF = $filter;
+                }
+                $dnReadCount = 0;
+                do {
+                    $entry = $this->ldap->$getEntryFunc($cr, $rr);
+                    $getEntryFunc = 'nextEntry';
+                    if(!$this->ldap->isResource($entry)) {
+                        continue 2;
+                    }
+                    $rr = $entry; //will be expected by nextEntry next round
+                    $attributes = $this->ldap->getAttributes($cr, $entry);
+                    $dn = $this->ldap->getDN($cr, $entry);
+                    if($dn === false || in_array($dn, $dnRead)) {
+                        continue;
+                    }
+                    $newItems = array();
+                    $state = $this->getAttributeValuesFromEntry($attributes,
+                                                                $attr,
+                                                                $newItems);
+                    $dnReadCount++;
+                    $foundItems = array_merge($foundItems, $newItems);
+                    $this->resultCache[$dn][$attr] = $newItems;
+                    $dnRead[] = $dn;
+                } while(($state === self::LRESULT_PROCESSED_SKIP
+                        || $this->ldap->isResource($entry))
+                        && ($dnReadLimit === 0 || $dnReadCount < $dnReadLimit));
+            }
+        }
+
+        return array_unique($foundItems);
+    }
+
+    /**
+     * determines if and which $attr are available on the LDAP server
+     * @param string[] $objectclasses the objectclasses to use as search filter
+     * @param string $attr the attribute to look for
+     * @param string $dbkey the dbkey of the setting the feature is connected to
+     * @param string $confkey the confkey counterpart for the $dbkey as used in the
+     * Configuration class
+     * @param bool $po whether the objectClass with most result entries
+     * shall be pre-selected via the result
+     * @return array|false list of found items.
+     * @throws \Exception
+     */
+    private function determineFeature($objectclasses, $attr, $dbkey, $confkey, $po = false) {
+        $cr = $this->getConnection();
+        if(!$cr) {
+            throw new \Exception('Could not connect to LDAP');
+        }
+        $p = 'objectclass=';
+        foreach($objectclasses as $key => $value) {
+            $objectclasses[$key] = $p.$value;
+        }
+        $maxEntryObjC = '';
+
+        //how deep to dig?
+        //When looking for objectclasses, testing few entries is sufficient,
+        $dig = 3;
+
+        $availableFeatures =
+            $this->cumulativeSearchOnAttribute($objectclasses, $attr,
+                                                $dig, $maxEntryObjC);
+        if(is_array($availableFeatures)
+           && count($availableFeatures) > 0) {
+            natcasesort($availableFeatures);
+            //natcasesort keeps indices, but we must get rid of them for proper
+            //sorting in the web UI. Therefore: array_values
+            $this->result->addOptions($dbkey, array_values($availableFeatures));
+        } else {
+            throw new \Exception(self::$l->t('Could not find the desired feature'));
+        }
+
+        $setFeatures = $this->configuration->$confkey;
+        if(is_array($setFeatures) && !empty($setFeatures)) {
+            //something is already configured? pre-select it.
+            $this->result->addChange($dbkey, $setFeatures);
+        } else if ($po && $maxEntryObjC !== '') {
+            //pre-select objectclass with most result entries
+            $maxEntryObjC = str_replace($p, '', $maxEntryObjC);
+            $this->applyFind($dbkey, $maxEntryObjC);
+            $this->result->addChange($dbkey, $maxEntryObjC);
+        }
+
+        return $availableFeatures;
+    }
+
+    /**
+     * appends a list of values fr
+     * @param resource $result the return value from ldap_get_attributes
+     * @param string $attribute the attribute values to look for
+     * @param array &$known new values will be appended here
+     * @return int, state on of the class constants LRESULT_PROCESSED_OK,
+     * LRESULT_PROCESSED_INVALID or LRESULT_PROCESSED_SKIP
+     */
+    private function getAttributeValuesFromEntry($result, $attribute, &$known) {
+        if(!is_array($result)
+           || !isset($result['count'])
+           || !$result['count'] > 0) {
+            return self::LRESULT_PROCESSED_INVALID;
+        }
+
+        // strtolower on all keys for proper comparison
+        $result = \OCP\Util::mb_array_change_key_case($result);
+        $attribute = strtolower($attribute);
+        if(isset($result[$attribute])) {
+            foreach($result[$attribute] as $key => $val) {
+                if($key === 'count') {
+                    continue;
+                }
+                if(!in_array($val, $known)) {
+                    $known[] = $val;
+                }
+            }
+            return self::LRESULT_PROCESSED_OK;
+        } else {
+            return self::LRESULT_PROCESSED_SKIP;
+        }
+    }
+
+    /**
+     * @return bool|mixed
+     */
+    private function getConnection() {
+        if(!is_null($this->cr)) {
+            return $this->cr;
+        }
+
+        $cr = $this->ldap->connect(
+            $this->configuration->ldapHost,
+            $this->configuration->ldapPort
+        );
+
+        $this->ldap->setOption($cr, LDAP_OPT_PROTOCOL_VERSION, 3);
+        $this->ldap->setOption($cr, LDAP_OPT_REFERRALS, 0);
+        $this->ldap->setOption($cr, LDAP_OPT_NETWORK_TIMEOUT, self::LDAP_NW_TIMEOUT);
+        if($this->configuration->ldapTLS === 1) {
+            $this->ldap->startTls($cr);
+        }
+
+        $lo = @$this->ldap->bind($cr,
+                                    $this->configuration->ldapAgentName,
+                                    $this->configuration->ldapAgentPassword);
+        if($lo === true) {
+            $this->$cr = $cr;
+            return $cr;
+        }
+
+        return false;
+    }
+
+    /**
+     * @return array
+     */
+    private function getDefaultLdapPortSettings() {
+        static $settings = array(
+                                array('port' => 7636, 'tls' => false),
+                                array('port' =>  636, 'tls' => false),
+                                array('port' => 7389, 'tls' => true),
+                                array('port' =>  389, 'tls' => true),
+                                array('port' => 7389, 'tls' => false),
+                                array('port' =>  389, 'tls' => false),
+                            );
+        return $settings;
+    }
+
+    /**
+     * @return array
+     */
+    private function getPortSettingsToTry() {
+        //389 ← LDAP / Unencrypted or StartTLS
+        //636 ← LDAPS / SSL
+        //7xxx ← UCS. need to be checked first, because both ports may be open
+        $host = $this->configuration->ldapHost;
+        $port = intval($this->configuration->ldapPort);
+        $portSettings = array();
+
+        //In case the port is already provided, we will check this first
+        if($port > 0) {
+            $hostInfo = parse_url($host);
+            if(!(is_array($hostInfo)
+                && isset($hostInfo['scheme'])
+                && stripos($hostInfo['scheme'], 'ldaps') !== false)) {
+                $portSettings[] = array('port' => $port, 'tls' => true);
+            }
+            $portSettings[] =array('port' => $port, 'tls' => false);
+        }
+
+        //default ports
+        $portSettings = array_merge($portSettings,
+                                    $this->getDefaultLdapPortSettings());
+
+        return $portSettings;
+    }
 
 
 }

Spacing +151 added lines, -151 removed lines

@@ -67,7 +67,7 @@ 
 	public function __construct(Configuration $configuration, ILDAPWrapper $ldap, Access $access) {
 		parent::__construct($ldap);
 		$this->configuration = $configuration;
-		if(is_null(Wizard::$l)) {
+		if (is_null(Wizard::$l)) {
 			Wizard::$l = \OC::$server->getL10N('user_ldap');
 		}
 		$this->access = $access;
@@ -75,7 +75,7 @@ 
 	}
 
 	public function  __destruct() {
-		if($this->result->hasChanges()) {
+		if ($this->result->hasChanges()) {
 			$this->configuration->saveConfiguration();
 		}
 	}
@@ -90,18 +90,18 @@ 
 	 */
 	public function countEntries($filter, $type) {
 		$reqs = array('ldapHost', 'ldapPort', 'ldapBase');
-		if($type === 'users') {
+		if ($type === 'users') {
 			$reqs[] = 'ldapUserFilter';
 		}
-		if(!$this->checkRequirements($reqs)) {
+		if (!$this->checkRequirements($reqs)) {
 			throw new \Exception('Requirements not met', 400);
 		}
 
 		$attr = array('dn'); // default
 		$limit = 1001;
-		if($type === 'groups') {
-			$result =  $this->access->countGroups($filter, $attr, $limit);
-		} else if($type === 'users') {
+		if ($type === 'groups') {
+			$result = $this->access->countGroups($filter, $attr, $limit);
+		} else if ($type === 'users') {
 			$result = $this->access->countUsers($filter, $attr, $limit);
 		} else if ($type === 'objects') {
 			$result = $this->access->countObjects($limit);
@@ -121,7 +121,7 @@ 
 	 */
 	private function formatCountResult($count) {
 		$formatted = ($count !== false) ? $count : 0;
-		if($formatted > 1000) {
+		if ($formatted > 1000) {
 			$formatted = '> 1000';
 		}
 		return $formatted;
@@ -130,7 +130,7 @@ 
 	public function countGroups() {
 		$filter = $this->configuration->ldapGroupFilter;
 
-		if(empty($filter)) {
+		if (empty($filter)) {
 			$output = self::$l->n('%s group found', '%s groups found', 0, array(0));
 			$this->result->addChange('ldap_group_count', $output);
 			return $this->result;
@@ -140,7 +140,7 @@ 
 			$groupsTotal = $this->formatCountResult($this->countEntries($filter, 'groups'));
 		} catch (\Exception $e) {
 			//400 can be ignored, 500 is forwarded
-			if($e->getCode() === 500) {
+			if ($e->getCode() === 500) {
 				throw $e;
 			}
 			return false;
@@ -172,7 +172,7 @@ 
 	public function countInBaseDN() {
 		// we don't need to provide a filter in this case
 		$total = $this->countEntries(null, 'objects');
-		if($total === false) {
+		if ($total === false) {
 			throw new \Exception('invalid results received');
 		}
 		$this->result->addChange('ldap_test_base', $total);
@@ -186,7 +186,7 @@ 
 	 * @return int|bool
 	 */
 	public function countUsersWithAttribute($attr, $existsCheck = false) {
-		if(!$this->checkRequirements(array('ldapHost',
+		if (!$this->checkRequirements(array('ldapHost',
 										   'ldapPort',
 										   'ldapBase',
 										   'ldapUserFilter',
@@ -196,7 +196,7 @@ 
 
 		$filter = $this->access->combineFilterWithAnd(array(
 			$this->configuration->ldapUserFilter,
-			$attr . '=*'
+			$attr.'=*'
 		));
 
 		$limit = ($existsCheck === false) ? null : 1;
@@ -211,7 +211,7 @@ 
 	 * @throws \Exception
 	 */
 	public function detectUserDisplayNameAttribute() {
-		if(!$this->checkRequirements(array('ldapHost',
+		if (!$this->checkRequirements(array('ldapHost',
 										'ldapPort',
 										'ldapBase',
 										'ldapUserFilter',
@@ -224,7 +224,7 @@ 
 			// most likely not the default value with upper case N,
 			// verify it still produces a result
 			$count = intval($this->countUsersWithAttribute($attr, true));
-			if($count > 0) {
+			if ($count > 0) {
 				//no change, but we sent it back to make sure the user interface
 				//is still correct, even if the ajax call was cancelled meanwhile
 				$this->result->addChange('ldap_display_name', $attr);
@@ -237,7 +237,7 @@ 
 		foreach ($displayNameAttrs as $attr) {
 			$count = intval($this->countUsersWithAttribute($attr, true));
 
-			if($count > 0) {
+			if ($count > 0) {
 				$this->applyFind('ldap_display_name', $attr);
 				return $this->result;
 			}
@@ -253,7 +253,7 @@ 
 	 * @return WizardResult|bool
 	 */
 	public function detectEmailAttribute() {
-		if(!$this->checkRequirements(array('ldapHost',
+		if (!$this->checkRequirements(array('ldapHost',
 										   'ldapPort',
 										   'ldapBase',
 										   'ldapUserFilter',
@@ -264,7 +264,7 @@ 
 		$attr = $this->configuration->ldapEmailAttribute;
 		if ($attr !== '') {
 			$count = intval($this->countUsersWithAttribute($attr, true));
-			if($count > 0) {
+			if ($count > 0) {
 				return false;
 			}
 			$writeLog = true;
@@ -275,19 +275,19 @@ 
 		$emailAttributes = array('mail', 'mailPrimaryAddress');
 		$winner = '';
 		$maxUsers = 0;
-		foreach($emailAttributes as $attr) {
+		foreach ($emailAttributes as $attr) {
 			$count = $this->countUsersWithAttribute($attr);
-			if($count > $maxUsers) {
+			if ($count > $maxUsers) {
 				$maxUsers = $count;
 				$winner = $attr;
 			}
 		}
 
-		if($winner !== '') {
+		if ($winner !== '') {
 			$this->applyFind('ldap_email_attr', $winner);
-			if($writeLog) {
-				\OCP\Util::writeLog('user_ldap', 'The mail attribute has ' .
-					'automatically been reset, because the original value ' .
+			if ($writeLog) {
+				\OCP\Util::writeLog('user_ldap', 'The mail attribute has '.
+					'automatically been reset, because the original value '.
 					'did not return any results.', \OCP\Util::INFO);
 			}
 		}
@@ -300,7 +300,7 @@ 
 	 * @throws \Exception
 	 */
 	public function determineAttributes() {
-		if(!$this->checkRequirements(array('ldapHost',
+		if (!$this->checkRequirements(array('ldapHost',
 										   'ldapPort',
 										   'ldapBase',
 										   'ldapUserFilter',
@@ -316,7 +316,7 @@ 
 		$this->result->addOptions('ldap_loginfilter_attributes', $attributes);
 
 		$selected = $this->configuration->ldapLoginFilterAttributes;
-		if(is_array($selected) && !empty($selected)) {
+		if (is_array($selected) && !empty($selected)) {
 			$this->result->addChange('ldap_loginfilter_attributes', $selected);
 		}
 
@@ -329,7 +329,7 @@ 
 	 * @throws \Exception
 	 */
 	private function getUserAttributes() {
-		if(!$this->checkRequirements(array('ldapHost',
+		if (!$this->checkRequirements(array('ldapHost',
 										   'ldapPort',
 										   'ldapBase',
 										   'ldapUserFilter',
@@ -337,20 +337,20 @@ 
 			return  false;
 		}
 		$cr = $this->getConnection();
-		if(!$cr) {
+		if (!$cr) {
 			throw new \Exception('Could not connect to LDAP');
 		}
 
 		$base = $this->configuration->ldapBase[0];
 		$filter = $this->configuration->ldapUserFilter;
 		$rr = $this->ldap->search($cr, $base, $filter, array(), 1, 1);
-		if(!$this->ldap->isResource($rr)) {
+		if (!$this->ldap->isResource($rr)) {
 			return false;
 		}
 		$er = $this->ldap->firstEntry($cr, $rr);
 		$attributes = $this->ldap->getAttributes($cr, $er);
 		$pureAttributes = array();
-		for($i = 0; $i < $attributes['count']; $i++) {
+		for ($i = 0; $i < $attributes['count']; $i++) {
 			$pureAttributes[] = $attributes[$i];
 		}
 
@@ -385,23 +385,23 @@ 
 	 * @throws \Exception
 	 */
 	private function determineGroups($dbKey, $confKey, $testMemberOf = true) {
-		if(!$this->checkRequirements(array('ldapHost',
+		if (!$this->checkRequirements(array('ldapHost',
 										   'ldapPort',
 										   'ldapBase',
 										   ))) {
 			return  false;
 		}
 		$cr = $this->getConnection();
-		if(!$cr) {
+		if (!$cr) {
 			throw new \Exception('Could not connect to LDAP');
 		}
 
 		$this->fetchGroups($dbKey, $confKey);
 
-		if($testMemberOf) {
+		if ($testMemberOf) {
 			$this->configuration->hasMemberOfFilterSupport = $this->testMemberOf();
 			$this->result->markChange();
-			if(!$this->configuration->hasMemberOfFilterSupport) {
+			if (!$this->configuration->hasMemberOfFilterSupport) {
 				throw new \Exception('memberOf is not supported by the server');
 			}
 		}
@@ -421,7 +421,7 @@ 
 		$obclasses = array('posixGroup', 'group', 'zimbraDistributionList', 'groupOfNames');
 
 		$filterParts = array();
-		foreach($obclasses as $obclass) {
+		foreach ($obclasses as $obclass) {
 			$filterParts[] = 'objectclass='.$obclass;
 		}
 		//we filter for everything
@@ -438,8 +438,8 @@ 
 			// we need to request dn additionally here, otherwise memberOf
 			// detection will fail later
 			$result = $this->access->searchGroups($filter, array('cn', 'dn'), $limit, $offset);
-			foreach($result as $item) {
-				if(!isset($item['cn']) && !is_array($item['cn']) && !isset($item['cn'][0])) {
+			foreach ($result as $item) {
+				if (!isset($item['cn']) && !is_array($item['cn']) && !isset($item['cn'][0])) {
 					// just in case - no issue known
 					continue;
 				}
@@ -449,7 +449,7 @@ 
 			$offset += $limit;
 		} while ($this->access->hasMoreResults());
 
-		if(count($groupNames) > 0) {
+		if (count($groupNames) > 0) {
 			natsort($groupNames);
 			$this->result->addOptions($dbKey, array_values($groupNames));
 		} else {
@@ -457,7 +457,7 @@ 
 		}
 
 		$setFeatures = $this->configuration->$confKey;
-		if(is_array($setFeatures) && !empty($setFeatures)) {
+		if (is_array($setFeatures) && !empty($setFeatures)) {
 			//something is already configured? pre-select it.
 			$this->result->addChange($dbKey, $setFeatures);
 		}
@@ -465,14 +465,14 @@ 
 	}
 
 	public function determineGroupMemberAssoc() {
-		if(!$this->checkRequirements(array('ldapHost',
+		if (!$this->checkRequirements(array('ldapHost',
 										   'ldapPort',
 										   'ldapGroupFilter',
 										   ))) {
 			return  false;
 		}
 		$attribute = $this->detectGroupMemberAssoc();
-		if($attribute === false) {
+		if ($attribute === false) {
 			return false;
 		}
 		$this->configuration->setConfiguration(array('ldapGroupMemberAssocAttr' => $attribute));
@@ -487,14 +487,14 @@ 
 	 * @throws \Exception
 	 */
 	public function determineGroupObjectClasses() {
-		if(!$this->checkRequirements(array('ldapHost',
+		if (!$this->checkRequirements(array('ldapHost',
 										   'ldapPort',
 										   'ldapBase',
 										   ))) {
 			return  false;
 		}
 		$cr = $this->getConnection();
-		if(!$cr) {
+		if (!$cr) {
 			throw new \Exception('Could not connect to LDAP');
 		}
 
@@ -514,14 +514,14 @@ 
 	 * @throws \Exception
 	 */
 	public function determineUserObjectClasses() {
-		if(!$this->checkRequirements(array('ldapHost',
+		if (!$this->checkRequirements(array('ldapHost',
 										   'ldapPort',
 										   'ldapBase',
 										   ))) {
 			return  false;
 		}
 		$cr = $this->getConnection();
-		if(!$cr) {
+		if (!$cr) {
 			throw new \Exception('Could not connect to LDAP');
 		}
 
@@ -544,7 +544,7 @@ 
 	 * @throws \Exception
 	 */
 	public function getGroupFilter() {
-		if(!$this->checkRequirements(array('ldapHost',
+		if (!$this->checkRequirements(array('ldapHost',
 										   'ldapPort',
 										   'ldapBase',
 										   ))) {
@@ -568,7 +568,7 @@ 
 	 * @throws \Exception
 	 */
 	public function getUserListFilter() {
-		if(!$this->checkRequirements(array('ldapHost',
+		if (!$this->checkRequirements(array('ldapHost',
 										   'ldapPort',
 										   'ldapBase',
 										   ))) {
@@ -581,7 +581,7 @@ 
 			$this->applyFind('ldap_display_name', $d['ldap_display_name']);
 		}
 		$filter = $this->composeLdapFilter(self::LFILTER_USER_LIST);
-		if(!$filter) {
+		if (!$filter) {
 			throw new \Exception('Cannot create filter');
 		}
 
@@ -594,7 +594,7 @@ 
 	 * @throws \Exception
 	 */
 	public function getUserLoginFilter() {
-		if(!$this->checkRequirements(array('ldapHost',
+		if (!$this->checkRequirements(array('ldapHost',
 										   'ldapPort',
 										   'ldapBase',
 										   'ldapUserFilter',
@@ -603,7 +603,7 @@ 
 		}
 
 		$filter = $this->composeLdapFilter(self::LFILTER_LOGIN);
-		if(!$filter) {
+		if (!$filter) {
 			throw new \Exception('Cannot create filter');
 		}
 
@@ -617,7 +617,7 @@ 
 	 * @throws \Exception
 	 */
 	public function testLoginName($loginName) {
-		if(!$this->checkRequirements(array('ldapHost',
+		if (!$this->checkRequirements(array('ldapHost',
 			'ldapPort',
 			'ldapBase',
 			'ldapLoginFilter',
@@ -626,17 +626,17 @@ 
 		}
 
 		$cr = $this->access->connection->getConnectionResource();
-		if(!$this->ldap->isResource($cr)) {
+		if (!$this->ldap->isResource($cr)) {
 			throw new \Exception('connection error');
 		}
 
-		if(mb_strpos($this->access->connection->ldapLoginFilter, '%uid', 0, 'UTF-8')
+		if (mb_strpos($this->access->connection->ldapLoginFilter, '%uid', 0, 'UTF-8')
 			=== false) {
 			throw new \Exception('missing placeholder');
 		}
 
 		$users = $this->access->countUsersByLoginName($loginName);
-		if($this->ldap->errno($cr) !== 0) {
+		if ($this->ldap->errno($cr) !== 0) {
 			throw new \Exception($this->ldap->error($cr));
 		}
 		$filter = str_replace('%uid', $loginName, $this->access->connection->ldapLoginFilter);
@@ -651,22 +651,22 @@ 
 	 * @throws \Exception
 	 */
 	public function guessPortAndTLS() {
-		if(!$this->checkRequirements(array('ldapHost',
+		if (!$this->checkRequirements(array('ldapHost',
 										   ))) {
 			return false;
 		}
 		$this->checkHost();
 		$portSettings = $this->getPortSettingsToTry();
 
-		if(!is_array($portSettings)) {
+		if (!is_array($portSettings)) {
 			throw new \Exception(print_r($portSettings, true));
 		}
 
 		//proceed from the best configuration and return on first success
-		foreach($portSettings as $setting) {
+		foreach ($portSettings as $setting) {
 			$p = $setting['port'];
 			$t = $setting['tls'];
-			\OCP\Util::writeLog('user_ldap', 'Wiz: trying port '. $p . ', TLS '. $t, \OCP\Util::DEBUG);
+			\OCP\Util::writeLog('user_ldap', 'Wiz: trying port '.$p.', TLS '.$t, \OCP\Util::DEBUG);
 			//connectAndBind may throw Exception, it needs to be catched by the
 			//callee of this method
 
@@ -676,7 +676,7 @@ 
 				// any reply other than -1 (= cannot connect) is already okay,
 				// because then we found the server
 				// unavailable startTLS returns -11
-				if($e->getCode() > 0) {
+				if ($e->getCode() > 0) {
 					$settingsFound = true;
 				} else {
 					throw $e;
@@ -689,7 +689,7 @@ 
 					'ldapTLS' => intval($t)
 				);
 				$this->configuration->setConfiguration($config);
-				\OCP\Util::writeLog('user_ldap', 'Wiz: detected Port ' . $p, \OCP\Util::DEBUG);
+				\OCP\Util::writeLog('user_ldap', 'Wiz: detected Port '.$p, \OCP\Util::DEBUG);
 				$this->result->addChange('ldap_port', $p);
 				return $this->result;
 			}
@@ -704,7 +704,7 @@ 
 	 * @return WizardResult|false WizardResult on success, false otherwise
 	 */
 	public function guessBaseDN() {
-		if(!$this->checkRequirements(array('ldapHost',
+		if (!$this->checkRequirements(array('ldapHost',
 										   'ldapPort',
 										   ))) {
 			return false;
@@ -713,9 +713,9 @@ 
 		//check whether a DN is given in the agent name (99.9% of all cases)
 		$base = null;
 		$i = stripos($this->configuration->ldapAgentName, 'dc=');
-		if($i !== false) {
+		if ($i !== false) {
 			$base = substr($this->configuration->ldapAgentName, $i);
-			if($this->testBaseDN($base)) {
+			if ($this->testBaseDN($base)) {
 				$this->applyFind('ldap_base', $base);
 				return $this->result;
 			}
@@ -726,13 +726,13 @@ 
 		//a base DN
 		$helper = new Helper(\OC::$server->getConfig());
 		$domain = $helper->getDomainFromURL($this->configuration->ldapHost);
-		if(!$domain) {
+		if (!$domain) {
 			return false;
 		}
 
 		$dparts = explode('.', $domain);
-		while(count($dparts) > 0) {
-			$base2 = 'dc=' . implode(',dc=', $dparts);
+		while (count($dparts) > 0) {
+			$base2 = 'dc='.implode(',dc=', $dparts);
 			if ($base !== $base2 && $this->testBaseDN($base2)) {
 				$this->applyFind('ldap_base', $base2);
 				return $this->result;
@@ -765,7 +765,7 @@ 
 		$hostInfo = parse_url($host);
 
 		//removes Port from Host
-		if(is_array($hostInfo) && isset($hostInfo['port'])) {
+		if (is_array($hostInfo) && isset($hostInfo['port'])) {
 			$port = $hostInfo['port'];
 			$host = str_replace(':'.$port, '', $host);
 			$this->applyFind('ldap_host', $host);
@@ -782,30 +782,30 @@ 
 	private function detectGroupMemberAssoc() {
 		$possibleAttrs = array('uniqueMember', 'memberUid', 'member');
 		$filter = $this->configuration->ldapGroupFilter;
-		if(empty($filter)) {
+		if (empty($filter)) {
 			return false;
 		}
 		$cr = $this->getConnection();
-		if(!$cr) {
+		if (!$cr) {
 			throw new \Exception('Could not connect to LDAP');
 		}
 		$base = $this->configuration->ldapBase[0];
 		$rr = $this->ldap->search($cr, $base, $filter, $possibleAttrs, 0, 1000);
-		if(!$this->ldap->isResource($rr)) {
+		if (!$this->ldap->isResource($rr)) {
 			return false;
 		}
 		$er = $this->ldap->firstEntry($cr, $rr);
-		while(is_resource($er)) {
+		while (is_resource($er)) {
 			$this->ldap->getDN($cr, $er);
 			$attrs = $this->ldap->getAttributes($cr, $er);
 			$result = array();
 			$possibleAttrsCount = count($possibleAttrs);
-			for($i = 0; $i < $possibleAttrsCount; $i++) {
-				if(isset($attrs[$possibleAttrs[$i]])) {
+			for ($i = 0; $i < $possibleAttrsCount; $i++) {
+				if (isset($attrs[$possibleAttrs[$i]])) {
 					$result[$possibleAttrs[$i]] = $attrs[$possibleAttrs[$i]]['count'];
 				}
 			}
-			if(!empty($result)) {
+			if (!empty($result)) {
 				natsort($result);
 				return key($result);
 			}
@@ -824,14 +824,14 @@ 
 	 */
 	private function testBaseDN($base) {
 		$cr = $this->getConnection();
-		if(!$cr) {
+		if (!$cr) {
 			throw new \Exception('Could not connect to LDAP');
 		}
 
 		//base is there, let's validate it. If we search for anything, we should
 		//get a result set > 0 on a proper base
 		$rr = $this->ldap->search($cr, $base, 'objectClass=*', array('dn'), 0, 1);
-		if(!$this->ldap->isResource($rr)) {
+		if (!$this->ldap->isResource($rr)) {
 			$errorNo  = $this->ldap->errno($cr);
 			$errorMsg = $this->ldap->error($cr);
 			\OCP\Util::writeLog('user_ldap', 'Wiz: Could not search base '.$base.
@@ -853,11 +853,11 @@ 
 	 */
 	private function testMemberOf() {
 		$cr = $this->getConnection();
-		if(!$cr) {
+		if (!$cr) {
 			throw new \Exception('Could not connect to LDAP');
 		}
 		$result = $this->access->countUsers('memberOf=*', array('memberOf'), 1);
-		if(is_int($result) &&  $result > 0) {
+		if (is_int($result) && $result > 0) {
 			return true;
 		}
 		return false;
@@ -878,27 +878,27 @@ 
 			case self::LFILTER_USER_LIST:
 				$objcs = $this->configuration->ldapUserFilterObjectclass;
 				//glue objectclasses
-				if(is_array($objcs) && count($objcs) > 0) {
+				if (is_array($objcs) && count($objcs) > 0) {
 					$filter .= '(|';
-					foreach($objcs as $objc) {
-						$filter .= '(objectclass=' . $objc . ')';
+					foreach ($objcs as $objc) {
+						$filter .= '(objectclass='.$objc.')';
 					}
 					$filter .= ')';
 					$parts++;
 				}
 				//glue group memberships
-				if($this->configuration->hasMemberOfFilterSupport) {
+				if ($this->configuration->hasMemberOfFilterSupport) {
 					$cns = $this->configuration->ldapUserFilterGroups;
-					if(is_array($cns) && count($cns) > 0) {
+					if (is_array($cns) && count($cns) > 0) {
 						$filter .= '(|';
 						$cr = $this->getConnection();
-						if(!$cr) {
+						if (!$cr) {
 							throw new \Exception('Could not connect to LDAP');
 						}
 						$base = $this->configuration->ldapBase[0];
-						foreach($cns as $cn) {
-							$rr = $this->ldap->search($cr, $base, 'cn=' . $cn, array('dn', 'primaryGroupToken'));
-							if(!$this->ldap->isResource($rr)) {
+						foreach ($cns as $cn) {
+							$rr = $this->ldap->search($cr, $base, 'cn='.$cn, array('dn', 'primaryGroupToken'));
+							if (!$this->ldap->isResource($rr)) {
 								continue;
 							}
 							$er = $this->ldap->firstEntry($cr, $rr);
@@ -907,11 +907,11 @@ 
 							if ($dn == false || $dn === '') {
 								continue;
 							}
-							$filterPart = '(memberof=' . $dn . ')';
-							if(isset($attrs['primaryGroupToken'])) {
+							$filterPart = '(memberof='.$dn.')';
+							if (isset($attrs['primaryGroupToken'])) {
 								$pgt = $attrs['primaryGroupToken'][0];
-								$primaryFilterPart = '(primaryGroupID=' . $pgt .')';
-								$filterPart = '(|' . $filterPart . $primaryFilterPart . ')';
+								$primaryFilterPart = '(primaryGroupID='.$pgt.')';
+								$filterPart = '(|'.$filterPart.$primaryFilterPart.')';
 							}
 							$filter .= $filterPart;
 						}
@@ -920,8 +920,8 @@ 
 					$parts++;
 				}
 				//wrap parts in AND condition
-				if($parts > 1) {
-					$filter = '(&' . $filter . ')';
+				if ($parts > 1) {
+					$filter = '(&'.$filter.')';
 				}
 				if ($filter === '') {
 					$filter = '(objectclass=*)';
@@ -931,27 +931,27 @@ 
 			case self::LFILTER_GROUP_LIST:
 				$objcs = $this->configuration->ldapGroupFilterObjectclass;
 				//glue objectclasses
-				if(is_array($objcs) && count($objcs) > 0) {
+				if (is_array($objcs) && count($objcs) > 0) {
 					$filter .= '(|';
-					foreach($objcs as $objc) {
-						$filter .= '(objectclass=' . $objc . ')';
+					foreach ($objcs as $objc) {
+						$filter .= '(objectclass='.$objc.')';
 					}
 					$filter .= ')';
 					$parts++;
 				}
 				//glue group memberships
 				$cns = $this->configuration->ldapGroupFilterGroups;
-				if(is_array($cns) && count($cns) > 0) {
+				if (is_array($cns) && count($cns) > 0) {
 					$filter .= '(|';
-					foreach($cns as $cn) {
-						$filter .= '(cn=' . $cn . ')';
+					foreach ($cns as $cn) {
+						$filter .= '(cn='.$cn.')';
 					}
 					$filter .= ')';
 				}
 				$parts++;
 				//wrap parts in AND condition
-				if($parts > 1) {
-					$filter = '(&' . $filter . ')';
+				if ($parts > 1) {
+					$filter = '(&'.$filter.')';
 				}
 				break;
 
@@ -963,47 +963,47 @@ 
 				$userAttributes = array_change_key_case(array_flip($userAttributes));
 				$parts = 0;
 
-				if($this->configuration->ldapLoginFilterUsername === '1') {
+				if ($this->configuration->ldapLoginFilterUsername === '1') {
 					$attr = '';
-					if(isset($userAttributes['uid'])) {
+					if (isset($userAttributes['uid'])) {
 						$attr = 'uid';
-					} else if(isset($userAttributes['samaccountname'])) {
+					} else if (isset($userAttributes['samaccountname'])) {
 						$attr = 'samaccountname';
-					} else if(isset($userAttributes['cn'])) {
+					} else if (isset($userAttributes['cn'])) {
 						//fallback
 						$attr = 'cn';
 					}
 					if ($attr !== '') {
-						$filterUsername = '(' . $attr . $loginpart . ')';
+						$filterUsername = '('.$attr.$loginpart.')';
 						$parts++;
 					}
 				}
 
 				$filterEmail = '';
-				if($this->configuration->ldapLoginFilterEmail === '1') {
+				if ($this->configuration->ldapLoginFilterEmail === '1') {
 					$filterEmail = '(|(mailPrimaryAddress=%uid)(mail=%uid))';
 					$parts++;
 				}
 
 				$filterAttributes = '';
 				$attrsToFilter = $this->configuration->ldapLoginFilterAttributes;
-				if(is_array($attrsToFilter) && count($attrsToFilter) > 0) {
+				if (is_array($attrsToFilter) && count($attrsToFilter) > 0) {
 					$filterAttributes = '(|';
-					foreach($attrsToFilter as $attribute) {
-						$filterAttributes .= '(' . $attribute . $loginpart . ')';
+					foreach ($attrsToFilter as $attribute) {
+						$filterAttributes .= '('.$attribute.$loginpart.')';
 					}
 					$filterAttributes .= ')';
 					$parts++;
 				}
 
 				$filterLogin = '';
-				if($parts > 1) {
+				if ($parts > 1) {
 					$filterLogin = '(|';
 				}
 				$filterLogin .= $filterUsername;
 				$filterLogin .= $filterEmail;
 				$filterLogin .= $filterAttributes;
-				if($parts > 1) {
+				if ($parts > 1) {
 					$filterLogin .= ')';
 				}
 
@@ -1025,7 +1025,7 @@ 
 	 * @throws \Exception
 	 */
 	private function connectAndBind($port = 389, $tls = false, $ncc = false) {
-		if($ncc) {
+		if ($ncc) {
 			//No certificate check
 			//FIXME: undo afterwards
 			putenv('LDAPTLS_REQCERT=never');
@@ -1035,12 +1035,12 @@ 
 		\OCP\Util::writeLog('user_ldap', 'Wiz: Checking Host Info ', \OCP\Util::DEBUG);
 		$host = $this->configuration->ldapHost;
 		$hostInfo = parse_url($host);
-		if(!$hostInfo) {
+		if (!$hostInfo) {
 			throw new \Exception(self::$l->t('Invalid Host'));
 		}
 		\OCP\Util::writeLog('user_ldap', 'Wiz: Attempting to connect ', \OCP\Util::DEBUG);
 		$cr = $this->ldap->connect($host, $port);
-		if(!is_resource($cr)) {
+		if (!is_resource($cr)) {
 			throw new \Exception(self::$l->t('Invalid Host'));
 		}
 
@@ -1051,9 +1051,9 @@ 
 		$this->ldap->setOption($cr, LDAP_OPT_NETWORK_TIMEOUT, self::LDAP_NW_TIMEOUT);
 
 		try {
-			if($tls) {
+			if ($tls) {
 				$isTlsWorking = @$this->ldap->startTls($cr);
-				if(!$isTlsWorking) {
+				if (!$isTlsWorking) {
 					return false;
 				}
 			}
@@ -1067,20 +1067,20 @@ 
 			$errNo = $this->ldap->errno($cr);
 			$error = ldap_error($cr);
 			$this->ldap->unbind($cr);
-		} catch(ServerNotAvailableException $e) {
+		} catch (ServerNotAvailableException $e) {
 			return false;
 		}
 
-		if($login === true) {
+		if ($login === true) {
 			$this->ldap->unbind($cr);
-			if($ncc) {
+			if ($ncc) {
 				throw new \Exception('Certificate cannot be validated.');
 			}
-			\OCP\Util::writeLog('user_ldap', 'Wiz: Bind successful to Port '. $port . ' TLS ' . intval($tls), \OCP\Util::DEBUG);
+			\OCP\Util::writeLog('user_ldap', 'Wiz: Bind successful to Port '.$port.' TLS '.intval($tls), \OCP\Util::DEBUG);
 			return true;
 		}
 
-		if($errNo === -1 || ($errNo === 2 && $ncc)) {
+		if ($errNo === -1 || ($errNo === 2 && $ncc)) {
 			//host, port or TLS wrong
 			return false;
 		} else if ($errNo === 2) {
@@ -1110,9 +1110,9 @@ 
 	 */
 	private function checkRequirements($reqs) {
 		$this->checkAgentRequirements();
-		foreach($reqs as $option) {
+		foreach ($reqs as $option) {
 			$value = $this->configuration->$option;
-			if(empty($value)) {
+			if (empty($value)) {
 				return false;
 			}
 		}
@@ -1134,33 +1134,33 @@ 
 		$dnRead = array();
 		$foundItems = array();
 		$maxEntries = 0;
-		if(!is_array($this->configuration->ldapBase)
+		if (!is_array($this->configuration->ldapBase)
 		   || !isset($this->configuration->ldapBase[0])) {
 			return false;
 		}
 		$base = $this->configuration->ldapBase[0];
 		$cr = $this->getConnection();
-		if(!$this->ldap->isResource($cr)) {
+		if (!$this->ldap->isResource($cr)) {
 			return false;
 		}
 		$lastFilter = null;
-		if(isset($filters[count($filters)-1])) {
-			$lastFilter = $filters[count($filters)-1];
+		if (isset($filters[count($filters) - 1])) {
+			$lastFilter = $filters[count($filters) - 1];
 		}
-		foreach($filters as $filter) {
-			if($lastFilter === $filter && count($foundItems) > 0) {
+		foreach ($filters as $filter) {
+			if ($lastFilter === $filter && count($foundItems) > 0) {
 				//skip when the filter is a wildcard and results were found
 				continue;
 			}
 			// 20k limit for performance and reason
 			$rr = $this->ldap->search($cr, $base, $filter, array($attr), 0, 20000);
-			if(!$this->ldap->isResource($rr)) {
+			if (!$this->ldap->isResource($rr)) {
 				continue;
 			}
 			$entries = $this->ldap->countEntries($cr, $rr);
 			$getEntryFunc = 'firstEntry';
-			if(($entries !== false) && ($entries > 0)) {
-				if(!is_null($maxF) && $entries > $maxEntries) {
+			if (($entries !== false) && ($entries > 0)) {
+				if (!is_null($maxF) && $entries > $maxEntries) {
 					$maxEntries = $entries;
 					$maxF = $filter;
 				}
@@ -1168,13 +1168,13 @@ 
 				do {
 					$entry = $this->ldap->$getEntryFunc($cr, $rr);
 					$getEntryFunc = 'nextEntry';
-					if(!$this->ldap->isResource($entry)) {
+					if (!$this->ldap->isResource($entry)) {
 						continue 2;
 					}
 					$rr = $entry; //will be expected by nextEntry next round
 					$attributes = $this->ldap->getAttributes($cr, $entry);
 					$dn = $this->ldap->getDN($cr, $entry);
-					if($dn === false || in_array($dn, $dnRead)) {
+					if ($dn === false || in_array($dn, $dnRead)) {
 						continue;
 					}
 					$newItems = array();
@@ -1185,7 +1185,7 @@ 
 					$foundItems = array_merge($foundItems, $newItems);
 					$this->resultCache[$dn][$attr] = $newItems;
 					$dnRead[] = $dn;
-				} while(($state === self::LRESULT_PROCESSED_SKIP
+				} while (($state === self::LRESULT_PROCESSED_SKIP
 						|| $this->ldap->isResource($entry))
 						&& ($dnReadLimit === 0 || $dnReadCount < $dnReadLimit));
 			}
@@ -1208,11 +1208,11 @@ 
 	 */
 	private function determineFeature($objectclasses, $attr, $dbkey, $confkey, $po = false) {
 		$cr = $this->getConnection();
-		if(!$cr) {
+		if (!$cr) {
 			throw new \Exception('Could not connect to LDAP');
 		}
 		$p = 'objectclass=';
-		foreach($objectclasses as $key => $value) {
+		foreach ($objectclasses as $key => $value) {
 			$objectclasses[$key] = $p.$value;
 		}
 		$maxEntryObjC = '';
@@ -1224,7 +1224,7 @@ 
 		$availableFeatures =
 			$this->cumulativeSearchOnAttribute($objectclasses, $attr,
 											   $dig, $maxEntryObjC);
-		if(is_array($availableFeatures)
+		if (is_array($availableFeatures)
 		   && count($availableFeatures) > 0) {
 			natcasesort($availableFeatures);
 			//natcasesort keeps indices, but we must get rid of them for proper
@@ -1235,7 +1235,7 @@ 
 		}
 
 		$setFeatures = $this->configuration->$confkey;
-		if(is_array($setFeatures) && !empty($setFeatures)) {
+		if (is_array($setFeatures) && !empty($setFeatures)) {
 			//something is already configured? pre-select it.
 			$this->result->addChange($dbkey, $setFeatures);
 		} else if ($po && $maxEntryObjC !== '') {
@@ -1257,7 +1257,7 @@ 
 	 * LRESULT_PROCESSED_INVALID or LRESULT_PROCESSED_SKIP
 	 */
 	private function getAttributeValuesFromEntry($result, $attribute, &$known) {
-		if(!is_array($result)
+		if (!is_array($result)
 		   || !isset($result['count'])
 		   || !$result['count'] > 0) {
 			return self::LRESULT_PROCESSED_INVALID;
@@ -1266,12 +1266,12 @@ 
 		// strtolower on all keys for proper comparison
 		$result = \OCP\Util::mb_array_change_key_case($result);
 		$attribute = strtolower($attribute);
-		if(isset($result[$attribute])) {
-			foreach($result[$attribute] as $key => $val) {
-				if($key === 'count') {
+		if (isset($result[$attribute])) {
+			foreach ($result[$attribute] as $key => $val) {
+				if ($key === 'count') {
 					continue;
 				}
-				if(!in_array($val, $known)) {
+				if (!in_array($val, $known)) {
 					$known[] = $val;
 				}
 			}
@@ -1285,7 +1285,7 @@ 
 	 * @return bool|mixed
 	 */
 	private function getConnection() {
-		if(!is_null($this->cr)) {
+		if (!is_null($this->cr)) {
 			return $this->cr;
 		}
 
@@ -1297,14 +1297,14 @@ 
 		$this->ldap->setOption($cr, LDAP_OPT_PROTOCOL_VERSION, 3);
 		$this->ldap->setOption($cr, LDAP_OPT_REFERRALS, 0);
 		$this->ldap->setOption($cr, LDAP_OPT_NETWORK_TIMEOUT, self::LDAP_NW_TIMEOUT);
-		if($this->configuration->ldapTLS === 1) {
+		if ($this->configuration->ldapTLS === 1) {
 			$this->ldap->startTls($cr);
 		}
 
 		$lo = @$this->ldap->bind($cr,
 								 $this->configuration->ldapAgentName,
 								 $this->configuration->ldapAgentPassword);
-		if($lo === true) {
+		if ($lo === true) {
 			$this->$cr = $cr;
 			return $cr;
 		}
@@ -1339,14 +1339,14 @@ 
 		$portSettings = array();
 
 		//In case the port is already provided, we will check this first
-		if($port > 0) {
+		if ($port > 0) {
 			$hostInfo = parse_url($host);
-			if(!(is_array($hostInfo)
+			if (!(is_array($hostInfo)
 				&& isset($hostInfo['scheme'])
 				&& stripos($hostInfo['scheme'], 'ldaps') !== false)) {
 				$portSettings[] = array('port' => $port, 'tls' => true);
 			}
-			$portSettings[] =array('port' => $port, 'tls' => false);
+			$portSettings[] = array('port' => $port, 'tls' => false);
 		}
 
 		//default ports

lib/private/legacy/db.php

Doc Comments -1 removed lines

@@ -151,7 +151,6 @@
 	/**
 	 * saves database schema to xml file
 	 * @param string $file name of file
-	 * @param int $mode
 	 * @return bool
 	 *
 	 * TODO: write more documentation

Indentation +194 added lines, -194 removed lines

@@ -33,210 +33,210 @@
  */
 class OC_DB {
 
-	/**
-	 * get MDB2 schema manager
-	 *
-	 * @return \OC\DB\MDB2SchemaManager
-	 */
-	private static function getMDB2SchemaManager() {
-		return new \OC\DB\MDB2SchemaManager(\OC::$server->getDatabaseConnection());
-	}
+    /**
+     * get MDB2 schema manager
+     *
+     * @return \OC\DB\MDB2SchemaManager
+     */
+    private static function getMDB2SchemaManager() {
+        return new \OC\DB\MDB2SchemaManager(\OC::$server->getDatabaseConnection());
+    }
 
-	/**
-	 * Prepare a SQL query
-	 * @param string $query Query string
-	 * @param int $limit
-	 * @param int $offset
-	 * @param bool $isManipulation
-	 * @throws \OC\DatabaseException
-	 * @return OC_DB_StatementWrapper prepared SQL query
-	 *
-	 * SQL query via Doctrine prepare(), needs to be execute()'d!
-	 */
-	static public function prepare( $query , $limit = null, $offset = null, $isManipulation = null) {
-		$connection = \OC::$server->getDatabaseConnection();
+    /**
+     * Prepare a SQL query
+     * @param string $query Query string
+     * @param int $limit
+     * @param int $offset
+     * @param bool $isManipulation
+     * @throws \OC\DatabaseException
+     * @return OC_DB_StatementWrapper prepared SQL query
+     *
+     * SQL query via Doctrine prepare(), needs to be execute()'d!
+     */
+    static public function prepare( $query , $limit = null, $offset = null, $isManipulation = null) {
+        $connection = \OC::$server->getDatabaseConnection();
 
-		if ($isManipulation === null) {
-			//try to guess, so we return the number of rows on manipulations
-			$isManipulation = self::isManipulation($query);
-		}
+        if ($isManipulation === null) {
+            //try to guess, so we return the number of rows on manipulations
+            $isManipulation = self::isManipulation($query);
+        }
 
-		// return the result
-		try {
-			$result =$connection->prepare($query, $limit, $offset);
-		} catch (\Doctrine\DBAL\DBALException $e) {
-			throw new \OC\DatabaseException($e->getMessage(), $query);
-		}
-		// differentiate between query and manipulation
-		$result = new OC_DB_StatementWrapper($result, $isManipulation);
-		return $result;
-	}
+        // return the result
+        try {
+            $result =$connection->prepare($query, $limit, $offset);
+        } catch (\Doctrine\DBAL\DBALException $e) {
+            throw new \OC\DatabaseException($e->getMessage(), $query);
+        }
+        // differentiate between query and manipulation
+        $result = new OC_DB_StatementWrapper($result, $isManipulation);
+        return $result;
+    }
 
-	/**
-	 * tries to guess the type of statement based on the first 10 characters
-	 * the current check allows some whitespace but does not work with IF EXISTS or other more complex statements
-	 *
-	 * @param string $sql
-	 * @return bool
-	 */
-	static public function isManipulation( $sql ) {
-		$selectOccurrence = stripos($sql, 'SELECT');
-		if ($selectOccurrence !== false && $selectOccurrence < 10) {
-			return false;
-		}
-		$insertOccurrence = stripos($sql, 'INSERT');
-		if ($insertOccurrence !== false && $insertOccurrence < 10) {
-			return true;
-		}
-		$updateOccurrence = stripos($sql, 'UPDATE');
-		if ($updateOccurrence !== false && $updateOccurrence < 10) {
-			return true;
-		}
-		$deleteOccurrence = stripos($sql, 'DELETE');
-		if ($deleteOccurrence !== false && $deleteOccurrence < 10) {
-			return true;
-		}
-		return false;
-	}
+    /**
+     * tries to guess the type of statement based on the first 10 characters
+     * the current check allows some whitespace but does not work with IF EXISTS or other more complex statements
+     *
+     * @param string $sql
+     * @return bool
+     */
+    static public function isManipulation( $sql ) {
+        $selectOccurrence = stripos($sql, 'SELECT');
+        if ($selectOccurrence !== false && $selectOccurrence < 10) {
+            return false;
+        }
+        $insertOccurrence = stripos($sql, 'INSERT');
+        if ($insertOccurrence !== false && $insertOccurrence < 10) {
+            return true;
+        }
+        $updateOccurrence = stripos($sql, 'UPDATE');
+        if ($updateOccurrence !== false && $updateOccurrence < 10) {
+            return true;
+        }
+        $deleteOccurrence = stripos($sql, 'DELETE');
+        if ($deleteOccurrence !== false && $deleteOccurrence < 10) {
+            return true;
+        }
+        return false;
+    }
 
-	/**
-	 * execute a prepared statement, on error write log and throw exception
-	 * @param mixed $stmt OC_DB_StatementWrapper,
-	 *					  an array with 'sql' and optionally 'limit' and 'offset' keys
-	 *					.. or a simple sql query string
-	 * @param array $parameters
-	 * @return OC_DB_StatementWrapper
-	 * @throws \OC\DatabaseException
-	 */
-	static public function executeAudited( $stmt, array $parameters = null) {
-		if (is_string($stmt)) {
-			// convert to an array with 'sql'
-			if (stripos($stmt, 'LIMIT') !== false) { //OFFSET requires LIMIT, so we only need to check for LIMIT
-				// TODO try to convert LIMIT OFFSET notation to parameters
-				$message = 'LIMIT and OFFSET are forbidden for portability reasons,'
-						 . ' pass an array with \'limit\' and \'offset\' instead';
-				throw new \OC\DatabaseException($message);
-			}
-			$stmt = array('sql' => $stmt, 'limit' => null, 'offset' => null);
-		}
-		if (is_array($stmt)) {
-			// convert to prepared statement
-			if ( ! array_key_exists('sql', $stmt) ) {
-				$message = 'statement array must at least contain key \'sql\'';
-				throw new \OC\DatabaseException($message);
-			}
-			if ( ! array_key_exists('limit', $stmt) ) {
-				$stmt['limit'] = null;
-			}
-			if ( ! array_key_exists('limit', $stmt) ) {
-				$stmt['offset'] = null;
-			}
-			$stmt = self::prepare($stmt['sql'], $stmt['limit'], $stmt['offset']);
-		}
-		self::raiseExceptionOnError($stmt, 'Could not prepare statement');
-		if ($stmt instanceof OC_DB_StatementWrapper) {
-			$result = $stmt->execute($parameters);
-			self::raiseExceptionOnError($result, 'Could not execute statement');
-		} else {
-			if (is_object($stmt)) {
-				$message = 'Expected a prepared statement or array got ' . get_class($stmt);
-			} else {
-				$message = 'Expected a prepared statement or array got ' . gettype($stmt);
-			}
-			throw new \OC\DatabaseException($message);
-		}
-		return $result;
-	}
+    /**
+     * execute a prepared statement, on error write log and throw exception
+     * @param mixed $stmt OC_DB_StatementWrapper,
+     *					  an array with 'sql' and optionally 'limit' and 'offset' keys
+     *					.. or a simple sql query string
+     * @param array $parameters
+     * @return OC_DB_StatementWrapper
+     * @throws \OC\DatabaseException
+     */
+    static public function executeAudited( $stmt, array $parameters = null) {
+        if (is_string($stmt)) {
+            // convert to an array with 'sql'
+            if (stripos($stmt, 'LIMIT') !== false) { //OFFSET requires LIMIT, so we only need to check for LIMIT
+                // TODO try to convert LIMIT OFFSET notation to parameters
+                $message = 'LIMIT and OFFSET are forbidden for portability reasons,'
+                            . ' pass an array with \'limit\' and \'offset\' instead';
+                throw new \OC\DatabaseException($message);
+            }
+            $stmt = array('sql' => $stmt, 'limit' => null, 'offset' => null);
+        }
+        if (is_array($stmt)) {
+            // convert to prepared statement
+            if ( ! array_key_exists('sql', $stmt) ) {
+                $message = 'statement array must at least contain key \'sql\'';
+                throw new \OC\DatabaseException($message);
+            }
+            if ( ! array_key_exists('limit', $stmt) ) {
+                $stmt['limit'] = null;
+            }
+            if ( ! array_key_exists('limit', $stmt) ) {
+                $stmt['offset'] = null;
+            }
+            $stmt = self::prepare($stmt['sql'], $stmt['limit'], $stmt['offset']);
+        }
+        self::raiseExceptionOnError($stmt, 'Could not prepare statement');
+        if ($stmt instanceof OC_DB_StatementWrapper) {
+            $result = $stmt->execute($parameters);
+            self::raiseExceptionOnError($result, 'Could not execute statement');
+        } else {
+            if (is_object($stmt)) {
+                $message = 'Expected a prepared statement or array got ' . get_class($stmt);
+            } else {
+                $message = 'Expected a prepared statement or array got ' . gettype($stmt);
+            }
+            throw new \OC\DatabaseException($message);
+        }
+        return $result;
+    }
 
-	/**
-	 * saves database schema to xml file
-	 * @param string $file name of file
-	 * @param int $mode
-	 * @return bool
-	 *
-	 * TODO: write more documentation
-	 */
-	public static function getDbStructure($file) {
-		$schemaManager = self::getMDB2SchemaManager();
-		return $schemaManager->getDbStructure($file);
-	}
+    /**
+     * saves database schema to xml file
+     * @param string $file name of file
+     * @param int $mode
+     * @return bool
+     *
+     * TODO: write more documentation
+     */
+    public static function getDbStructure($file) {
+        $schemaManager = self::getMDB2SchemaManager();
+        return $schemaManager->getDbStructure($file);
+    }
 
-	/**
-	 * Creates tables from XML file
-	 * @param string $file file to read structure from
-	 * @return bool
-	 *
-	 * TODO: write more documentation
-	 */
-	public static function createDbFromStructure( $file ) {
-		$schemaManager = self::getMDB2SchemaManager();
-		$result = $schemaManager->createDbFromStructure($file);
-		return $result;
-	}
+    /**
+     * Creates tables from XML file
+     * @param string $file file to read structure from
+     * @return bool
+     *
+     * TODO: write more documentation
+     */
+    public static function createDbFromStructure( $file ) {
+        $schemaManager = self::getMDB2SchemaManager();
+        $result = $schemaManager->createDbFromStructure($file);
+        return $result;
+    }
 
-	/**
-	 * update the database schema
-	 * @param string $file file to read structure from
-	 * @throws Exception
-	 * @return string|boolean
-	 */
-	public static function updateDbFromStructure($file) {
-		$schemaManager = self::getMDB2SchemaManager();
-		try {
-			$result = $schemaManager->updateDbFromStructure($file);
-		} catch (Exception $e) {
-			\OCP\Util::writeLog('core', 'Failed to update database structure ('.$e.')', \OCP\Util::FATAL);
-			throw $e;
-		}
-		return $result;
-	}
+    /**
+     * update the database schema
+     * @param string $file file to read structure from
+     * @throws Exception
+     * @return string|boolean
+     */
+    public static function updateDbFromStructure($file) {
+        $schemaManager = self::getMDB2SchemaManager();
+        try {
+            $result = $schemaManager->updateDbFromStructure($file);
+        } catch (Exception $e) {
+            \OCP\Util::writeLog('core', 'Failed to update database structure ('.$e.')', \OCP\Util::FATAL);
+            throw $e;
+        }
+        return $result;
+    }
 
-	/**
-	 * remove all tables defined in a database structure xml file
-	 * @param string $file the xml file describing the tables
-	 */
-	public static function removeDBStructure($file) {
-		$schemaManager = self::getMDB2SchemaManager();
-		$schemaManager->removeDBStructure($file);
-	}
+    /**
+     * remove all tables defined in a database structure xml file
+     * @param string $file the xml file describing the tables
+     */
+    public static function removeDBStructure($file) {
+        $schemaManager = self::getMDB2SchemaManager();
+        $schemaManager->removeDBStructure($file);
+    }
 
-	/**
-	 * check if a result is an error and throws an exception, works with \Doctrine\DBAL\DBALException
-	 * @param mixed $result
-	 * @param string $message
-	 * @return void
-	 * @throws \OC\DatabaseException
-	 */
-	public static function raiseExceptionOnError($result, $message = null) {
-		if($result === false) {
-			if ($message === null) {
-				$message = self::getErrorMessage();
-			} else {
-				$message .= ', Root cause:' . self::getErrorMessage();
-			}
-			throw new \OC\DatabaseException($message, \OC::$server->getDatabaseConnection()->errorCode());
-		}
-	}
+    /**
+     * check if a result is an error and throws an exception, works with \Doctrine\DBAL\DBALException
+     * @param mixed $result
+     * @param string $message
+     * @return void
+     * @throws \OC\DatabaseException
+     */
+    public static function raiseExceptionOnError($result, $message = null) {
+        if($result === false) {
+            if ($message === null) {
+                $message = self::getErrorMessage();
+            } else {
+                $message .= ', Root cause:' . self::getErrorMessage();
+            }
+            throw new \OC\DatabaseException($message, \OC::$server->getDatabaseConnection()->errorCode());
+        }
+    }
 
-	/**
-	 * returns the error code and message as a string for logging
-	 * works with DoctrineException
-	 * @return string
-	 */
-	public static function getErrorMessage() {
-		$connection = \OC::$server->getDatabaseConnection();
-		return $connection->getError();
-	}
+    /**
+     * returns the error code and message as a string for logging
+     * works with DoctrineException
+     * @return string
+     */
+    public static function getErrorMessage() {
+        $connection = \OC::$server->getDatabaseConnection();
+        return $connection->getError();
+    }
 
-	/**
-	 * Checks if a table exists in the database - the database prefix will be prepended
-	 *
-	 * @param string $table
-	 * @return bool
-	 * @throws \OC\DatabaseException
-	 */
-	public static function tableExists($table) {
-		$connection = \OC::$server->getDatabaseConnection();
-		return $connection->tableExists($table);
-	}
+    /**
+     * Checks if a table exists in the database - the database prefix will be prepended
+     *
+     * @param string $table
+     * @return bool
+     * @throws \OC\DatabaseException
+     */
+    public static function tableExists($table) {
+        $connection = \OC::$server->getDatabaseConnection();
+        return $connection->tableExists($table);
+    }
 }

Spacing +12 added lines, -12 removed lines

@@ -53,7 +53,7 @@ 
 	 *
 	 * SQL query via Doctrine prepare(), needs to be execute()'d!
 	 */
-	static public function prepare( $query , $limit = null, $offset = null, $isManipulation = null) {
+	static public function prepare($query, $limit = null, $offset = null, $isManipulation = null) {
 		$connection = \OC::$server->getDatabaseConnection();
 
 		if ($isManipulation === null) {
@@ -63,7 +63,7 @@ 
 
 		// return the result
 		try {
-			$result =$connection->prepare($query, $limit, $offset);
+			$result = $connection->prepare($query, $limit, $offset);
 		} catch (\Doctrine\DBAL\DBALException $e) {
 			throw new \OC\DatabaseException($e->getMessage(), $query);
 		}
@@ -79,7 +79,7 @@ 
 	 * @param string $sql
 	 * @return bool
 	 */
-	static public function isManipulation( $sql ) {
+	static public function isManipulation($sql) {
 		$selectOccurrence = stripos($sql, 'SELECT');
 		if ($selectOccurrence !== false && $selectOccurrence < 10) {
 			return false;
@@ -108,7 +108,7 @@ 
 	 * @return OC_DB_StatementWrapper
 	 * @throws \OC\DatabaseException
 	 */
-	static public function executeAudited( $stmt, array $parameters = null) {
+	static public function executeAudited($stmt, array $parameters = null) {
 		if (is_string($stmt)) {
 			// convert to an array with 'sql'
 			if (stripos($stmt, 'LIMIT') !== false) { //OFFSET requires LIMIT, so we only need to check for LIMIT
@@ -121,14 +121,14 @@ 
 		}
 		if (is_array($stmt)) {
 			// convert to prepared statement
-			if ( ! array_key_exists('sql', $stmt) ) {
+			if (!array_key_exists('sql', $stmt)) {
 				$message = 'statement array must at least contain key \'sql\'';
 				throw new \OC\DatabaseException($message);
 			}
-			if ( ! array_key_exists('limit', $stmt) ) {
+			if (!array_key_exists('limit', $stmt)) {
 				$stmt['limit'] = null;
 			}
-			if ( ! array_key_exists('limit', $stmt) ) {
+			if (!array_key_exists('limit', $stmt)) {
 				$stmt['offset'] = null;
 			}
 			$stmt = self::prepare($stmt['sql'], $stmt['limit'], $stmt['offset']);
@@ -139,9 +139,9 @@ 
 			self::raiseExceptionOnError($result, 'Could not execute statement');
 		} else {
 			if (is_object($stmt)) {
-				$message = 'Expected a prepared statement or array got ' . get_class($stmt);
+				$message = 'Expected a prepared statement or array got '.get_class($stmt);
 			} else {
-				$message = 'Expected a prepared statement or array got ' . gettype($stmt);
+				$message = 'Expected a prepared statement or array got '.gettype($stmt);
 			}
 			throw new \OC\DatabaseException($message);
 		}
@@ -168,7 +168,7 @@ 
 	 *
 	 * TODO: write more documentation
 	 */
-	public static function createDbFromStructure( $file ) {
+	public static function createDbFromStructure($file) {
 		$schemaManager = self::getMDB2SchemaManager();
 		$result = $schemaManager->createDbFromStructure($file);
 		return $result;
@@ -208,11 +208,11 @@ 
 	 * @throws \OC\DatabaseException
 	 */
 	public static function raiseExceptionOnError($result, $message = null) {
-		if($result === false) {
+		if ($result === false) {
 			if ($message === null) {
 				$message = self::getErrorMessage();
 			} else {
-				$message .= ', Root cause:' . self::getErrorMessage();
+				$message .= ', Root cause:'.self::getErrorMessage();
 			}
 			throw new \OC\DatabaseException($message, \OC::$server->getDatabaseConnection()->errorCode());
 		}

lib/private/legacy/files.php

Doc Comments +1 added lines, -1 removed lines

@@ -334,7 +334,7 @@
 	 *
 	 * @param int $size file size in bytes
 	 * @param array $files override '.htaccess' and '.user.ini' locations
-	 * @return bool false on failure, size on success
+	 * @return integer false on failure, size on success
 	 */
 	public static function setUploadLimit($size, $files = []) {
 		//don't allow user to break his config

Spacing +21 added lines, -21 removed lines

@@ -115,7 +115,7 @@ 
 			}
 
 			if (!is_array($files)) {
-				$filename = $dir . '/' . $files;
+				$filename = $dir.'/'.$files;
 				if (!$view->is_dir($filename)) {
 					self::getSingleFile($view, $dir, $files, is_null($params) ? array() : $params);
 					return;
@@ -130,9 +130,9 @@ 
 					$name = $basename;
 				}
 
-				$filename = $dir . '/' . $name;
+				$filename = $dir.'/'.$name;
 			} else {
-				$filename = $dir . '/' . $files;
+				$filename = $dir.'/'.$files;
 				$getType = self::ZIP_DIR;
 				// downloading root ?
 				if ($files !== '') {
@@ -151,7 +151,7 @@ 
 			ignore_user_abort(true);
 			if ($getType === self::ZIP_FILES) {
 				foreach ($files as $file) {
-					$file = $dir . '/' . $file;
+					$file = $dir.'/'.$file;
 					if (\OC\Files\Filesystem::is_file($file)) {
 						$fileSize = \OC\Files\Filesystem::filesize($file);
 						$fileTime = \OC\Files\Filesystem::filemtime($file);
@@ -163,7 +163,7 @@ 
 					}
 				}
 			} elseif ($getType === self::ZIP_DIR) {
-				$file = $dir . '/' . $files;
+				$file = $dir.'/'.$files;
 				$streamer->addDirRecursive($file);
 			}
 			$streamer->finalize();
@@ -195,7 +195,7 @@ 
 	 * @return array $rangeArray ('from'=>int,'to'=>int), ...
 	 */
 	private static function parseHttpRangeHeader($rangeHeaderPos, $fileSize) {
-		$rArray=explode(',', $rangeHeaderPos);
+		$rArray = explode(',', $rangeHeaderPos);
 		$minOffset = 0;
 		$ind = 0;
 
@@ -207,7 +207,7 @@ 
 				if ($ranges[0] < $minOffset) { // case: bytes=500-700,601-999
 					$ranges[0] = $minOffset;
 				}
-				if ($ind > 0 && $rangeArray[$ind-1]['to']+1 == $ranges[0]) { // case: bytes=500-600,601-999
+				if ($ind > 0 && $rangeArray[$ind - 1]['to'] + 1 == $ranges[0]) { // case: bytes=500-600,601-999
 					$ind--;
 					$ranges[0] = $rangeArray[$ind]['from'];
 				}
@@ -216,9 +216,9 @@ 
 			if (is_numeric($ranges[0]) && is_numeric($ranges[1]) && $ranges[0] < $fileSize && $ranges[0] <= $ranges[1]) {
 				// case: x-x
 				if ($ranges[1] >= $fileSize) {
-					$ranges[1] = $fileSize-1;
+					$ranges[1] = $fileSize - 1;
 				}
-				$rangeArray[$ind++] = array( 'from' => $ranges[0], 'to' => $ranges[1], 'size' => $fileSize );
+				$rangeArray[$ind++] = array('from' => $ranges[0], 'to' => $ranges[1], 'size' => $fileSize);
 				$minOffset = $ranges[1] + 1;
 				if ($minOffset >= $fileSize) {
 					break;
@@ -226,7 +226,7 @@ 
 			}
 			elseif (is_numeric($ranges[0]) && $ranges[0] < $fileSize) {
 				// case: x-
-				$rangeArray[$ind++] = array( 'from' => $ranges[0], 'to' => $fileSize-1, 'size' => $fileSize );
+				$rangeArray[$ind++] = array('from' => $ranges[0], 'to' => $fileSize - 1, 'size' => $fileSize);
 				break;
 			}
 			elseif (is_numeric($ranges[1])) {
@@ -234,7 +234,7 @@ 
 				if ($ranges[1] > $fileSize) {
 					$ranges[1] = $fileSize;
 				}
-				$rangeArray[$ind++] = array( 'from' => $fileSize-$ranges[1], 'to' => $fileSize-1, 'size' => $fileSize );
+				$rangeArray[$ind++] = array('from' => $fileSize - $ranges[1], 'to' => $fileSize - 1, 'size' => $fileSize);
 				break;
 			}
 		}
@@ -248,7 +248,7 @@ 
 	 * @param array $params ; 'head' boolean to only send header of the request ; 'range' http range header
 	 */
 	private static function getSingleFile($view, $dir, $name, $params) {
-		$filename = $dir . '/' . $name;
+		$filename = $dir.'/'.$name;
 		OC_Util::obEnd();
 		$view->lockFile($filename, ILockingProvider::LOCK_SHARED);
 		
@@ -314,17 +314,17 @@ 
 	 */
 	public static function lockFiles($view, $dir, $files) {
 		if (!is_array($files)) {
-			$file = $dir . '/' . $files;
+			$file = $dir.'/'.$files;
 			$files = [$file];
 		}
 		foreach ($files as $file) {
-			$file = $dir . '/' . $file;
+			$file = $dir.'/'.$file;
 			$view->lockFile($file, ILockingProvider::LOCK_SHARED);
 			if ($view->is_dir($file)) {
 				$contents = $view->getDirectoryContent($file);
 				$contents = array_map(function($fileInfo) use ($file) {
 					/** @var \OCP\Files\FileInfo $fileInfo */
-					return $file . '/' . $fileInfo->getName();
+					return $file.'/'.$fileInfo->getName();
 				}, $contents);
 				self::lockFiles($view, $dir, $contents);
 			}
@@ -353,8 +353,8 @@ 
 
 		// default locations if not overridden by $files
 		$files = array_merge([
-			'.htaccess' => OC::$SERVERROOT . '/.htaccess',
-			'.user.ini' => OC::$SERVERROOT . '/.user.ini'
+			'.htaccess' => OC::$SERVERROOT.'/.htaccess',
+			'.user.ini' => OC::$SERVERROOT.'/.user.ini'
 		], $files);
 
 		$updateFiles = [
@@ -375,7 +375,7 @@ 
 			$handle = @fopen($filename, 'r+');
 			if (!$handle) {
 				\OCP\Util::writeLog('files',
-					'Can\'t write upload limit to ' . $filename . '. Please check the file permissions',
+					'Can\'t write upload limit to '.$filename.'. Please check the file permissions',
 					\OCP\Util::WARN);
 				$success = false;
 				continue; // try to update as many files as possible
@@ -395,7 +395,7 @@ 
 					$content = $newContent;
 				}
 				if ($hasReplaced === 0) {
-					$content .= "\n" . $setting;
+					$content .= "\n".$setting;
 				}
 			}
 
@@ -426,12 +426,12 @@ 
 		}
 		if ($getType === self::ZIP_FILES) {
 			foreach ($files as $file) {
-				$file = $dir . '/' . $file;
+				$file = $dir.'/'.$file;
 				$view->unlockFile($file, ILockingProvider::LOCK_SHARED);
 			}
 		}
 		if ($getType === self::ZIP_DIR) {
-			$file = $dir . '/' . $files;
+			$file = $dir.'/'.$files;
 			$view->unlockFile($file, ILockingProvider::LOCK_SHARED);
 		}
 	}

Braces +6 added lines, -12 removed lines

@@ -83,13 +83,11 @@ 
 			    if (count($rangeArray) > 1) {
 				$type = 'multipart/byteranges; boundary='.self::getBoundary();
 				// no Content-Length header here
-			    }
-			    else {
+			    } else {
 				header(sprintf('Content-Range: bytes %d-%d/%d', $rangeArray[0]['from'], $rangeArray[0]['to'], $fileSize), true);
 				OC_Response::setContentLengthHeader($rangeArray[0]['to'] - $rangeArray[0]['from'] + 1);
 			    }
-			}
-			else {
+			} else {
 			    OC_Response::setContentLengthHeader($fileSize);
 			}
 		}
@@ -223,13 +221,11 @@ 
 				if ($minOffset >= $fileSize) {
 					break;
 				}
-			}
-			elseif (is_numeric($ranges[0]) && $ranges[0] < $fileSize) {
+			} elseif (is_numeric($ranges[0]) && $ranges[0] < $fileSize) {
 				// case: x-
 				$rangeArray[$ind++] = array( 'from' => $ranges[0], 'to' => $fileSize-1, 'size' => $fileSize );
 				break;
-			}
-			elseif (is_numeric($ranges[1])) {
+			} elseif (is_numeric($ranges[1])) {
 				// case: -x
 				if ($ranges[1] > $fileSize) {
 					$ranges[1] = $fileSize;
@@ -277,8 +273,7 @@ 
 			try {
 			    if (count($rangeArray) == 1) {
 				$view->readfilePart($filename, $rangeArray[0]['from'], $rangeArray[0]['to']);
-			    }
-			    else {
+			    } else {
 				// check if file is seekable (if not throw UnseekableException)
 				// we have to check it before body contents
 				$view->readfilePart($filename, $rangeArray[0]['size'], $rangeArray[0]['size']);
@@ -301,8 +296,7 @@ 
 			    self::sendHeaders($filename, $name, array());
 			    $view->readfile($filename);
 			}
-		}
-		else {
+		} else {
 		    $view->readfile($filename);
 		}
 	}

Indentation +388 added lines, -388 removed lines

@@ -46,396 +46,396 @@
  *
  */
 class OC_Files {
-	const FILE = 1;
-	const ZIP_FILES = 2;
-	const ZIP_DIR = 3;
-
-	const UPLOAD_MIN_LIMIT_BYTES = 1048576; // 1 MiB
-
-
-	private static $multipartBoundary = '';
-
-	/**
-	 * @return string
-	 */
-	private static function getBoundary() {
-		if (empty(self::$multipartBoundary)) {
-			self::$multipartBoundary = md5(mt_rand());
-		}
-		return self::$multipartBoundary;
-	}
-
-	/**
-	 * @param string $filename
-	 * @param string $name
-	 * @param array $rangeArray ('from'=>int,'to'=>int), ...
-	 */
-	private static function sendHeaders($filename, $name, array $rangeArray) {
-		OC_Response::setContentDispositionHeader($name, 'attachment');
-		header('Content-Transfer-Encoding: binary', true);
-		OC_Response::disableCaching();
-		$fileSize = \OC\Files\Filesystem::filesize($filename);
-		$type = \OC::$server->getMimeTypeDetector()->getSecureMimeType(\OC\Files\Filesystem::getMimeType($filename));
-		if ($fileSize > -1) {
-			if (!empty($rangeArray)) {
-			    header('HTTP/1.1 206 Partial Content', true);
-			    header('Accept-Ranges: bytes', true);
-			    if (count($rangeArray) > 1) {
-				$type = 'multipart/byteranges; boundary='.self::getBoundary();
-				// no Content-Length header here
-			    }
-			    else {
-				header(sprintf('Content-Range: bytes %d-%d/%d', $rangeArray[0]['from'], $rangeArray[0]['to'], $fileSize), true);
-				OC_Response::setContentLengthHeader($rangeArray[0]['to'] - $rangeArray[0]['from'] + 1);
-			    }
-			}
-			else {
-			    OC_Response::setContentLengthHeader($fileSize);
-			}
-		}
-		header('Content-Type: '.$type, true);
-	}
-
-	/**
-	 * return the content of a file or return a zip file containing multiple files
-	 *
-	 * @param string $dir
-	 * @param string $files ; separated list of files to download
-	 * @param array $params ; 'head' boolean to only send header of the request ; 'range' http range header
-	 */
-	public static function get($dir, $files, $params = null) {
-
-		$view = \OC\Files\Filesystem::getView();
-		$getType = self::FILE;
-		$filename = $dir;
-		try {
-
-			if (is_array($files) && count($files) === 1) {
-				$files = $files[0];
-			}
-
-			if (!is_array($files)) {
-				$filename = $dir . '/' . $files;
-				if (!$view->is_dir($filename)) {
-					self::getSingleFile($view, $dir, $files, is_null($params) ? array() : $params);
-					return;
-				}
-			}
-
-			$name = 'download';
-			if (is_array($files)) {
-				$getType = self::ZIP_FILES;
-				$basename = basename($dir);
-				if ($basename) {
-					$name = $basename;
-				}
-
-				$filename = $dir . '/' . $name;
-			} else {
-				$filename = $dir . '/' . $files;
-				$getType = self::ZIP_DIR;
-				// downloading root ?
-				if ($files !== '') {
-					$name = $files;
-				}
-			}
-
-			$streamer = new Streamer();
-			OC_Util::obEnd();
-
-			self::lockFiles($view, $dir, $files);
-
-			$streamer->sendHeaders($name);
-			$executionTime = intval(OC::$server->getIniWrapper()->getNumeric('max_execution_time'));
-			if (strpos(@ini_get('disable_functions'), 'set_time_limit') === false) {
-				@set_time_limit(0);
-			}
-			ignore_user_abort(true);
-			if ($getType === self::ZIP_FILES) {
-				foreach ($files as $file) {
-					$file = $dir . '/' . $file;
-					if (\OC\Files\Filesystem::is_file($file)) {
-						$fileSize = \OC\Files\Filesystem::filesize($file);
-						$fileTime = \OC\Files\Filesystem::filemtime($file);
-						$fh = \OC\Files\Filesystem::fopen($file, 'r');
-						$streamer->addFileFromStream($fh, basename($file), $fileSize, $fileTime);
-						fclose($fh);
-					} elseif (\OC\Files\Filesystem::is_dir($file)) {
-						$streamer->addDirRecursive($file);
-					}
-				}
-			} elseif ($getType === self::ZIP_DIR) {
-				$file = $dir . '/' . $files;
-				$streamer->addDirRecursive($file);
-			}
-			$streamer->finalize();
-			set_time_limit($executionTime);
-			self::unlockAllTheFiles($dir, $files, $getType, $view, $filename);
-		} catch (\OCP\Lock\LockedException $ex) {
-			self::unlockAllTheFiles($dir, $files, $getType, $view, $filename);
-			OC::$server->getLogger()->logException($ex);
-			$l = \OC::$server->getL10N('core');
-			$hint = method_exists($ex, 'getHint') ? $ex->getHint() : '';
-			\OC_Template::printErrorPage($l->t('File is currently busy, please try again later'), $hint);
-		} catch (\OCP\Files\ForbiddenException $ex) {
-			self::unlockAllTheFiles($dir, $files, $getType, $view, $filename);
-			OC::$server->getLogger()->logException($ex);
-			$l = \OC::$server->getL10N('core');
-			\OC_Template::printErrorPage($l->t('Can\'t read file'), $ex->getMessage());
-		} catch (\Exception $ex) {
-			self::unlockAllTheFiles($dir, $files, $getType, $view, $filename);
-			OC::$server->getLogger()->logException($ex);
-			$l = \OC::$server->getL10N('core');
-			$hint = method_exists($ex, 'getHint') ? $ex->getHint() : '';
-			\OC_Template::printErrorPage($l->t('Can\'t read file'), $hint);
-		}
-	}
-
-	/**
-	 * @param string $rangeHeaderPos
-	 * @param int $fileSize
-	 * @return array $rangeArray ('from'=>int,'to'=>int), ...
-	 */
-	private static function parseHttpRangeHeader($rangeHeaderPos, $fileSize) {
-		$rArray=explode(',', $rangeHeaderPos);
-		$minOffset = 0;
-		$ind = 0;
-
-		$rangeArray = array();
-
-		foreach ($rArray as $value) {
-			$ranges = explode('-', $value);
-			if (is_numeric($ranges[0])) {
-				if ($ranges[0] < $minOffset) { // case: bytes=500-700,601-999
-					$ranges[0] = $minOffset;
-				}
-				if ($ind > 0 && $rangeArray[$ind-1]['to']+1 == $ranges[0]) { // case: bytes=500-600,601-999
-					$ind--;
-					$ranges[0] = $rangeArray[$ind]['from'];
-				}
-			}
-
-			if (is_numeric($ranges[0]) && is_numeric($ranges[1]) && $ranges[0] < $fileSize && $ranges[0] <= $ranges[1]) {
-				// case: x-x
-				if ($ranges[1] >= $fileSize) {
-					$ranges[1] = $fileSize-1;
-				}
-				$rangeArray[$ind++] = array( 'from' => $ranges[0], 'to' => $ranges[1], 'size' => $fileSize );
-				$minOffset = $ranges[1] + 1;
-				if ($minOffset >= $fileSize) {
-					break;
-				}
-			}
-			elseif (is_numeric($ranges[0]) && $ranges[0] < $fileSize) {
-				// case: x-
-				$rangeArray[$ind++] = array( 'from' => $ranges[0], 'to' => $fileSize-1, 'size' => $fileSize );
-				break;
-			}
-			elseif (is_numeric($ranges[1])) {
-				// case: -x
-				if ($ranges[1] > $fileSize) {
-					$ranges[1] = $fileSize;
-				}
-				$rangeArray[$ind++] = array( 'from' => $fileSize-$ranges[1], 'to' => $fileSize-1, 'size' => $fileSize );
-				break;
-			}
-		}
-		return $rangeArray;
-	}
-
-	/**
-	 * @param View $view
-	 * @param string $name
-	 * @param string $dir
-	 * @param array $params ; 'head' boolean to only send header of the request ; 'range' http range header
-	 */
-	private static function getSingleFile($view, $dir, $name, $params) {
-		$filename = $dir . '/' . $name;
-		OC_Util::obEnd();
-		$view->lockFile($filename, ILockingProvider::LOCK_SHARED);
+    const FILE = 1;
+    const ZIP_FILES = 2;
+    const ZIP_DIR = 3;
+
+    const UPLOAD_MIN_LIMIT_BYTES = 1048576; // 1 MiB
+
+
+    private static $multipartBoundary = '';
+
+    /**
+     * @return string
+     */
+    private static function getBoundary() {
+        if (empty(self::$multipartBoundary)) {
+            self::$multipartBoundary = md5(mt_rand());
+        }
+        return self::$multipartBoundary;
+    }
+
+    /**
+     * @param string $filename
+     * @param string $name
+     * @param array $rangeArray ('from'=>int,'to'=>int), ...
+     */
+    private static function sendHeaders($filename, $name, array $rangeArray) {
+        OC_Response::setContentDispositionHeader($name, 'attachment');
+        header('Content-Transfer-Encoding: binary', true);
+        OC_Response::disableCaching();
+        $fileSize = \OC\Files\Filesystem::filesize($filename);
+        $type = \OC::$server->getMimeTypeDetector()->getSecureMimeType(\OC\Files\Filesystem::getMimeType($filename));
+        if ($fileSize > -1) {
+            if (!empty($rangeArray)) {
+                header('HTTP/1.1 206 Partial Content', true);
+                header('Accept-Ranges: bytes', true);
+                if (count($rangeArray) > 1) {
+                $type = 'multipart/byteranges; boundary='.self::getBoundary();
+                // no Content-Length header here
+                }
+                else {
+                header(sprintf('Content-Range: bytes %d-%d/%d', $rangeArray[0]['from'], $rangeArray[0]['to'], $fileSize), true);
+                OC_Response::setContentLengthHeader($rangeArray[0]['to'] - $rangeArray[0]['from'] + 1);
+                }
+            }
+            else {
+                OC_Response::setContentLengthHeader($fileSize);
+            }
+        }
+        header('Content-Type: '.$type, true);
+    }
+
+    /**
+     * return the content of a file or return a zip file containing multiple files
+     *
+     * @param string $dir
+     * @param string $files ; separated list of files to download
+     * @param array $params ; 'head' boolean to only send header of the request ; 'range' http range header
+     */
+    public static function get($dir, $files, $params = null) {
+
+        $view = \OC\Files\Filesystem::getView();
+        $getType = self::FILE;
+        $filename = $dir;
+        try {
+
+            if (is_array($files) && count($files) === 1) {
+                $files = $files[0];
+            }
+
+            if (!is_array($files)) {
+                $filename = $dir . '/' . $files;
+                if (!$view->is_dir($filename)) {
+                    self::getSingleFile($view, $dir, $files, is_null($params) ? array() : $params);
+                    return;
+                }
+            }
+
+            $name = 'download';
+            if (is_array($files)) {
+                $getType = self::ZIP_FILES;
+                $basename = basename($dir);
+                if ($basename) {
+                    $name = $basename;
+                }
+
+                $filename = $dir . '/' . $name;
+            } else {
+                $filename = $dir . '/' . $files;
+                $getType = self::ZIP_DIR;
+                // downloading root ?
+                if ($files !== '') {
+                    $name = $files;
+                }
+            }
+
+            $streamer = new Streamer();
+            OC_Util::obEnd();
+
+            self::lockFiles($view, $dir, $files);
+
+            $streamer->sendHeaders($name);
+            $executionTime = intval(OC::$server->getIniWrapper()->getNumeric('max_execution_time'));
+            if (strpos(@ini_get('disable_functions'), 'set_time_limit') === false) {
+                @set_time_limit(0);
+            }
+            ignore_user_abort(true);
+            if ($getType === self::ZIP_FILES) {
+                foreach ($files as $file) {
+                    $file = $dir . '/' . $file;
+                    if (\OC\Files\Filesystem::is_file($file)) {
+                        $fileSize = \OC\Files\Filesystem::filesize($file);
+                        $fileTime = \OC\Files\Filesystem::filemtime($file);
+                        $fh = \OC\Files\Filesystem::fopen($file, 'r');
+                        $streamer->addFileFromStream($fh, basename($file), $fileSize, $fileTime);
+                        fclose($fh);
+                    } elseif (\OC\Files\Filesystem::is_dir($file)) {
+                        $streamer->addDirRecursive($file);
+                    }
+                }
+            } elseif ($getType === self::ZIP_DIR) {
+                $file = $dir . '/' . $files;
+                $streamer->addDirRecursive($file);
+            }
+            $streamer->finalize();
+            set_time_limit($executionTime);
+            self::unlockAllTheFiles($dir, $files, $getType, $view, $filename);
+        } catch (\OCP\Lock\LockedException $ex) {
+            self::unlockAllTheFiles($dir, $files, $getType, $view, $filename);
+            OC::$server->getLogger()->logException($ex);
+            $l = \OC::$server->getL10N('core');
+            $hint = method_exists($ex, 'getHint') ? $ex->getHint() : '';
+            \OC_Template::printErrorPage($l->t('File is currently busy, please try again later'), $hint);
+        } catch (\OCP\Files\ForbiddenException $ex) {
+            self::unlockAllTheFiles($dir, $files, $getType, $view, $filename);
+            OC::$server->getLogger()->logException($ex);
+            $l = \OC::$server->getL10N('core');
+            \OC_Template::printErrorPage($l->t('Can\'t read file'), $ex->getMessage());
+        } catch (\Exception $ex) {
+            self::unlockAllTheFiles($dir, $files, $getType, $view, $filename);
+            OC::$server->getLogger()->logException($ex);
+            $l = \OC::$server->getL10N('core');
+            $hint = method_exists($ex, 'getHint') ? $ex->getHint() : '';
+            \OC_Template::printErrorPage($l->t('Can\'t read file'), $hint);
+        }
+    }
+
+    /**
+     * @param string $rangeHeaderPos
+     * @param int $fileSize
+     * @return array $rangeArray ('from'=>int,'to'=>int), ...
+     */
+    private static function parseHttpRangeHeader($rangeHeaderPos, $fileSize) {
+        $rArray=explode(',', $rangeHeaderPos);
+        $minOffset = 0;
+        $ind = 0;
+
+        $rangeArray = array();
+
+        foreach ($rArray as $value) {
+            $ranges = explode('-', $value);
+            if (is_numeric($ranges[0])) {
+                if ($ranges[0] < $minOffset) { // case: bytes=500-700,601-999
+                    $ranges[0] = $minOffset;
+                }
+                if ($ind > 0 && $rangeArray[$ind-1]['to']+1 == $ranges[0]) { // case: bytes=500-600,601-999
+                    $ind--;
+                    $ranges[0] = $rangeArray[$ind]['from'];
+                }
+            }
+
+            if (is_numeric($ranges[0]) && is_numeric($ranges[1]) && $ranges[0] < $fileSize && $ranges[0] <= $ranges[1]) {
+                // case: x-x
+                if ($ranges[1] >= $fileSize) {
+                    $ranges[1] = $fileSize-1;
+                }
+                $rangeArray[$ind++] = array( 'from' => $ranges[0], 'to' => $ranges[1], 'size' => $fileSize );
+                $minOffset = $ranges[1] + 1;
+                if ($minOffset >= $fileSize) {
+                    break;
+                }
+            }
+            elseif (is_numeric($ranges[0]) && $ranges[0] < $fileSize) {
+                // case: x-
+                $rangeArray[$ind++] = array( 'from' => $ranges[0], 'to' => $fileSize-1, 'size' => $fileSize );
+                break;
+            }
+            elseif (is_numeric($ranges[1])) {
+                // case: -x
+                if ($ranges[1] > $fileSize) {
+                    $ranges[1] = $fileSize;
+                }
+                $rangeArray[$ind++] = array( 'from' => $fileSize-$ranges[1], 'to' => $fileSize-1, 'size' => $fileSize );
+                break;
+            }
+        }
+        return $rangeArray;
+    }
+
+    /**
+     * @param View $view
+     * @param string $name
+     * @param string $dir
+     * @param array $params ; 'head' boolean to only send header of the request ; 'range' http range header
+     */
+    private static function getSingleFile($view, $dir, $name, $params) {
+        $filename = $dir . '/' . $name;
+        OC_Util::obEnd();
+        $view->lockFile($filename, ILockingProvider::LOCK_SHARED);
 		
-		$rangeArray = array();
+        $rangeArray = array();
 
-		if (isset($params['range']) && substr($params['range'], 0, 6) === 'bytes=') {
-			$rangeArray = self::parseHttpRangeHeader(substr($params['range'], 6), 
-								 \OC\Files\Filesystem::filesize($filename));
-		}
+        if (isset($params['range']) && substr($params['range'], 0, 6) === 'bytes=') {
+            $rangeArray = self::parseHttpRangeHeader(substr($params['range'], 6), 
+                                    \OC\Files\Filesystem::filesize($filename));
+        }
 		
-		if (\OC\Files\Filesystem::isReadable($filename)) {
-			self::sendHeaders($filename, $name, $rangeArray);
-		} elseif (!\OC\Files\Filesystem::file_exists($filename)) {
-			header("HTTP/1.1 404 Not Found");
-			$tmpl = new OC_Template('', '404', 'guest');
-			$tmpl->printPage();
-			exit();
-		} else {
-			header("HTTP/1.1 403 Forbidden");
-			die('403 Forbidden');
-		}
-		if (isset($params['head']) && $params['head']) {
-			return;
-		}
-		if (!empty($rangeArray)) {
-			try {
-			    if (count($rangeArray) == 1) {
-				$view->readfilePart($filename, $rangeArray[0]['from'], $rangeArray[0]['to']);
-			    }
-			    else {
-				// check if file is seekable (if not throw UnseekableException)
-				// we have to check it before body contents
-				$view->readfilePart($filename, $rangeArray[0]['size'], $rangeArray[0]['size']);
-
-				$type = \OC::$server->getMimeTypeDetector()->getSecureMimeType(\OC\Files\Filesystem::getMimeType($filename));
-
-				foreach ($rangeArray as $range) {
-				    echo "\r\n--".self::getBoundary()."\r\n".
-				         "Content-type: ".$type."\r\n".
-				         "Content-range: bytes ".$range['from']."-".$range['to']."/".$range['size']."\r\n\r\n";
-				    $view->readfilePart($filename, $range['from'], $range['to']);
-				}
-				echo "\r\n--".self::getBoundary()."--\r\n";
-			    }
-			} catch (\OCP\Files\UnseekableException $ex) {
-			    // file is unseekable
-			    header_remove('Accept-Ranges');
-			    header_remove('Content-Range');
-			    header("HTTP/1.1 200 OK");
-			    self::sendHeaders($filename, $name, array());
-			    $view->readfile($filename);
-			}
-		}
-		else {
-		    $view->readfile($filename);
-		}
-	}
-
-	/**
-	 * @param View $view
-	 * @param string $dir
-	 * @param string[]|string $files
-	 */
-	public static function lockFiles($view, $dir, $files) {
-		if (!is_array($files)) {
-			$file = $dir . '/' . $files;
-			$files = [$file];
-		}
-		foreach ($files as $file) {
-			$file = $dir . '/' . $file;
-			$view->lockFile($file, ILockingProvider::LOCK_SHARED);
-			if ($view->is_dir($file)) {
-				$contents = $view->getDirectoryContent($file);
-				$contents = array_map(function($fileInfo) use ($file) {
-					/** @var \OCP\Files\FileInfo $fileInfo */
-					return $file . '/' . $fileInfo->getName();
-				}, $contents);
-				self::lockFiles($view, $dir, $contents);
-			}
-		}
-	}
-
-	/**
-	 * set the maximum upload size limit for apache hosts using .htaccess
-	 *
-	 * @param int $size file size in bytes
-	 * @param array $files override '.htaccess' and '.user.ini' locations
-	 * @return bool false on failure, size on success
-	 */
-	public static function setUploadLimit($size, $files = []) {
-		//don't allow user to break his config
-		$size = intval($size);
-		if ($size < self::UPLOAD_MIN_LIMIT_BYTES) {
-			return false;
-		}
-		$size = OC_Helper::phpFileSize($size);
-
-		$phpValueKeys = array(
-			'upload_max_filesize',
-			'post_max_size'
-		);
-
-		// default locations if not overridden by $files
-		$files = array_merge([
-			'.htaccess' => OC::$SERVERROOT . '/.htaccess',
-			'.user.ini' => OC::$SERVERROOT . '/.user.ini'
-		], $files);
-
-		$updateFiles = [
-			$files['.htaccess'] => [
-				'pattern' => '/php_value %1$s (\S)*/',
-				'setting' => 'php_value %1$s %2$s'
-			],
-			$files['.user.ini'] => [
-				'pattern' => '/%1$s=(\S)*/',
-				'setting' => '%1$s=%2$s'
-			]
-		];
-
-		$success = true;
-
-		foreach ($updateFiles as $filename => $patternMap) {
-			// suppress warnings from fopen()
-			$handle = @fopen($filename, 'r+');
-			if (!$handle) {
-				\OCP\Util::writeLog('files',
-					'Can\'t write upload limit to ' . $filename . '. Please check the file permissions',
-					\OCP\Util::WARN);
-				$success = false;
-				continue; // try to update as many files as possible
-			}
-
-			$content = '';
-			while (!feof($handle)) {
-				$content .= fread($handle, 1000);
-			}
-
-			foreach ($phpValueKeys as $key) {
-				$pattern = vsprintf($patternMap['pattern'], [$key]);
-				$setting = vsprintf($patternMap['setting'], [$key, $size]);
-				$hasReplaced = 0;
-				$newContent = preg_replace($pattern, $setting, $content, 2, $hasReplaced);
-				if ($newContent !== null) {
-					$content = $newContent;
-				}
-				if ($hasReplaced === 0) {
-					$content .= "\n" . $setting;
-				}
-			}
-
-			// write file back
-			ftruncate($handle, 0);
-			rewind($handle);
-			fwrite($handle, $content);
-
-			fclose($handle);
-		}
-
-		if ($success) {
-			return OC_Helper::computerFileSize($size);
-		}
-		return false;
-	}
-
-	/**
-	 * @param string $dir
-	 * @param $files
-	 * @param integer $getType
-	 * @param View $view
-	 * @param string $filename
-	 */
-	private static function unlockAllTheFiles($dir, $files, $getType, $view, $filename) {
-		if ($getType === self::FILE) {
-			$view->unlockFile($filename, ILockingProvider::LOCK_SHARED);
-		}
-		if ($getType === self::ZIP_FILES) {
-			foreach ($files as $file) {
-				$file = $dir . '/' . $file;
-				$view->unlockFile($file, ILockingProvider::LOCK_SHARED);
-			}
-		}
-		if ($getType === self::ZIP_DIR) {
-			$file = $dir . '/' . $files;
-			$view->unlockFile($file, ILockingProvider::LOCK_SHARED);
-		}
-	}
+        if (\OC\Files\Filesystem::isReadable($filename)) {
+            self::sendHeaders($filename, $name, $rangeArray);
+        } elseif (!\OC\Files\Filesystem::file_exists($filename)) {
+            header("HTTP/1.1 404 Not Found");
+            $tmpl = new OC_Template('', '404', 'guest');
+            $tmpl->printPage();
+            exit();
+        } else {
+            header("HTTP/1.1 403 Forbidden");
+            die('403 Forbidden');
+        }
+        if (isset($params['head']) && $params['head']) {
+            return;
+        }
+        if (!empty($rangeArray)) {
+            try {
+                if (count($rangeArray) == 1) {
+                $view->readfilePart($filename, $rangeArray[0]['from'], $rangeArray[0]['to']);
+                }
+                else {
+                // check if file is seekable (if not throw UnseekableException)
+                // we have to check it before body contents
+                $view->readfilePart($filename, $rangeArray[0]['size'], $rangeArray[0]['size']);
+
+                $type = \OC::$server->getMimeTypeDetector()->getSecureMimeType(\OC\Files\Filesystem::getMimeType($filename));
+
+                foreach ($rangeArray as $range) {
+                    echo "\r\n--".self::getBoundary()."\r\n".
+                            "Content-type: ".$type."\r\n".
+                            "Content-range: bytes ".$range['from']."-".$range['to']."/".$range['size']."\r\n\r\n";
+                    $view->readfilePart($filename, $range['from'], $range['to']);
+                }
+                echo "\r\n--".self::getBoundary()."--\r\n";
+                }
+            } catch (\OCP\Files\UnseekableException $ex) {
+                // file is unseekable
+                header_remove('Accept-Ranges');
+                header_remove('Content-Range');
+                header("HTTP/1.1 200 OK");
+                self::sendHeaders($filename, $name, array());
+                $view->readfile($filename);
+            }
+        }
+        else {
+            $view->readfile($filename);
+        }
+    }
+
+    /**
+     * @param View $view
+     * @param string $dir
+     * @param string[]|string $files
+     */
+    public static function lockFiles($view, $dir, $files) {
+        if (!is_array($files)) {
+            $file = $dir . '/' . $files;
+            $files = [$file];
+        }
+        foreach ($files as $file) {
+            $file = $dir . '/' . $file;
+            $view->lockFile($file, ILockingProvider::LOCK_SHARED);
+            if ($view->is_dir($file)) {
+                $contents = $view->getDirectoryContent($file);
+                $contents = array_map(function($fileInfo) use ($file) {
+                    /** @var \OCP\Files\FileInfo $fileInfo */
+                    return $file . '/' . $fileInfo->getName();
+                }, $contents);
+                self::lockFiles($view, $dir, $contents);
+            }
+        }
+    }
+
+    /**
+     * set the maximum upload size limit for apache hosts using .htaccess
+     *
+     * @param int $size file size in bytes
+     * @param array $files override '.htaccess' and '.user.ini' locations
+     * @return bool false on failure, size on success
+     */
+    public static function setUploadLimit($size, $files = []) {
+        //don't allow user to break his config
+        $size = intval($size);
+        if ($size < self::UPLOAD_MIN_LIMIT_BYTES) {
+            return false;
+        }
+        $size = OC_Helper::phpFileSize($size);
+
+        $phpValueKeys = array(
+            'upload_max_filesize',
+            'post_max_size'
+        );
+
+        // default locations if not overridden by $files
+        $files = array_merge([
+            '.htaccess' => OC::$SERVERROOT . '/.htaccess',
+            '.user.ini' => OC::$SERVERROOT . '/.user.ini'
+        ], $files);
+
+        $updateFiles = [
+            $files['.htaccess'] => [
+                'pattern' => '/php_value %1$s (\S)*/',
+                'setting' => 'php_value %1$s %2$s'
+            ],
+            $files['.user.ini'] => [
+                'pattern' => '/%1$s=(\S)*/',
+                'setting' => '%1$s=%2$s'
+            ]
+        ];
+
+        $success = true;
+
+        foreach ($updateFiles as $filename => $patternMap) {
+            // suppress warnings from fopen()
+            $handle = @fopen($filename, 'r+');
+            if (!$handle) {
+                \OCP\Util::writeLog('files',
+                    'Can\'t write upload limit to ' . $filename . '. Please check the file permissions',
+                    \OCP\Util::WARN);
+                $success = false;
+                continue; // try to update as many files as possible
+            }
+
+            $content = '';
+            while (!feof($handle)) {
+                $content .= fread($handle, 1000);
+            }
+
+            foreach ($phpValueKeys as $key) {
+                $pattern = vsprintf($patternMap['pattern'], [$key]);
+                $setting = vsprintf($patternMap['setting'], [$key, $size]);
+                $hasReplaced = 0;
+                $newContent = preg_replace($pattern, $setting, $content, 2, $hasReplaced);
+                if ($newContent !== null) {
+                    $content = $newContent;
+                }
+                if ($hasReplaced === 0) {
+                    $content .= "\n" . $setting;
+                }
+            }
+
+            // write file back
+            ftruncate($handle, 0);
+            rewind($handle);
+            fwrite($handle, $content);
+
+            fclose($handle);
+        }
+
+        if ($success) {
+            return OC_Helper::computerFileSize($size);
+        }
+        return false;
+    }
+
+    /**
+     * @param string $dir
+     * @param $files
+     * @param integer $getType
+     * @param View $view
+     * @param string $filename
+     */
+    private static function unlockAllTheFiles($dir, $files, $getType, $view, $filename) {
+        if ($getType === self::FILE) {
+            $view->unlockFile($filename, ILockingProvider::LOCK_SHARED);
+        }
+        if ($getType === self::ZIP_FILES) {
+            foreach ($files as $file) {
+                $file = $dir . '/' . $file;
+                $view->unlockFile($file, ILockingProvider::LOCK_SHARED);
+            }
+        }
+        if ($getType === self::ZIP_DIR) {
+            $file = $dir . '/' . $files;
+            $view->unlockFile($file, ILockingProvider::LOCK_SHARED);
+        }
+    }
 
 }

settings/Controller/CertificateController.php

Doc Comments +2 added lines, -2 removed lines

@@ -72,7 +72,7 @@ 
 	 *
 	 * @NoAdminRequired
 	 * @NoSubadminRequired
-	 * @return array
+	 * @return DataResponse
 	 */
 	public function addPersonalRootCertificate() {
 		return $this->addCertificate($this->userCertificateManager);
@@ -160,7 +160,7 @@ 
 	/**
 	 * Add a new personal root certificate to the system's trust store
 	 *
-	 * @return array
+	 * @return DataResponse
 	 */
 	public function addSystemRootCertificate() {
 		return $this->addCertificate($this->systemCertificateManager);

Indentation +140 added lines, -140 removed lines

@@ -37,144 +37,144 @@
  * @package OC\Settings\Controller
  */
 class CertificateController extends Controller {
-	/** @var ICertificateManager */
-	private $userCertificateManager;
-	/** @var ICertificateManager  */
-	private $systemCertificateManager;
-	/** @var IL10N */
-	private $l10n;
-	/** @var IAppManager */
-	private $appManager;
-
-	/**
-	 * @param string $appName
-	 * @param IRequest $request
-	 * @param ICertificateManager $userCertificateManager
-	 * @param ICertificateManager $systemCertificateManager
-	 * @param IL10N $l10n
-	 * @param IAppManager $appManager
-	 */
-	public function __construct($appName,
-								IRequest $request,
-								ICertificateManager $userCertificateManager,
-								ICertificateManager $systemCertificateManager,
-								IL10N $l10n,
-								IAppManager $appManager) {
-		parent::__construct($appName, $request);
-		$this->userCertificateManager = $userCertificateManager;
-		$this->systemCertificateManager = $systemCertificateManager;
-		$this->l10n = $l10n;
-		$this->appManager = $appManager;
-	}
-
-	/**
-	 * Add a new personal root certificate to the users' trust store
-	 *
-	 * @NoAdminRequired
-	 * @NoSubadminRequired
-	 * @return array
-	 */
-	public function addPersonalRootCertificate() {
-		return $this->addCertificate($this->userCertificateManager);
-	}
-
-	/**
-	 * Add a new root certificate to a trust store
-	 *
-	 * @param ICertificateManager $certificateManager
-	 * @return DataResponse
-	 */
-	private function addCertificate(ICertificateManager $certificateManager) {
-		$headers = [];
-
-		if ($this->isCertificateImportAllowed() === false) {
-			return new DataResponse(['message' => 'Individual certificate management disabled'], Http::STATUS_FORBIDDEN, $headers);
-		}
-
-		$file = $this->request->getUploadedFile('rootcert_import');
-		if (empty($file)) {
-			return new DataResponse(['message' => 'No file uploaded'], Http::STATUS_UNPROCESSABLE_ENTITY, $headers);
-		}
-
-		try {
-			$certificate = $certificateManager->addCertificate(file_get_contents($file['tmp_name']), $file['name']);
-			return new DataResponse(
-				[
-					'name' => $certificate->getName(),
-					'commonName' => $certificate->getCommonName(),
-					'organization' => $certificate->getOrganization(),
-					'validFrom' => $certificate->getIssueDate()->getTimestamp(),
-					'validTill' => $certificate->getExpireDate()->getTimestamp(),
-					'validFromString' => $this->l10n->l('date', $certificate->getIssueDate()),
-					'validTillString' => $this->l10n->l('date', $certificate->getExpireDate()),
-					'issuer' => $certificate->getIssuerName(),
-					'issuerOrganization' => $certificate->getIssuerOrganization(),
-				],
-				Http::STATUS_OK,
-				$headers
-			);
-		} catch (\Exception $e) {
-			return new DataResponse('An error occurred.', Http::STATUS_UNPROCESSABLE_ENTITY, $headers);
-		}
-	}
-
-	/**
-	 * Removes a personal root certificate from the users' trust store
-	 *
-	 * @NoAdminRequired
-	 * @NoSubadminRequired
-	 * @param string $certificateIdentifier
-	 * @return DataResponse
-	 */
-	public function removePersonalRootCertificate($certificateIdentifier) {
-
-		if ($this->isCertificateImportAllowed() === false) {
-			return new DataResponse('Individual certificate management disabled', Http::STATUS_FORBIDDEN);
-		}
-
-		$this->userCertificateManager->removeCertificate($certificateIdentifier);
-		return new DataResponse();
-	}
-
-	/**
-	 * check if certificate import is allowed
-	 *
-	 * @return bool
-	 */
-	protected function isCertificateImportAllowed() {
-		$externalStorageEnabled = $this->appManager->isEnabledForUser('files_external');
-		if ($externalStorageEnabled) {
-			/** @var \OCA\Files_External\Service\BackendService $backendService */
-			$backendService = \OC_Mount_Config::$app->getContainer()->query('\OCA\Files_External\Service\BackendService');
-			if ($backendService->isUserMountingAllowed()) {
-				return true;
-			}
-		}
-		return false;
-	}
-
-	/**
-	 * Add a new personal root certificate to the system's trust store
-	 *
-	 * @return array
-	 */
-	public function addSystemRootCertificate() {
-		return $this->addCertificate($this->systemCertificateManager);
-	}
-
-	/**
-	 * Removes a personal root certificate from the users' trust store
-	 *
-	 * @param string $certificateIdentifier
-	 * @return DataResponse
-	 */
-	public function removeSystemRootCertificate($certificateIdentifier) {
-
-		if ($this->isCertificateImportAllowed() === false) {
-			return new DataResponse('Individual certificate management disabled', Http::STATUS_FORBIDDEN);
-		}
-
-		$this->systemCertificateManager->removeCertificate($certificateIdentifier);
-		return new DataResponse();
-	}
+    /** @var ICertificateManager */
+    private $userCertificateManager;
+    /** @var ICertificateManager  */
+    private $systemCertificateManager;
+    /** @var IL10N */
+    private $l10n;
+    /** @var IAppManager */
+    private $appManager;
+
+    /**
+     * @param string $appName
+     * @param IRequest $request
+     * @param ICertificateManager $userCertificateManager
+     * @param ICertificateManager $systemCertificateManager
+     * @param IL10N $l10n
+     * @param IAppManager $appManager
+     */
+    public function __construct($appName,
+                                IRequest $request,
+                                ICertificateManager $userCertificateManager,
+                                ICertificateManager $systemCertificateManager,
+                                IL10N $l10n,
+                                IAppManager $appManager) {
+        parent::__construct($appName, $request);
+        $this->userCertificateManager = $userCertificateManager;
+        $this->systemCertificateManager = $systemCertificateManager;
+        $this->l10n = $l10n;
+        $this->appManager = $appManager;
+    }
+
+    /**
+     * Add a new personal root certificate to the users' trust store
+     *
+     * @NoAdminRequired
+     * @NoSubadminRequired
+     * @return array
+     */
+    public function addPersonalRootCertificate() {
+        return $this->addCertificate($this->userCertificateManager);
+    }
+
+    /**
+     * Add a new root certificate to a trust store
+     *
+     * @param ICertificateManager $certificateManager
+     * @return DataResponse
+     */
+    private function addCertificate(ICertificateManager $certificateManager) {
+        $headers = [];
+
+        if ($this->isCertificateImportAllowed() === false) {
+            return new DataResponse(['message' => 'Individual certificate management disabled'], Http::STATUS_FORBIDDEN, $headers);
+        }
+
+        $file = $this->request->getUploadedFile('rootcert_import');
+        if (empty($file)) {
+            return new DataResponse(['message' => 'No file uploaded'], Http::STATUS_UNPROCESSABLE_ENTITY, $headers);
+        }
+
+        try {
+            $certificate = $certificateManager->addCertificate(file_get_contents($file['tmp_name']), $file['name']);
+            return new DataResponse(
+                [
+                    'name' => $certificate->getName(),
+                    'commonName' => $certificate->getCommonName(),
+                    'organization' => $certificate->getOrganization(),
+                    'validFrom' => $certificate->getIssueDate()->getTimestamp(),
+                    'validTill' => $certificate->getExpireDate()->getTimestamp(),
+                    'validFromString' => $this->l10n->l('date', $certificate->getIssueDate()),
+                    'validTillString' => $this->l10n->l('date', $certificate->getExpireDate()),
+                    'issuer' => $certificate->getIssuerName(),
+                    'issuerOrganization' => $certificate->getIssuerOrganization(),
+                ],
+                Http::STATUS_OK,
+                $headers
+            );
+        } catch (\Exception $e) {
+            return new DataResponse('An error occurred.', Http::STATUS_UNPROCESSABLE_ENTITY, $headers);
+        }
+    }
+
+    /**
+     * Removes a personal root certificate from the users' trust store
+     *
+     * @NoAdminRequired
+     * @NoSubadminRequired
+     * @param string $certificateIdentifier
+     * @return DataResponse
+     */
+    public function removePersonalRootCertificate($certificateIdentifier) {
+
+        if ($this->isCertificateImportAllowed() === false) {
+            return new DataResponse('Individual certificate management disabled', Http::STATUS_FORBIDDEN);
+        }
+
+        $this->userCertificateManager->removeCertificate($certificateIdentifier);
+        return new DataResponse();
+    }
+
+    /**
+     * check if certificate import is allowed
+     *
+     * @return bool
+     */
+    protected function isCertificateImportAllowed() {
+        $externalStorageEnabled = $this->appManager->isEnabledForUser('files_external');
+        if ($externalStorageEnabled) {
+            /** @var \OCA\Files_External\Service\BackendService $backendService */
+            $backendService = \OC_Mount_Config::$app->getContainer()->query('\OCA\Files_External\Service\BackendService');
+            if ($backendService->isUserMountingAllowed()) {
+                return true;
+            }
+        }
+        return false;
+    }
+
+    /**
+     * Add a new personal root certificate to the system's trust store
+     *
+     * @return array
+     */
+    public function addSystemRootCertificate() {
+        return $this->addCertificate($this->systemCertificateManager);
+    }
+
+    /**
+     * Removes a personal root certificate from the users' trust store
+     *
+     * @param string $certificateIdentifier
+     * @return DataResponse
+     */
+    public function removeSystemRootCertificate($certificateIdentifier) {
+
+        if ($this->isCertificateImportAllowed() === false) {
+            return new DataResponse('Individual certificate management disabled', Http::STATUS_FORBIDDEN);
+        }
+
+        $this->systemCertificateManager->removeCertificate($certificateIdentifier);
+        return new DataResponse();
+    }
 }

core/Controller/LostController.php

Doc Comments +1 added lines, -1 removed lines

@@ -132,7 +132,7 @@
 	}
 
 	/**
-	 * @param $message
+	 * @param string $message
 	 * @param array $additional
 	 * @return array
 	 */

Spacing +9 added lines, -9 removed lines

@@ -160,7 +160,7 @@ 
 	 */
 	protected function checkPasswordResetToken($token, $userId) {
 		$user = $this->userManager->get($userId);
-		if($user === null) {
+		if ($user === null) {
 			throw new \Exception($this->l10n->t('Couldn\'t reset password because the token is invalid'));
 		}
 
@@ -173,11 +173,11 @@ 
 		}
 
 		$splittedToken = explode(':', $decryptedToken);
-		if(count($splittedToken) !== 2) {
+		if (count($splittedToken) !== 2) {
 			throw new \Exception($this->l10n->t('Couldn\'t reset password because the token is invalid'));
 		}
 
-		if ($splittedToken[0] < ($this->timeFactory->getTime() - 60*60*12) ||
+		if ($splittedToken[0] < ($this->timeFactory->getTime() - 60 * 60 * 12) ||
 			$user->getLastLogin() > $splittedToken[0]) {
 			throw new \Exception($this->l10n->t('Couldn\'t reset password because the token is expired'));
 		}
@@ -192,7 +192,7 @@ 
 	 * @param array $additional
 	 * @return array
 	 */
-	private function error($message, array $additional=array()) {
+	private function error($message, array $additional = array()) {
 		return array_merge(array('status' => 'error', 'msg' => $message), $additional);
 	}
 
@@ -210,11 +210,11 @@ 
 	 * @param string $user
 	 * @return JSONResponse
 	 */
-	public function email($user){
+	public function email($user) {
 		// FIXME: use HTTP error codes
 		try {
 			$this->sendEmail($user);
-		} catch (\Exception $e){
+		} catch (\Exception $e) {
 			$response = new JSONResponse($this->error($e->getMessage()));
 			$response->throttle();
 			return $response;
@@ -252,7 +252,7 @@ 
 
 			$this->config->deleteUserValue($userId, 'core', 'lostpassword');
 			@\OC_User::unsetMagicInCookie();
-		} catch (\Exception $e){
+		} catch (\Exception $e) {
 			return $this->error($e->getMessage());
 		}
 
@@ -283,8 +283,8 @@ 
 			ISecureRandom::CHAR_LOWER.
 			ISecureRandom::CHAR_UPPER
 		);
-		$tokenValue = $this->timeFactory->getTime() .':'. $token;
-		$encryptedValue = $this->crypto->encrypt($tokenValue, $email . $this->config->getSystemValue('secret'));
+		$tokenValue = $this->timeFactory->getTime().':'.$token;
+		$encryptedValue = $this->crypto->encrypt($tokenValue, $email.$this->config->getSystemValue('secret'));
 		$this->config->setUserValue($user->getUID(), 'core', 'lostpassword', $encryptedValue);
 
 		$link = $this->urlGenerator->linkToRouteAbsolute('core.lost.resetform', array('userId' => $user->getUID(), 'token' => $token));

Indentation +283 added lines, -283 removed lines

@@ -56,287 +56,287 @@
  */
 class LostController extends Controller {
 
-	/** @var IURLGenerator */
-	protected $urlGenerator;
-	/** @var IUserManager */
-	protected $userManager;
-	/** @var Defaults */
-	protected $defaults;
-	/** @var IL10N */
-	protected $l10n;
-	/** @var string */
-	protected $from;
-	/** @var IManager */
-	protected $encryptionManager;
-	/** @var IConfig */
-	protected $config;
-	/** @var ISecureRandom */
-	protected $secureRandom;
-	/** @var IMailer */
-	protected $mailer;
-	/** @var ITimeFactory */
-	protected $timeFactory;
-	/** @var ICrypto */
-	protected $crypto;
-
-	/**
-	 * @param string $appName
-	 * @param IRequest $request
-	 * @param IURLGenerator $urlGenerator
-	 * @param IUserManager $userManager
-	 * @param Defaults $defaults
-	 * @param IL10N $l10n
-	 * @param IConfig $config
-	 * @param ISecureRandom $secureRandom
-	 * @param string $defaultMailAddress
-	 * @param IManager $encryptionManager
-	 * @param IMailer $mailer
-	 * @param ITimeFactory $timeFactory
-	 * @param ICrypto $crypto
-	 */
-	public function __construct($appName,
-								IRequest $request,
-								IURLGenerator $urlGenerator,
-								IUserManager $userManager,
-								Defaults $defaults,
-								IL10N $l10n,
-								IConfig $config,
-								ISecureRandom $secureRandom,
-								$defaultMailAddress,
-								IManager $encryptionManager,
-								IMailer $mailer,
-								ITimeFactory $timeFactory,
-								ICrypto $crypto) {
-		parent::__construct($appName, $request);
-		$this->urlGenerator = $urlGenerator;
-		$this->userManager = $userManager;
-		$this->defaults = $defaults;
-		$this->l10n = $l10n;
-		$this->secureRandom = $secureRandom;
-		$this->from = $defaultMailAddress;
-		$this->encryptionManager = $encryptionManager;
-		$this->config = $config;
-		$this->mailer = $mailer;
-		$this->timeFactory = $timeFactory;
-		$this->crypto = $crypto;
-	}
-
-	/**
-	 * Someone wants to reset their password:
-	 *
-	 * @PublicPage
-	 * @NoCSRFRequired
-	 *
-	 * @param string $token
-	 * @param string $userId
-	 * @return TemplateResponse
-	 */
-	public function resetform($token, $userId) {
-		try {
-			$this->checkPasswordResetToken($token, $userId);
-		} catch (\Exception $e) {
-			return new TemplateResponse(
-				'core', 'error', [
-					"errors" => array(array("error" => $e->getMessage()))
-				],
-				'guest'
-			);
-		}
-
-		return new TemplateResponse(
-			'core',
-			'lostpassword/resetpassword',
-			array(
-				'link' => $this->urlGenerator->linkToRouteAbsolute('core.lost.setPassword', array('userId' => $userId, 'token' => $token)),
-			),
-			'guest'
-		);
-	}
-
-	/**
-	 * @param string $token
-	 * @param string $userId
-	 * @throws \Exception
-	 */
-	protected function checkPasswordResetToken($token, $userId) {
-		$user = $this->userManager->get($userId);
-		if($user === null) {
-			throw new \Exception($this->l10n->t('Couldn\'t reset password because the token is invalid'));
-		}
-
-		try {
-			$encryptedToken = $this->config->getUserValue($userId, 'core', 'lostpassword', null);
-			$mailAddress = !is_null($user->getEMailAddress()) ? $user->getEMailAddress() : '';
-			$decryptedToken = $this->crypto->decrypt($encryptedToken, $mailAddress.$this->config->getSystemValue('secret'));
-		} catch (\Exception $e) {
-			throw new \Exception($this->l10n->t('Couldn\'t reset password because the token is invalid'));
-		}
-
-		$splittedToken = explode(':', $decryptedToken);
-		if(count($splittedToken) !== 2) {
-			throw new \Exception($this->l10n->t('Couldn\'t reset password because the token is invalid'));
-		}
-
-		if ($splittedToken[0] < ($this->timeFactory->getTime() - 60*60*12) ||
-			$user->getLastLogin() > $splittedToken[0]) {
-			throw new \Exception($this->l10n->t('Couldn\'t reset password because the token is expired'));
-		}
-
-		if (!hash_equals($splittedToken[1], $token)) {
-			throw new \Exception($this->l10n->t('Couldn\'t reset password because the token is invalid'));
-		}
-	}
-
-	/**
-	 * @param $message
-	 * @param array $additional
-	 * @return array
-	 */
-	private function error($message, array $additional=array()) {
-		return array_merge(array('status' => 'error', 'msg' => $message), $additional);
-	}
-
-	/**
-	 * @return array
-	 */
-	private function success() {
-		return array('status'=>'success');
-	}
-
-	/**
-	 * @PublicPage
-	 * @BruteForceProtection(action=passwordResetEmail)
-	 * @AnonRateThrottle(limit=10, period=300)
-	 *
-	 * @param string $user
-	 * @return JSONResponse
-	 */
-	public function email($user){
-		// FIXME: use HTTP error codes
-		try {
-			$this->sendEmail($user);
-		} catch (\Exception $e){
-			$response = new JSONResponse($this->error($e->getMessage()));
-			$response->throttle();
-			return $response;
-		}
-
-		$response = new JSONResponse($this->success());
-		$response->throttle();
-		return $response;
-	}
-
-	/**
-	 * @PublicPage
-	 * @param string $token
-	 * @param string $userId
-	 * @param string $password
-	 * @param boolean $proceed
-	 * @return array
-	 */
-	public function setPassword($token, $userId, $password, $proceed) {
-		if ($this->encryptionManager->isEnabled() && !$proceed) {
-			return $this->error('', array('encryption' => true));
-		}
-
-		try {
-			$this->checkPasswordResetToken($token, $userId);
-			$user = $this->userManager->get($userId);
-
-			\OC_Hook::emit('\OC\Core\LostPassword\Controller\LostController', 'pre_passwordReset', array('uid' => $userId, 'password' => $password));
-
-			if (!$user->setPassword($password)) {
-				throw new \Exception();
-			}
-
-			\OC_Hook::emit('\OC\Core\LostPassword\Controller\LostController', 'post_passwordReset', array('uid' => $userId, 'password' => $password));
-
-			$this->config->deleteUserValue($userId, 'core', 'lostpassword');
-			@\OC_User::unsetMagicInCookie();
-		} catch (\Exception $e){
-			return $this->error($e->getMessage());
-		}
-
-		return $this->success();
-	}
-
-	/**
-	 * @param string $input
-	 * @throws \Exception
-	 */
-	protected function sendEmail($input) {
-		$user = $this->findUserByIdOrMail($input);
-		$email = $user->getEMailAddress();
-
-		if (empty($email)) {
-			throw new \Exception(
-				$this->l10n->t('Could not send reset email because there is no email address for this username. Please contact your administrator.')
-			);
-		}
-
-		// Generate the token. It is stored encrypted in the database with the
-		// secret being the users' email address appended with the system secret.
-		// This makes the token automatically invalidate once the user changes
-		// their email address.
-		$token = $this->secureRandom->generate(
-			21,
-			ISecureRandom::CHAR_DIGITS.
-			ISecureRandom::CHAR_LOWER.
-			ISecureRandom::CHAR_UPPER
-		);
-		$tokenValue = $this->timeFactory->getTime() .':'. $token;
-		$encryptedValue = $this->crypto->encrypt($tokenValue, $email . $this->config->getSystemValue('secret'));
-		$this->config->setUserValue($user->getUID(), 'core', 'lostpassword', $encryptedValue);
-
-		$link = $this->urlGenerator->linkToRouteAbsolute('core.lost.resetform', array('userId' => $user->getUID(), 'token' => $token));
-
-		$emailTemplate = $this->mailer->createEMailTemplate();
-
-		$emailTemplate->addHeader();
-		$emailTemplate->addHeading($this->l10n->t('Password reset'));
-
-		$emailTemplate->addBodyText(
-			$this->l10n->t('Click the following button to reset your password. If you have not requested the password reset, then ignore this email.'),
-			$this->l10n->t('Click the following link to reset your password. If you have not requested the password reset, then ignore this email.')
-		);
-
-		$emailTemplate->addBodyButton(
-			$this->l10n->t('Reset your password'),
-			$link,
-			false
-		);
-		$emailTemplate->addFooter();
-
-		try {
-			$message = $this->mailer->createMessage();
-			$message->setTo([$email => $user->getUID()]);
-			$message->setSubject($this->l10n->t('%s password reset', [$this->defaults->getName()]));
-			$message->setPlainBody($emailTemplate->renderText());
-			$message->setHtmlBody($emailTemplate->renderHtml());
-			$message->setFrom([$this->from => $this->defaults->getName()]);
-			$this->mailer->send($message);
-		} catch (\Exception $e) {
-			throw new \Exception($this->l10n->t(
-				'Couldn\'t send reset email. Please contact your administrator.'
-			));
-		}
-	}
-
-	/**
-	 * @param string $input
-	 * @return IUser
-	 * @throws \Exception
-	 */
-	protected function findUserByIdOrMail($input) {
-		$user = $this->userManager->get($input);
-		if ($user instanceof IUser) {
-			return $user;
-		}
-		$users = $this->userManager->getByEmail($input);
-		if (count($users) === 1) {
-			return $users[0];
-		}
-
-		throw new \InvalidArgumentException($this->l10n->t('Couldn\'t send reset email. Please make sure your username is correct.'));
-	}
+    /** @var IURLGenerator */
+    protected $urlGenerator;
+    /** @var IUserManager */
+    protected $userManager;
+    /** @var Defaults */
+    protected $defaults;
+    /** @var IL10N */
+    protected $l10n;
+    /** @var string */
+    protected $from;
+    /** @var IManager */
+    protected $encryptionManager;
+    /** @var IConfig */
+    protected $config;
+    /** @var ISecureRandom */
+    protected $secureRandom;
+    /** @var IMailer */
+    protected $mailer;
+    /** @var ITimeFactory */
+    protected $timeFactory;
+    /** @var ICrypto */
+    protected $crypto;
+
+    /**
+     * @param string $appName
+     * @param IRequest $request
+     * @param IURLGenerator $urlGenerator
+     * @param IUserManager $userManager
+     * @param Defaults $defaults
+     * @param IL10N $l10n
+     * @param IConfig $config
+     * @param ISecureRandom $secureRandom
+     * @param string $defaultMailAddress
+     * @param IManager $encryptionManager
+     * @param IMailer $mailer
+     * @param ITimeFactory $timeFactory
+     * @param ICrypto $crypto
+     */
+    public function __construct($appName,
+                                IRequest $request,
+                                IURLGenerator $urlGenerator,
+                                IUserManager $userManager,
+                                Defaults $defaults,
+                                IL10N $l10n,
+                                IConfig $config,
+                                ISecureRandom $secureRandom,
+                                $defaultMailAddress,
+                                IManager $encryptionManager,
+                                IMailer $mailer,
+                                ITimeFactory $timeFactory,
+                                ICrypto $crypto) {
+        parent::__construct($appName, $request);
+        $this->urlGenerator = $urlGenerator;
+        $this->userManager = $userManager;
+        $this->defaults = $defaults;
+        $this->l10n = $l10n;
+        $this->secureRandom = $secureRandom;
+        $this->from = $defaultMailAddress;
+        $this->encryptionManager = $encryptionManager;
+        $this->config = $config;
+        $this->mailer = $mailer;
+        $this->timeFactory = $timeFactory;
+        $this->crypto = $crypto;
+    }
+
+    /**
+     * Someone wants to reset their password:
+     *
+     * @PublicPage
+     * @NoCSRFRequired
+     *
+     * @param string $token
+     * @param string $userId
+     * @return TemplateResponse
+     */
+    public function resetform($token, $userId) {
+        try {
+            $this->checkPasswordResetToken($token, $userId);
+        } catch (\Exception $e) {
+            return new TemplateResponse(
+                'core', 'error', [
+                    "errors" => array(array("error" => $e->getMessage()))
+                ],
+                'guest'
+            );
+        }
+
+        return new TemplateResponse(
+            'core',
+            'lostpassword/resetpassword',
+            array(
+                'link' => $this->urlGenerator->linkToRouteAbsolute('core.lost.setPassword', array('userId' => $userId, 'token' => $token)),
+            ),
+            'guest'
+        );
+    }
+
+    /**
+     * @param string $token
+     * @param string $userId
+     * @throws \Exception
+     */
+    protected function checkPasswordResetToken($token, $userId) {
+        $user = $this->userManager->get($userId);
+        if($user === null) {
+            throw new \Exception($this->l10n->t('Couldn\'t reset password because the token is invalid'));
+        }
+
+        try {
+            $encryptedToken = $this->config->getUserValue($userId, 'core', 'lostpassword', null);
+            $mailAddress = !is_null($user->getEMailAddress()) ? $user->getEMailAddress() : '';
+            $decryptedToken = $this->crypto->decrypt($encryptedToken, $mailAddress.$this->config->getSystemValue('secret'));
+        } catch (\Exception $e) {
+            throw new \Exception($this->l10n->t('Couldn\'t reset password because the token is invalid'));
+        }
+
+        $splittedToken = explode(':', $decryptedToken);
+        if(count($splittedToken) !== 2) {
+            throw new \Exception($this->l10n->t('Couldn\'t reset password because the token is invalid'));
+        }
+
+        if ($splittedToken[0] < ($this->timeFactory->getTime() - 60*60*12) ||
+            $user->getLastLogin() > $splittedToken[0]) {
+            throw new \Exception($this->l10n->t('Couldn\'t reset password because the token is expired'));
+        }
+
+        if (!hash_equals($splittedToken[1], $token)) {
+            throw new \Exception($this->l10n->t('Couldn\'t reset password because the token is invalid'));
+        }
+    }
+
+    /**
+     * @param $message
+     * @param array $additional
+     * @return array
+     */
+    private function error($message, array $additional=array()) {
+        return array_merge(array('status' => 'error', 'msg' => $message), $additional);
+    }
+
+    /**
+     * @return array
+     */
+    private function success() {
+        return array('status'=>'success');
+    }
+
+    /**
+     * @PublicPage
+     * @BruteForceProtection(action=passwordResetEmail)
+     * @AnonRateThrottle(limit=10, period=300)
+     *
+     * @param string $user
+     * @return JSONResponse
+     */
+    public function email($user){
+        // FIXME: use HTTP error codes
+        try {
+            $this->sendEmail($user);
+        } catch (\Exception $e){
+            $response = new JSONResponse($this->error($e->getMessage()));
+            $response->throttle();
+            return $response;
+        }
+
+        $response = new JSONResponse($this->success());
+        $response->throttle();
+        return $response;
+    }
+
+    /**
+     * @PublicPage
+     * @param string $token
+     * @param string $userId
+     * @param string $password
+     * @param boolean $proceed
+     * @return array
+     */
+    public function setPassword($token, $userId, $password, $proceed) {
+        if ($this->encryptionManager->isEnabled() && !$proceed) {
+            return $this->error('', array('encryption' => true));
+        }
+
+        try {
+            $this->checkPasswordResetToken($token, $userId);
+            $user = $this->userManager->get($userId);
+
+            \OC_Hook::emit('\OC\Core\LostPassword\Controller\LostController', 'pre_passwordReset', array('uid' => $userId, 'password' => $password));
+
+            if (!$user->setPassword($password)) {
+                throw new \Exception();
+            }
+
+            \OC_Hook::emit('\OC\Core\LostPassword\Controller\LostController', 'post_passwordReset', array('uid' => $userId, 'password' => $password));
+
+            $this->config->deleteUserValue($userId, 'core', 'lostpassword');
+            @\OC_User::unsetMagicInCookie();
+        } catch (\Exception $e){
+            return $this->error($e->getMessage());
+        }
+
+        return $this->success();
+    }
+
+    /**
+     * @param string $input
+     * @throws \Exception
+     */
+    protected function sendEmail($input) {
+        $user = $this->findUserByIdOrMail($input);
+        $email = $user->getEMailAddress();
+
+        if (empty($email)) {
+            throw new \Exception(
+                $this->l10n->t('Could not send reset email because there is no email address for this username. Please contact your administrator.')
+            );
+        }
+
+        // Generate the token. It is stored encrypted in the database with the
+        // secret being the users' email address appended with the system secret.
+        // This makes the token automatically invalidate once the user changes
+        // their email address.
+        $token = $this->secureRandom->generate(
+            21,
+            ISecureRandom::CHAR_DIGITS.
+            ISecureRandom::CHAR_LOWER.
+            ISecureRandom::CHAR_UPPER
+        );
+        $tokenValue = $this->timeFactory->getTime() .':'. $token;
+        $encryptedValue = $this->crypto->encrypt($tokenValue, $email . $this->config->getSystemValue('secret'));
+        $this->config->setUserValue($user->getUID(), 'core', 'lostpassword', $encryptedValue);
+
+        $link = $this->urlGenerator->linkToRouteAbsolute('core.lost.resetform', array('userId' => $user->getUID(), 'token' => $token));
+
+        $emailTemplate = $this->mailer->createEMailTemplate();
+
+        $emailTemplate->addHeader();
+        $emailTemplate->addHeading($this->l10n->t('Password reset'));
+
+        $emailTemplate->addBodyText(
+            $this->l10n->t('Click the following button to reset your password. If you have not requested the password reset, then ignore this email.'),
+            $this->l10n->t('Click the following link to reset your password. If you have not requested the password reset, then ignore this email.')
+        );
+
+        $emailTemplate->addBodyButton(
+            $this->l10n->t('Reset your password'),
+            $link,
+            false
+        );
+        $emailTemplate->addFooter();
+
+        try {
+            $message = $this->mailer->createMessage();
+            $message->setTo([$email => $user->getUID()]);
+            $message->setSubject($this->l10n->t('%s password reset', [$this->defaults->getName()]));
+            $message->setPlainBody($emailTemplate->renderText());
+            $message->setHtmlBody($emailTemplate->renderHtml());
+            $message->setFrom([$this->from => $this->defaults->getName()]);
+            $this->mailer->send($message);
+        } catch (\Exception $e) {
+            throw new \Exception($this->l10n->t(
+                'Couldn\'t send reset email. Please contact your administrator.'
+            ));
+        }
+    }
+
+    /**
+     * @param string $input
+     * @return IUser
+     * @throws \Exception
+     */
+    protected function findUserByIdOrMail($input) {
+        $user = $this->userManager->get($input);
+        if ($user instanceof IUser) {
+            return $user;
+        }
+        $users = $this->userManager->getByEmail($input);
+        if (count($users) === 1) {
+            return $users[0];
+        }
+
+        throw new \InvalidArgumentException($this->l10n->t('Couldn\'t send reset email. Please make sure your username is correct.'));
+    }
 }

apps/files_external/lib/Service/DBConfigService.php

Doc Comments +16 added lines

@@ -89,6 +89,9 @@ 
 		return $this->getMountsFromQuery($query);
 	}
 
+	/**
+	 * @param string $userId
+	 */
 	public function getMountsForUser($userId, $groupIds) {
 		$builder = $this->connection->getQueryBuilder();
 		$query = $builder->select(['m.mount_id', 'mount_point', 'storage_backend', 'auth_backend', 'priority', 'm.type'])
@@ -125,6 +128,10 @@ 
 		return $this->getMountsFromQuery($query);
 	}
 
+	/**
+	 * @param integer $type
+	 * @param string|null $value
+	 */
 	protected function getForQuery(IQueryBuilder $builder, $type, $value) {
 		$query = $builder->select(['m.mount_id', 'mount_point', 'storage_backend', 'auth_backend', 'priority', 'm.type'])
 			->from('external_mounts', 'm')
@@ -332,6 +339,9 @@ 
 		}
 	}
 
+	/**
+	 * @param integer $mountId
+	 */
 	public function addApplicable($mountId, $type, $value) {
 		$this->connection->insertIfNotExist('*PREFIX*external_applicable', [
 			'mount_id' => $mountId,
@@ -340,6 +350,9 @@ 
 		], ['mount_id', 'type', 'value']);
 	}
 
+	/**
+	 * @param integer $mountId
+	 */
 	public function removeApplicable($mountId, $type, $value) {
 		$builder = $this->connection->getQueryBuilder();
 		$query = $builder->delete('external_applicable')
@@ -473,6 +486,9 @@ 
 		return array_combine($keys, $values);
 	}
 
+	/**
+	 * @param string $value
+	 */
 	private function encryptValue($value) {
 		return $this->crypto->encrypt($value);
 	}

Indentation +452 added lines, -452 removed lines

@@ -32,456 +32,456 @@
  * Stores the mount config in the database
  */
 class DBConfigService {
-	const MOUNT_TYPE_ADMIN = 1;
-	const MOUNT_TYPE_PERSONAl = 2;
-
-	const APPLICABLE_TYPE_GLOBAL = 1;
-	const APPLICABLE_TYPE_GROUP = 2;
-	const APPLICABLE_TYPE_USER = 3;
-
-	/**
-	 * @var IDBConnection
-	 */
-	private $connection;
-
-	/**
-	 * @var ICrypto
-	 */
-	private $crypto;
-
-	/**
-	 * DBConfigService constructor.
-	 *
-	 * @param IDBConnection $connection
-	 * @param ICrypto $crypto
-	 */
-	public function __construct(IDBConnection $connection, ICrypto $crypto) {
-		$this->connection = $connection;
-		$this->crypto = $crypto;
-	}
-
-	/**
-	 * @param int $mountId
-	 * @return array
-	 */
-	public function getMountById($mountId) {
-		$builder = $this->connection->getQueryBuilder();
-		$query = $builder->select(['mount_id', 'mount_point', 'storage_backend', 'auth_backend', 'priority', 'type'])
-			->from('external_mounts', 'm')
-			->where($builder->expr()->eq('mount_id', $builder->createNamedParameter($mountId, IQueryBuilder::PARAM_INT)));
-		$mounts = $this->getMountsFromQuery($query);
-		if (count($mounts) > 0) {
-			return $mounts[0];
-		} else {
-			return null;
-		}
-	}
-
-	/**
-	 * Get all configured mounts
-	 *
-	 * @return array
-	 */
-	public function getAllMounts() {
-		$builder = $this->connection->getQueryBuilder();
-		$query = $builder->select(['mount_id', 'mount_point', 'storage_backend', 'auth_backend', 'priority', 'type'])
-			->from('external_mounts');
-		return $this->getMountsFromQuery($query);
-	}
-
-	public function getMountsForUser($userId, $groupIds) {
-		$builder = $this->connection->getQueryBuilder();
-		$query = $builder->select(['m.mount_id', 'mount_point', 'storage_backend', 'auth_backend', 'priority', 'm.type'])
-			->from('external_mounts', 'm')
-			->innerJoin('m', 'external_applicable', 'a', $builder->expr()->eq('m.mount_id', 'a.mount_id'))
-			->where($builder->expr()->orX(
-				$builder->expr()->andX( // global mounts
-					$builder->expr()->eq('a.type', $builder->createNamedParameter(self::APPLICABLE_TYPE_GLOBAL, IQueryBuilder::PARAM_INT)),
-					$builder->expr()->isNull('a.value')
-				),
-				$builder->expr()->andX( // mounts for user
-					$builder->expr()->eq('a.type', $builder->createNamedParameter(self::APPLICABLE_TYPE_USER, IQueryBuilder::PARAM_INT)),
-					$builder->expr()->eq('a.value', $builder->createNamedParameter($userId))
-				),
-				$builder->expr()->andX( // mounts for group
-					$builder->expr()->eq('a.type', $builder->createNamedParameter(self::APPLICABLE_TYPE_GROUP, IQueryBuilder::PARAM_INT)),
-					$builder->expr()->in('a.value', $builder->createNamedParameter($groupIds, IQueryBuilder::PARAM_INT_ARRAY))
-				)
-			));
-
-		return $this->getMountsFromQuery($query);
-	}
-
-	/**
-	 * Get admin defined mounts
-	 *
-	 * @return array
-	 */
-	public function getAdminMounts() {
-		$builder = $this->connection->getQueryBuilder();
-		$query = $builder->select(['mount_id', 'mount_point', 'storage_backend', 'auth_backend', 'priority', 'type'])
-			->from('external_mounts')
-			->where($builder->expr()->eq('type', $builder->expr()->literal(self::MOUNT_TYPE_ADMIN, IQueryBuilder::PARAM_INT)));
-		return $this->getMountsFromQuery($query);
-	}
-
-	protected function getForQuery(IQueryBuilder $builder, $type, $value) {
-		$query = $builder->select(['m.mount_id', 'mount_point', 'storage_backend', 'auth_backend', 'priority', 'm.type'])
-			->from('external_mounts', 'm')
-			->innerJoin('m', 'external_applicable', 'a', $builder->expr()->eq('m.mount_id', 'a.mount_id'))
-			->where($builder->expr()->eq('a.type', $builder->createNamedParameter($type, IQueryBuilder::PARAM_INT)));
-
-		if (is_null($value)) {
-			$query = $query->andWhere($builder->expr()->isNull('a.value'));
-		} else {
-			$query = $query->andWhere($builder->expr()->eq('a.value', $builder->createNamedParameter($value)));
-		}
-
-		return $query;
-	}
-
-	/**
-	 * Get mounts by applicable
-	 *
-	 * @param int $type any of the self::APPLICABLE_TYPE_ constants
-	 * @param string|null $value user_id, group_id or null for global mounts
-	 * @return array
-	 */
-	public function getMountsFor($type, $value) {
-		$builder = $this->connection->getQueryBuilder();
-		$query = $this->getForQuery($builder, $type, $value);
-
-		return $this->getMountsFromQuery($query);
-	}
-
-	/**
-	 * Get admin defined mounts by applicable
-	 *
-	 * @param int $type any of the self::APPLICABLE_TYPE_ constants
-	 * @param string|null $value user_id, group_id or null for global mounts
-	 * @return array
-	 */
-	public function getAdminMountsFor($type, $value) {
-		$builder = $this->connection->getQueryBuilder();
-		$query = $this->getForQuery($builder, $type, $value);
-		$query->andWhere($builder->expr()->eq('m.type', $builder->expr()->literal(self::MOUNT_TYPE_ADMIN, IQueryBuilder::PARAM_INT)));
-
-		return $this->getMountsFromQuery($query);
-	}
-
-	/**
-	 * Get admin defined mounts for multiple applicable
-	 *
-	 * @param int $type any of the self::APPLICABLE_TYPE_ constants
-	 * @param string[] $values user_ids or group_ids
-	 * @return array
-	 */
-	public function getAdminMountsForMultiple($type, array $values) {
-		$builder = $this->connection->getQueryBuilder();
-		$params = array_map(function ($value) use ($builder) {
-			return $builder->createNamedParameter($value, IQueryBuilder::PARAM_STR);
-		}, $values);
-
-		$query = $builder->select(['m.mount_id', 'mount_point', 'storage_backend', 'auth_backend', 'priority', 'm.type'])
-			->from('external_mounts', 'm')
-			->innerJoin('m', 'external_applicable', 'a', $builder->expr()->eq('m.mount_id', 'a.mount_id'))
-			->where($builder->expr()->eq('a.type', $builder->createNamedParameter($type, IQueryBuilder::PARAM_INT)))
-			->andWhere($builder->expr()->in('a.value', $params));
-		$query->andWhere($builder->expr()->eq('m.type', $builder->expr()->literal(self::MOUNT_TYPE_ADMIN, IQueryBuilder::PARAM_INT)));
-
-		return $this->getMountsFromQuery($query);
-	}
-
-	/**
-	 * Get user defined mounts by applicable
-	 *
-	 * @param int $type any of the self::APPLICABLE_TYPE_ constants
-	 * @param string|null $value user_id, group_id or null for global mounts
-	 * @return array
-	 */
-	public function getUserMountsFor($type, $value) {
-		$builder = $this->connection->getQueryBuilder();
-		$query = $this->getForQuery($builder, $type, $value);
-		$query->andWhere($builder->expr()->eq('m.type', $builder->expr()->literal(self::MOUNT_TYPE_PERSONAl, IQueryBuilder::PARAM_INT)));
-
-		return $this->getMountsFromQuery($query);
-	}
-
-	/**
-	 * Add a mount to the database
-	 *
-	 * @param string $mountPoint
-	 * @param string $storageBackend
-	 * @param string $authBackend
-	 * @param int $priority
-	 * @param int $type self::MOUNT_TYPE_ADMIN or self::MOUNT_TYPE_PERSONAL
-	 * @return int the id of the new mount
-	 */
-	public function addMount($mountPoint, $storageBackend, $authBackend, $priority, $type) {
-		if (!$priority) {
-			$priority = 100;
-		}
-		$builder = $this->connection->getQueryBuilder();
-		$query = $builder->insert('external_mounts')
-			->values([
-				'mount_point' => $builder->createNamedParameter($mountPoint, IQueryBuilder::PARAM_STR),
-				'storage_backend' => $builder->createNamedParameter($storageBackend, IQueryBuilder::PARAM_STR),
-				'auth_backend' => $builder->createNamedParameter($authBackend, IQueryBuilder::PARAM_STR),
-				'priority' => $builder->createNamedParameter($priority, IQueryBuilder::PARAM_INT),
-				'type' => $builder->createNamedParameter($type, IQueryBuilder::PARAM_INT)
-			]);
-		$query->execute();
-		return (int)$this->connection->lastInsertId('*PREFIX*external_mounts');
-	}
-
-	/**
-	 * Remove a mount from the database
-	 *
-	 * @param int $mountId
-	 */
-	public function removeMount($mountId) {
-		$builder = $this->connection->getQueryBuilder();
-		$query = $builder->delete('external_mounts')
-			->where($builder->expr()->eq('mount_id', $builder->createNamedParameter($mountId, IQueryBuilder::PARAM_INT)));
-		$query->execute();
-
-		$query = $builder->delete('external_applicable')
-			->where($builder->expr()->eq('mount_id', $builder->createNamedParameter($mountId, IQueryBuilder::PARAM_INT)));
-		$query->execute();
-
-		$query = $builder->delete('external_config')
-			->where($builder->expr()->eq('mount_id', $builder->createNamedParameter($mountId, IQueryBuilder::PARAM_INT)));
-		$query->execute();
-
-		$query = $builder->delete('external_options')
-			->where($builder->expr()->eq('mount_id', $builder->createNamedParameter($mountId, IQueryBuilder::PARAM_INT)));
-		$query->execute();
-	}
-
-	/**
-	 * @param int $mountId
-	 * @param string $newMountPoint
-	 */
-	public function setMountPoint($mountId, $newMountPoint) {
-		$builder = $this->connection->getQueryBuilder();
-
-		$query = $builder->update('external_mounts')
-			->set('mount_point', $builder->createNamedParameter($newMountPoint))
-			->where($builder->expr()->eq('mount_id', $builder->createNamedParameter($mountId, IQueryBuilder::PARAM_INT)));
-
-		$query->execute();
-	}
-
-	/**
-	 * @param int $mountId
-	 * @param string $newAuthBackend
-	 */
-	public function setAuthBackend($mountId, $newAuthBackend) {
-		$builder = $this->connection->getQueryBuilder();
-
-		$query = $builder->update('external_mounts')
-			->set('auth_backend', $builder->createNamedParameter($newAuthBackend))
-			->where($builder->expr()->eq('mount_id', $builder->createNamedParameter($mountId, IQueryBuilder::PARAM_INT)));
-
-		$query->execute();
-	}
-
-	/**
-	 * @param int $mountId
-	 * @param string $key
-	 * @param string $value
-	 */
-	public function setConfig($mountId, $key, $value) {
-		if ($key === 'password') {
-			$value = $this->encryptValue($value);
-		}
-		$count = $this->connection->insertIfNotExist('*PREFIX*external_config', [
-			'mount_id' => $mountId,
-			'key' => $key,
-			'value' => $value
-		], ['mount_id', 'key']);
-		if ($count === 0) {
-			$builder = $this->connection->getQueryBuilder();
-			$query = $builder->update('external_config')
-				->set('value', $builder->createNamedParameter($value, IQueryBuilder::PARAM_STR))
-				->where($builder->expr()->eq('mount_id', $builder->createNamedParameter($mountId, IQueryBuilder::PARAM_INT)))
-				->andWhere($builder->expr()->eq('key', $builder->createNamedParameter($key, IQueryBuilder::PARAM_STR)));
-			$query->execute();
-		}
-	}
-
-	/**
-	 * @param int $mountId
-	 * @param string $key
-	 * @param string $value
-	 */
-	public function setOption($mountId, $key, $value) {
-
-		$count = $this->connection->insertIfNotExist('*PREFIX*external_options', [
-			'mount_id' => $mountId,
-			'key' => $key,
-			'value' => json_encode($value)
-		], ['mount_id', 'key']);
-		if ($count === 0) {
-			$builder = $this->connection->getQueryBuilder();
-			$query = $builder->update('external_options')
-				->set('value', $builder->createNamedParameter(json_encode($value), IQueryBuilder::PARAM_STR))
-				->where($builder->expr()->eq('mount_id', $builder->createNamedParameter($mountId, IQueryBuilder::PARAM_INT)))
-				->andWhere($builder->expr()->eq('key', $builder->createNamedParameter($key, IQueryBuilder::PARAM_STR)));
-			$query->execute();
-		}
-	}
-
-	public function addApplicable($mountId, $type, $value) {
-		$this->connection->insertIfNotExist('*PREFIX*external_applicable', [
-			'mount_id' => $mountId,
-			'type' => $type,
-			'value' => $value
-		], ['mount_id', 'type', 'value']);
-	}
-
-	public function removeApplicable($mountId, $type, $value) {
-		$builder = $this->connection->getQueryBuilder();
-		$query = $builder->delete('external_applicable')
-			->where($builder->expr()->eq('mount_id', $builder->createNamedParameter($mountId, IQueryBuilder::PARAM_INT)))
-			->andWhere($builder->expr()->eq('type', $builder->createNamedParameter($type, IQueryBuilder::PARAM_INT)));
-
-		if (is_null($value)) {
-			$query = $query->andWhere($builder->expr()->isNull('value'));
-		} else {
-			$query = $query->andWhere($builder->expr()->eq('value', $builder->createNamedParameter($value, IQueryBuilder::PARAM_STR)));
-		}
-
-		$query->execute();
-	}
-
-	private function getMountsFromQuery(IQueryBuilder $query) {
-		$result = $query->execute();
-		$mounts = $result->fetchAll();
-		$uniqueMounts = [];
-		foreach ($mounts as $mount) {
-			$id = $mount['mount_id'];
-			if (!isset($uniqueMounts[$id])) {
-				$uniqueMounts[$id] = $mount;
-			}
-		}
-		$uniqueMounts = array_values($uniqueMounts);
-
-		$mountIds = array_map(function ($mount) {
-			return $mount['mount_id'];
-		}, $uniqueMounts);
-		$mountIds = array_values(array_unique($mountIds));
-
-		$applicable = $this->getApplicableForMounts($mountIds);
-		$config = $this->getConfigForMounts($mountIds);
-		$options = $this->getOptionsForMounts($mountIds);
-
-		return array_map(function ($mount, $applicable, $config, $options) {
-			$mount['type'] = (int)$mount['type'];
-			$mount['priority'] = (int)$mount['priority'];
-			$mount['applicable'] = $applicable;
-			$mount['config'] = $config;
-			$mount['options'] = $options;
-			return $mount;
-		}, $uniqueMounts, $applicable, $config, $options);
-	}
-
-	/**
-	 * Get mount options from a table grouped by mount id
-	 *
-	 * @param string $table
-	 * @param string[] $fields
-	 * @param int[] $mountIds
-	 * @return array [$mountId => [['field1' => $value1, ...], ...], ...]
-	 */
-	private function selectForMounts($table, array $fields, array $mountIds) {
-		if (count($mountIds) === 0) {
-			return [];
-		}
-		$builder = $this->connection->getQueryBuilder();
-		$fields[] = 'mount_id';
-		$placeHolders = array_map(function ($id) use ($builder) {
-			return $builder->createPositionalParameter($id, IQueryBuilder::PARAM_INT);
-		}, $mountIds);
-		$query = $builder->select($fields)
-			->from($table)
-			->where($builder->expr()->in('mount_id', $placeHolders));
-		$rows = $query->execute()->fetchAll();
-
-		$result = [];
-		foreach ($mountIds as $mountId) {
-			$result[$mountId] = [];
-		}
-		foreach ($rows as $row) {
-			if (isset($row['type'])) {
-				$row['type'] = (int)$row['type'];
-			}
-			$result[$row['mount_id']][] = $row;
-		}
-		return $result;
-	}
-
-	/**
-	 * @param int[] $mountIds
-	 * @return array [$id => [['type' => $type, 'value' => $value], ...], ...]
-	 */
-	public function getApplicableForMounts($mountIds) {
-		return $this->selectForMounts('external_applicable', ['type', 'value'], $mountIds);
-	}
-
-	/**
-	 * @param int[] $mountIds
-	 * @return array [$id => ['key1' => $value1, ...], ...]
-	 */
-	public function getConfigForMounts($mountIds) {
-		$mountConfigs = $this->selectForMounts('external_config', ['key', 'value'], $mountIds);
-		return array_map([$this, 'createKeyValueMap'], $mountConfigs);
-	}
-
-	/**
-	 * @param int[] $mountIds
-	 * @return array [$id => ['key1' => $value1, ...], ...]
-	 */
-	public function getOptionsForMounts($mountIds) {
-		$mountOptions = $this->selectForMounts('external_options', ['key', 'value'], $mountIds);
-		$optionsMap = array_map([$this, 'createKeyValueMap'], $mountOptions);
-		return array_map(function (array $options) {
-			return array_map(function ($option) {
-				return json_decode($option);
-			}, $options);
-		}, $optionsMap);
-	}
-
-	/**
-	 * @param array $keyValuePairs [['key'=>$key, 'value=>$value], ...]
-	 * @return array ['key1' => $value1, ...]
-	 */
-	private function createKeyValueMap(array $keyValuePairs) {
-		$decryptedPairts = array_map(function ($pair) {
-			if ($pair['key'] === 'password') {
-				$pair['value'] = $this->decryptValue($pair['value']);
-			}
-			return $pair;
-		}, $keyValuePairs);
-		$keys = array_map(function ($pair) {
-			return $pair['key'];
-		}, $decryptedPairts);
-		$values = array_map(function ($pair) {
-			return $pair['value'];
-		}, $decryptedPairts);
-
-		return array_combine($keys, $values);
-	}
-
-	private function encryptValue($value) {
-		return $this->crypto->encrypt($value);
-	}
-
-	private function decryptValue($value) {
-		try {
-			return $this->crypto->decrypt($value);
-		} catch (\Exception $e) {
-			return $value;
-		}
-	}
+    const MOUNT_TYPE_ADMIN = 1;
+    const MOUNT_TYPE_PERSONAl = 2;
+
+    const APPLICABLE_TYPE_GLOBAL = 1;
+    const APPLICABLE_TYPE_GROUP = 2;
+    const APPLICABLE_TYPE_USER = 3;
+
+    /**
+     * @var IDBConnection
+     */
+    private $connection;
+
+    /**
+     * @var ICrypto
+     */
+    private $crypto;
+
+    /**
+     * DBConfigService constructor.
+     *
+     * @param IDBConnection $connection
+     * @param ICrypto $crypto
+     */
+    public function __construct(IDBConnection $connection, ICrypto $crypto) {
+        $this->connection = $connection;
+        $this->crypto = $crypto;
+    }
+
+    /**
+     * @param int $mountId
+     * @return array
+     */
+    public function getMountById($mountId) {
+        $builder = $this->connection->getQueryBuilder();
+        $query = $builder->select(['mount_id', 'mount_point', 'storage_backend', 'auth_backend', 'priority', 'type'])
+            ->from('external_mounts', 'm')
+            ->where($builder->expr()->eq('mount_id', $builder->createNamedParameter($mountId, IQueryBuilder::PARAM_INT)));
+        $mounts = $this->getMountsFromQuery($query);
+        if (count($mounts) > 0) {
+            return $mounts[0];
+        } else {
+            return null;
+        }
+    }
+
+    /**
+     * Get all configured mounts
+     *
+     * @return array
+     */
+    public function getAllMounts() {
+        $builder = $this->connection->getQueryBuilder();
+        $query = $builder->select(['mount_id', 'mount_point', 'storage_backend', 'auth_backend', 'priority', 'type'])
+            ->from('external_mounts');
+        return $this->getMountsFromQuery($query);
+    }
+
+    public function getMountsForUser($userId, $groupIds) {
+        $builder = $this->connection->getQueryBuilder();
+        $query = $builder->select(['m.mount_id', 'mount_point', 'storage_backend', 'auth_backend', 'priority', 'm.type'])
+            ->from('external_mounts', 'm')
+            ->innerJoin('m', 'external_applicable', 'a', $builder->expr()->eq('m.mount_id', 'a.mount_id'))
+            ->where($builder->expr()->orX(
+                $builder->expr()->andX( // global mounts
+                    $builder->expr()->eq('a.type', $builder->createNamedParameter(self::APPLICABLE_TYPE_GLOBAL, IQueryBuilder::PARAM_INT)),
+                    $builder->expr()->isNull('a.value')
+                ),
+                $builder->expr()->andX( // mounts for user
+                    $builder->expr()->eq('a.type', $builder->createNamedParameter(self::APPLICABLE_TYPE_USER, IQueryBuilder::PARAM_INT)),
+                    $builder->expr()->eq('a.value', $builder->createNamedParameter($userId))
+                ),
+                $builder->expr()->andX( // mounts for group
+                    $builder->expr()->eq('a.type', $builder->createNamedParameter(self::APPLICABLE_TYPE_GROUP, IQueryBuilder::PARAM_INT)),
+                    $builder->expr()->in('a.value', $builder->createNamedParameter($groupIds, IQueryBuilder::PARAM_INT_ARRAY))
+                )
+            ));
+
+        return $this->getMountsFromQuery($query);
+    }
+
+    /**
+     * Get admin defined mounts
+     *
+     * @return array
+     */
+    public function getAdminMounts() {
+        $builder = $this->connection->getQueryBuilder();
+        $query = $builder->select(['mount_id', 'mount_point', 'storage_backend', 'auth_backend', 'priority', 'type'])
+            ->from('external_mounts')
+            ->where($builder->expr()->eq('type', $builder->expr()->literal(self::MOUNT_TYPE_ADMIN, IQueryBuilder::PARAM_INT)));
+        return $this->getMountsFromQuery($query);
+    }
+
+    protected function getForQuery(IQueryBuilder $builder, $type, $value) {
+        $query = $builder->select(['m.mount_id', 'mount_point', 'storage_backend', 'auth_backend', 'priority', 'm.type'])
+            ->from('external_mounts', 'm')
+            ->innerJoin('m', 'external_applicable', 'a', $builder->expr()->eq('m.mount_id', 'a.mount_id'))
+            ->where($builder->expr()->eq('a.type', $builder->createNamedParameter($type, IQueryBuilder::PARAM_INT)));
+
+        if (is_null($value)) {
+            $query = $query->andWhere($builder->expr()->isNull('a.value'));
+        } else {
+            $query = $query->andWhere($builder->expr()->eq('a.value', $builder->createNamedParameter($value)));
+        }
+
+        return $query;
+    }
+
+    /**
+     * Get mounts by applicable
+     *
+     * @param int $type any of the self::APPLICABLE_TYPE_ constants
+     * @param string|null $value user_id, group_id or null for global mounts
+     * @return array
+     */
+    public function getMountsFor($type, $value) {
+        $builder = $this->connection->getQueryBuilder();
+        $query = $this->getForQuery($builder, $type, $value);
+
+        return $this->getMountsFromQuery($query);
+    }
+
+    /**
+     * Get admin defined mounts by applicable
+     *
+     * @param int $type any of the self::APPLICABLE_TYPE_ constants
+     * @param string|null $value user_id, group_id or null for global mounts
+     * @return array
+     */
+    public function getAdminMountsFor($type, $value) {
+        $builder = $this->connection->getQueryBuilder();
+        $query = $this->getForQuery($builder, $type, $value);
+        $query->andWhere($builder->expr()->eq('m.type', $builder->expr()->literal(self::MOUNT_TYPE_ADMIN, IQueryBuilder::PARAM_INT)));
+
+        return $this->getMountsFromQuery($query);
+    }
+
+    /**
+     * Get admin defined mounts for multiple applicable
+     *
+     * @param int $type any of the self::APPLICABLE_TYPE_ constants
+     * @param string[] $values user_ids or group_ids
+     * @return array
+     */
+    public function getAdminMountsForMultiple($type, array $values) {
+        $builder = $this->connection->getQueryBuilder();
+        $params = array_map(function ($value) use ($builder) {
+            return $builder->createNamedParameter($value, IQueryBuilder::PARAM_STR);
+        }, $values);
+
+        $query = $builder->select(['m.mount_id', 'mount_point', 'storage_backend', 'auth_backend', 'priority', 'm.type'])
+            ->from('external_mounts', 'm')
+            ->innerJoin('m', 'external_applicable', 'a', $builder->expr()->eq('m.mount_id', 'a.mount_id'))
+            ->where($builder->expr()->eq('a.type', $builder->createNamedParameter($type, IQueryBuilder::PARAM_INT)))
+            ->andWhere($builder->expr()->in('a.value', $params));
+        $query->andWhere($builder->expr()->eq('m.type', $builder->expr()->literal(self::MOUNT_TYPE_ADMIN, IQueryBuilder::PARAM_INT)));
+
+        return $this->getMountsFromQuery($query);
+    }
+
+    /**
+     * Get user defined mounts by applicable
+     *
+     * @param int $type any of the self::APPLICABLE_TYPE_ constants
+     * @param string|null $value user_id, group_id or null for global mounts
+     * @return array
+     */
+    public function getUserMountsFor($type, $value) {
+        $builder = $this->connection->getQueryBuilder();
+        $query = $this->getForQuery($builder, $type, $value);
+        $query->andWhere($builder->expr()->eq('m.type', $builder->expr()->literal(self::MOUNT_TYPE_PERSONAl, IQueryBuilder::PARAM_INT)));
+
+        return $this->getMountsFromQuery($query);
+    }
+
+    /**
+     * Add a mount to the database
+     *
+     * @param string $mountPoint
+     * @param string $storageBackend
+     * @param string $authBackend
+     * @param int $priority
+     * @param int $type self::MOUNT_TYPE_ADMIN or self::MOUNT_TYPE_PERSONAL
+     * @return int the id of the new mount
+     */
+    public function addMount($mountPoint, $storageBackend, $authBackend, $priority, $type) {
+        if (!$priority) {
+            $priority = 100;
+        }
+        $builder = $this->connection->getQueryBuilder();
+        $query = $builder->insert('external_mounts')
+            ->values([
+                'mount_point' => $builder->createNamedParameter($mountPoint, IQueryBuilder::PARAM_STR),
+                'storage_backend' => $builder->createNamedParameter($storageBackend, IQueryBuilder::PARAM_STR),
+                'auth_backend' => $builder->createNamedParameter($authBackend, IQueryBuilder::PARAM_STR),
+                'priority' => $builder->createNamedParameter($priority, IQueryBuilder::PARAM_INT),
+                'type' => $builder->createNamedParameter($type, IQueryBuilder::PARAM_INT)
+            ]);
+        $query->execute();
+        return (int)$this->connection->lastInsertId('*PREFIX*external_mounts');
+    }
+
+    /**
+     * Remove a mount from the database
+     *
+     * @param int $mountId
+     */
+    public function removeMount($mountId) {
+        $builder = $this->connection->getQueryBuilder();
+        $query = $builder->delete('external_mounts')
+            ->where($builder->expr()->eq('mount_id', $builder->createNamedParameter($mountId, IQueryBuilder::PARAM_INT)));
+        $query->execute();
+
+        $query = $builder->delete('external_applicable')
+            ->where($builder->expr()->eq('mount_id', $builder->createNamedParameter($mountId, IQueryBuilder::PARAM_INT)));
+        $query->execute();
+
+        $query = $builder->delete('external_config')
+            ->where($builder->expr()->eq('mount_id', $builder->createNamedParameter($mountId, IQueryBuilder::PARAM_INT)));
+        $query->execute();
+
+        $query = $builder->delete('external_options')
+            ->where($builder->expr()->eq('mount_id', $builder->createNamedParameter($mountId, IQueryBuilder::PARAM_INT)));
+        $query->execute();
+    }
+
+    /**
+     * @param int $mountId
+     * @param string $newMountPoint
+     */
+    public function setMountPoint($mountId, $newMountPoint) {
+        $builder = $this->connection->getQueryBuilder();
+
+        $query = $builder->update('external_mounts')
+            ->set('mount_point', $builder->createNamedParameter($newMountPoint))
+            ->where($builder->expr()->eq('mount_id', $builder->createNamedParameter($mountId, IQueryBuilder::PARAM_INT)));
+
+        $query->execute();
+    }
+
+    /**
+     * @param int $mountId
+     * @param string $newAuthBackend
+     */
+    public function setAuthBackend($mountId, $newAuthBackend) {
+        $builder = $this->connection->getQueryBuilder();
+
+        $query = $builder->update('external_mounts')
+            ->set('auth_backend', $builder->createNamedParameter($newAuthBackend))
+            ->where($builder->expr()->eq('mount_id', $builder->createNamedParameter($mountId, IQueryBuilder::PARAM_INT)));
+
+        $query->execute();
+    }
+
+    /**
+     * @param int $mountId
+     * @param string $key
+     * @param string $value
+     */
+    public function setConfig($mountId, $key, $value) {
+        if ($key === 'password') {
+            $value = $this->encryptValue($value);
+        }
+        $count = $this->connection->insertIfNotExist('*PREFIX*external_config', [
+            'mount_id' => $mountId,
+            'key' => $key,
+            'value' => $value
+        ], ['mount_id', 'key']);
+        if ($count === 0) {
+            $builder = $this->connection->getQueryBuilder();
+            $query = $builder->update('external_config')
+                ->set('value', $builder->createNamedParameter($value, IQueryBuilder::PARAM_STR))
+                ->where($builder->expr()->eq('mount_id', $builder->createNamedParameter($mountId, IQueryBuilder::PARAM_INT)))
+                ->andWhere($builder->expr()->eq('key', $builder->createNamedParameter($key, IQueryBuilder::PARAM_STR)));
+            $query->execute();
+        }
+    }
+
+    /**
+     * @param int $mountId
+     * @param string $key
+     * @param string $value
+     */
+    public function setOption($mountId, $key, $value) {
+
+        $count = $this->connection->insertIfNotExist('*PREFIX*external_options', [
+            'mount_id' => $mountId,
+            'key' => $key,
+            'value' => json_encode($value)
+        ], ['mount_id', 'key']);
+        if ($count === 0) {
+            $builder = $this->connection->getQueryBuilder();
+            $query = $builder->update('external_options')
+                ->set('value', $builder->createNamedParameter(json_encode($value), IQueryBuilder::PARAM_STR))
+                ->where($builder->expr()->eq('mount_id', $builder->createNamedParameter($mountId, IQueryBuilder::PARAM_INT)))
+                ->andWhere($builder->expr()->eq('key', $builder->createNamedParameter($key, IQueryBuilder::PARAM_STR)));
+            $query->execute();
+        }
+    }
+
+    public function addApplicable($mountId, $type, $value) {
+        $this->connection->insertIfNotExist('*PREFIX*external_applicable', [
+            'mount_id' => $mountId,
+            'type' => $type,
+            'value' => $value
+        ], ['mount_id', 'type', 'value']);
+    }
+
+    public function removeApplicable($mountId, $type, $value) {
+        $builder = $this->connection->getQueryBuilder();
+        $query = $builder->delete('external_applicable')
+            ->where($builder->expr()->eq('mount_id', $builder->createNamedParameter($mountId, IQueryBuilder::PARAM_INT)))
+            ->andWhere($builder->expr()->eq('type', $builder->createNamedParameter($type, IQueryBuilder::PARAM_INT)));
+
+        if (is_null($value)) {
+            $query = $query->andWhere($builder->expr()->isNull('value'));
+        } else {
+            $query = $query->andWhere($builder->expr()->eq('value', $builder->createNamedParameter($value, IQueryBuilder::PARAM_STR)));
+        }
+
+        $query->execute();
+    }
+
+    private function getMountsFromQuery(IQueryBuilder $query) {
+        $result = $query->execute();
+        $mounts = $result->fetchAll();
+        $uniqueMounts = [];
+        foreach ($mounts as $mount) {
+            $id = $mount['mount_id'];
+            if (!isset($uniqueMounts[$id])) {
+                $uniqueMounts[$id] = $mount;
+            }
+        }
+        $uniqueMounts = array_values($uniqueMounts);
+
+        $mountIds = array_map(function ($mount) {
+            return $mount['mount_id'];
+        }, $uniqueMounts);
+        $mountIds = array_values(array_unique($mountIds));
+
+        $applicable = $this->getApplicableForMounts($mountIds);
+        $config = $this->getConfigForMounts($mountIds);
+        $options = $this->getOptionsForMounts($mountIds);
+
+        return array_map(function ($mount, $applicable, $config, $options) {
+            $mount['type'] = (int)$mount['type'];
+            $mount['priority'] = (int)$mount['priority'];
+            $mount['applicable'] = $applicable;
+            $mount['config'] = $config;
+            $mount['options'] = $options;
+            return $mount;
+        }, $uniqueMounts, $applicable, $config, $options);
+    }
+
+    /**
+     * Get mount options from a table grouped by mount id
+     *
+     * @param string $table
+     * @param string[] $fields
+     * @param int[] $mountIds
+     * @return array [$mountId => [['field1' => $value1, ...], ...], ...]
+     */
+    private function selectForMounts($table, array $fields, array $mountIds) {
+        if (count($mountIds) === 0) {
+            return [];
+        }
+        $builder = $this->connection->getQueryBuilder();
+        $fields[] = 'mount_id';
+        $placeHolders = array_map(function ($id) use ($builder) {
+            return $builder->createPositionalParameter($id, IQueryBuilder::PARAM_INT);
+        }, $mountIds);
+        $query = $builder->select($fields)
+            ->from($table)
+            ->where($builder->expr()->in('mount_id', $placeHolders));
+        $rows = $query->execute()->fetchAll();
+
+        $result = [];
+        foreach ($mountIds as $mountId) {
+            $result[$mountId] = [];
+        }
+        foreach ($rows as $row) {
+            if (isset($row['type'])) {
+                $row['type'] = (int)$row['type'];
+            }
+            $result[$row['mount_id']][] = $row;
+        }
+        return $result;
+    }
+
+    /**
+     * @param int[] $mountIds
+     * @return array [$id => [['type' => $type, 'value' => $value], ...], ...]
+     */
+    public function getApplicableForMounts($mountIds) {
+        return $this->selectForMounts('external_applicable', ['type', 'value'], $mountIds);
+    }
+
+    /**
+     * @param int[] $mountIds
+     * @return array [$id => ['key1' => $value1, ...], ...]
+     */
+    public function getConfigForMounts($mountIds) {
+        $mountConfigs = $this->selectForMounts('external_config', ['key', 'value'], $mountIds);
+        return array_map([$this, 'createKeyValueMap'], $mountConfigs);
+    }
+
+    /**
+     * @param int[] $mountIds
+     * @return array [$id => ['key1' => $value1, ...], ...]
+     */
+    public function getOptionsForMounts($mountIds) {
+        $mountOptions = $this->selectForMounts('external_options', ['key', 'value'], $mountIds);
+        $optionsMap = array_map([$this, 'createKeyValueMap'], $mountOptions);
+        return array_map(function (array $options) {
+            return array_map(function ($option) {
+                return json_decode($option);
+            }, $options);
+        }, $optionsMap);
+    }
+
+    /**
+     * @param array $keyValuePairs [['key'=>$key, 'value=>$value], ...]
+     * @return array ['key1' => $value1, ...]
+     */
+    private function createKeyValueMap(array $keyValuePairs) {
+        $decryptedPairts = array_map(function ($pair) {
+            if ($pair['key'] === 'password') {
+                $pair['value'] = $this->decryptValue($pair['value']);
+            }
+            return $pair;
+        }, $keyValuePairs);
+        $keys = array_map(function ($pair) {
+            return $pair['key'];
+        }, $decryptedPairts);
+        $values = array_map(function ($pair) {
+            return $pair['value'];
+        }, $decryptedPairts);
+
+        return array_combine($keys, $values);
+    }
+
+    private function encryptValue($value) {
+        return $this->crypto->encrypt($value);
+    }
+
+    private function decryptValue($value) {
+        try {
+            return $this->crypto->decrypt($value);
+        } catch (\Exception $e) {
+            return $value;
+        }
+    }
 }

Spacing +13 added lines, -13 removed lines

@@ -178,7 +178,7 @@ 
 	 */
 	public function getAdminMountsForMultiple($type, array $values) {
 		$builder = $this->connection->getQueryBuilder();
-		$params = array_map(function ($value) use ($builder) {
+		$params = array_map(function($value) use ($builder) {
 			return $builder->createNamedParameter($value, IQueryBuilder::PARAM_STR);
 		}, $values);
 
@@ -231,7 +231,7 @@ 
 				'type' => $builder->createNamedParameter($type, IQueryBuilder::PARAM_INT)
 			]);
 		$query->execute();
-		return (int)$this->connection->lastInsertId('*PREFIX*external_mounts');
+		return (int) $this->connection->lastInsertId('*PREFIX*external_mounts');
 	}
 
 	/**
@@ -367,7 +367,7 @@ 
 		}
 		$uniqueMounts = array_values($uniqueMounts);
 
-		$mountIds = array_map(function ($mount) {
+		$mountIds = array_map(function($mount) {
 			return $mount['mount_id'];
 		}, $uniqueMounts);
 		$mountIds = array_values(array_unique($mountIds));
@@ -376,9 +376,9 @@ 
 		$config = $this->getConfigForMounts($mountIds);
 		$options = $this->getOptionsForMounts($mountIds);
 
-		return array_map(function ($mount, $applicable, $config, $options) {
-			$mount['type'] = (int)$mount['type'];
-			$mount['priority'] = (int)$mount['priority'];
+		return array_map(function($mount, $applicable, $config, $options) {
+			$mount['type'] = (int) $mount['type'];
+			$mount['priority'] = (int) $mount['priority'];
 			$mount['applicable'] = $applicable;
 			$mount['config'] = $config;
 			$mount['options'] = $options;
@@ -400,7 +400,7 @@ 
 		}
 		$builder = $this->connection->getQueryBuilder();
 		$fields[] = 'mount_id';
-		$placeHolders = array_map(function ($id) use ($builder) {
+		$placeHolders = array_map(function($id) use ($builder) {
 			return $builder->createPositionalParameter($id, IQueryBuilder::PARAM_INT);
 		}, $mountIds);
 		$query = $builder->select($fields)
@@ -414,7 +414,7 @@ 
 		}
 		foreach ($rows as $row) {
 			if (isset($row['type'])) {
-				$row['type'] = (int)$row['type'];
+				$row['type'] = (int) $row['type'];
 			}
 			$result[$row['mount_id']][] = $row;
 		}
@@ -445,8 +445,8 @@ 
 	public function getOptionsForMounts($mountIds) {
 		$mountOptions = $this->selectForMounts('external_options', ['key', 'value'], $mountIds);
 		$optionsMap = array_map([$this, 'createKeyValueMap'], $mountOptions);
-		return array_map(function (array $options) {
-			return array_map(function ($option) {
+		return array_map(function(array $options) {
+			return array_map(function($option) {
 				return json_decode($option);
 			}, $options);
 		}, $optionsMap);
@@ -457,16 +457,16 @@ 
 	 * @return array ['key1' => $value1, ...]
 	 */
 	private function createKeyValueMap(array $keyValuePairs) {
-		$decryptedPairts = array_map(function ($pair) {
+		$decryptedPairts = array_map(function($pair) {
 			if ($pair['key'] === 'password') {
 				$pair['value'] = $this->decryptValue($pair['value']);
 			}
 			return $pair;
 		}, $keyValuePairs);
-		$keys = array_map(function ($pair) {
+		$keys = array_map(function($pair) {
 			return $pair['key'];
 		}, $decryptedPairts);
-		$values = array_map(function ($pair) {
+		$values = array_map(function($pair) {
 			return $pair['value'];
 		}, $decryptedPairts);