nextcloud / server

apps/user_ldap/lib/LDAP.php

Indentation +337 added lines, -337 removed lines

@@ -33,341 +33,341 @@
 use OCA\User_LDAP\Exceptions\ConstraintViolationException;
 
 class LDAP implements ILDAPWrapper {
-	protected $curFunc = '';
-	protected $curArgs = array();
-
-	/**
-	 * @param resource $link
-	 * @param string $dn
-	 * @param string $password
-	 * @return bool|mixed
-	 */
-	public function bind($link, $dn, $password) {
-		return $this->invokeLDAPMethod('bind', $link, $dn, $password);
-	}
-
-	/**
-	 * @param string $host
-	 * @param string $port
-	 * @return mixed
-	 */
-	public function connect($host, $port) {
-		if(strpos($host, '://') === false) {
-			$host = 'ldap://' . $host;
-		}
-		if(strpos($host, ':', strpos($host, '://') + 1) === false) {
-			//ldap_connect ignores port parameter when URLs are passed
-			$host .= ':' . $port;
-		}
-		return $this->invokeLDAPMethod('connect', $host);
-	}
-
-	/**
-	 * @param LDAP $link
-	 * @param LDAP $result
-	 * @param string $cookie
-	 * @return bool|LDAP
-	 */
-	public function controlPagedResultResponse($link, $result, &$cookie) {
-		$this->preFunctionCall('ldap_control_paged_result_response',
-			array($link, $result, $cookie));
-		$result = ldap_control_paged_result_response($link, $result, $cookie);
-		$this->postFunctionCall();
-
-		return $result;
-	}
-
-	/**
-	 * @param LDAP $link
-	 * @param int $pageSize
-	 * @param bool $isCritical
-	 * @param string $cookie
-	 * @return mixed|true
-	 */
-	public function controlPagedResult($link, $pageSize, $isCritical, $cookie) {
-		return $this->invokeLDAPMethod('control_paged_result', $link, $pageSize,
-										$isCritical, $cookie);
-	}
-
-	/**
-	 * @param LDAP $link
-	 * @param LDAP $result
-	 * @return mixed
-	 */
-	public function countEntries($link, $result) {
-		return $this->invokeLDAPMethod('count_entries', $link, $result);
-	}
-
-	/**
-	 * @param LDAP $link
-	 * @return mixed|string
-	 */
-	public function errno($link) {
-		return $this->invokeLDAPMethod('errno', $link);
-	}
-
-	/**
-	 * @param LDAP $link
-	 * @return int|mixed
-	 */
-	public function error($link) {
-		return $this->invokeLDAPMethod('error', $link);
-	}
-
-	/**
-	 * Splits DN into its component parts
-	 * @param string $dn
-	 * @param int @withAttrib
-	 * @return array|false
-	 * @link http://www.php.net/manual/en/function.ldap-explode-dn.php
-	 */
-	public function explodeDN($dn, $withAttrib) {
-		return $this->invokeLDAPMethod('explode_dn', $dn, $withAttrib);
-	}
-
-	/**
-	 * @param LDAP $link
-	 * @param LDAP $result
-	 * @return mixed
-	 */
-	public function firstEntry($link, $result) {
-		return $this->invokeLDAPMethod('first_entry', $link, $result);
-	}
-
-	/**
-	 * @param LDAP $link
-	 * @param LDAP $result
-	 * @return array|mixed
-	 */
-	public function getAttributes($link, $result) {
-		return $this->invokeLDAPMethod('get_attributes', $link, $result);
-	}
-
-	/**
-	 * @param LDAP $link
-	 * @param LDAP $result
-	 * @return mixed|string
-	 */
-	public function getDN($link, $result) {
-		return $this->invokeLDAPMethod('get_dn', $link, $result);
-	}
-
-	/**
-	 * @param LDAP $link
-	 * @param LDAP $result
-	 * @return array|mixed
-	 */
-	public function getEntries($link, $result) {
-		return $this->invokeLDAPMethod('get_entries', $link, $result);
-	}
-
-	/**
-	 * @param LDAP $link
-	 * @param resource $result
-	 * @return mixed
-	 */
-	public function nextEntry($link, $result) {
-		return $this->invokeLDAPMethod('next_entry', $link, $result);
-	}
-
-	/**
-	 * @param LDAP $link
-	 * @param string $baseDN
-	 * @param string $filter
-	 * @param array $attr
-	 * @return mixed
-	 */
-	public function read($link, $baseDN, $filter, $attr) {
-		return $this->invokeLDAPMethod('read', $link, $baseDN, $filter, $attr);
-	}
-
-	/**
-	 * @param LDAP $link
-	 * @param string $baseDN
-	 * @param string $filter
-	 * @param array $attr
-	 * @param int $attrsOnly
-	 * @param int $limit
-	 * @return mixed
-	 */
-	public function search($link, $baseDN, $filter, $attr, $attrsOnly = 0, $limit = 0) {
-		return $this->invokeLDAPMethod('search', $link, $baseDN, $filter, $attr, $attrsOnly, $limit);
-	}
-
-	/**
-	 * @param LDAP $link
-	 * @param string $userDN
-	 * @param string $password
-	 * @return bool
-	 */
-	public function modReplace($link, $userDN, $password) {
-		return $this->invokeLDAPMethod('mod_replace', $link, $userDN, array('userPassword' => $password));
-	}
-
-	/**
-	 * @param LDAP $link
-	 * @param string $option
-	 * @param int $value
-	 * @return bool|mixed
-	 */
-	public function setOption($link, $option, $value) {
-		return $this->invokeLDAPMethod('set_option', $link, $option, $value);
-	}
-
-	/**
-	 * @param LDAP $link
-	 * @return mixed|true
-	 */
-	public function startTls($link) {
-		return $this->invokeLDAPMethod('start_tls', $link);
-	}
-
-	/**
-	 * @param resource $link
-	 * @return bool|mixed
-	 */
-	public function unbind($link) {
-		return $this->invokeLDAPMethod('unbind', $link);
-	}
-
-	/**
-	 * Checks whether the server supports LDAP
-	 * @return boolean if it the case, false otherwise
-	 * */
-	public function areLDAPFunctionsAvailable() {
-		return function_exists('ldap_connect');
-	}
-
-	/**
-	 * Checks whether PHP supports LDAP Paged Results
-	 * @return boolean if it the case, false otherwise
-	 * */
-	public function hasPagedResultSupport() {
-		$hasSupport = function_exists('ldap_control_paged_result')
-			&& function_exists('ldap_control_paged_result_response');
-		return $hasSupport;
-	}
-
-	/**
-	 * Checks whether the submitted parameter is a resource
-	 * @param Resource $resource the resource variable to check
-	 * @return bool true if it is a resource, false otherwise
-	 */
-	public function isResource($resource) {
-		return is_resource($resource);
-	}
-
-	/**
-	 * Checks whether the return value from LDAP is wrong or not.
-	 *
-	 * When using ldap_search we provide an array, in case multiple bases are
-	 * configured. Thus, we need to check the array elements.
-	 *
-	 * @param $result
-	 * @return bool
-	 */
-	protected function isResultFalse($result) {
-		if($result === false) {
-			return true;
-		}
-
-		if($this->curFunc === 'ldap_search' && is_array($result)) {
-			foreach ($result as $singleResult) {
-				if($singleResult === false) {
-					return true;
-				}
-			}
-		}
-
-		return false;
-	}
-
-	/**
-	 * @return mixed
-	 */
-	protected function invokeLDAPMethod() {
-		$arguments = func_get_args();
-		$func = 'ldap_' . array_shift($arguments);
-		if(function_exists($func)) {
-			$this->preFunctionCall($func, $arguments);
-			$result = call_user_func_array($func, $arguments);
-			if ($this->isResultFalse($result)) {
-				$this->postFunctionCall();
-			}
-			return $result;
-		}
-		return null;
-	}
-
-	/**
-	 * @param string $functionName
-	 * @param array $args
-	 */
-	private function preFunctionCall($functionName, $args) {
-		$this->curFunc = $functionName;
-		$this->curArgs = $args;
-	}
-
-	/**
-	 * Analyzes the returned LDAP error and acts accordingly if not 0
-	 *
-	 * @param resource $resource the LDAP Connection resource
-	 * @throws ConstraintViolationException
-	 * @throws ServerNotAvailableException
-	 * @throws \Exception
-	 */
-	private function processLDAPError($resource) {
-		$errorCode = ldap_errno($resource);
-		if($errorCode === 0) {
-			return;
-		}
-		$errorMsg  = ldap_error($resource);
-
-		if($this->curFunc === 'ldap_get_entries'
-			&& $errorCode === -4) {
-		} else if ($errorCode === 32) {
-			//for now
-		} else if ($errorCode === 10) {
-			//referrals, we switch them off, but then there is AD :)
-		} else if ($errorCode === -1) {
-			throw new ServerNotAvailableException('Lost connection to LDAP server.');
-		} else if ($errorCode === 48) {
-			throw new \Exception('LDAP authentication method rejected', $errorCode);
-		} else if ($errorCode === 1) {
-			throw new \Exception('LDAP Operations error', $errorCode);
-		} else if ($errorCode === 19) {
-			ldap_get_option($this->curArgs[0], LDAP_OPT_ERROR_STRING, $extended_error);
-			throw new ConstraintViolationException(!empty($extended_error)?$extended_error:$errorMsg, $errorCode);
-		} else {
-			\OCP\Util::writeLog('user_ldap',
-				'LDAP error '.$errorMsg.' (' .
-				$errorCode.') after calling '.
-				$this->curFunc,
-				\OCP\Util::DEBUG);
-		}
-	}
-
-	/**
-	 * Called after an ldap method is run to act on LDAP error if necessary
-	 */
-	private function postFunctionCall() {
-		if($this->isResource($this->curArgs[0])) {
-			$resource = $this->curArgs[0];
-		} else if(
-			   $this->curFunc === 'ldap_search'
-			&& is_array($this->curArgs[0])
-			&& $this->isResource($this->curArgs[0][0])
-		) {
-			// we use always the same LDAP connection resource, is enough to
-			// take the first one.
-			$resource = $this->curArgs[0][0];
-		} else {
-			return;
-		}
-
-		$this->processLDAPError($resource);
-
-		$this->curFunc = '';
-		$this->curArgs = [];
-	}
+    protected $curFunc = '';
+    protected $curArgs = array();
+
+    /**
+     * @param resource $link
+     * @param string $dn
+     * @param string $password
+     * @return bool|mixed
+     */
+    public function bind($link, $dn, $password) {
+        return $this->invokeLDAPMethod('bind', $link, $dn, $password);
+    }
+
+    /**
+     * @param string $host
+     * @param string $port
+     * @return mixed
+     */
+    public function connect($host, $port) {
+        if(strpos($host, '://') === false) {
+            $host = 'ldap://' . $host;
+        }
+        if(strpos($host, ':', strpos($host, '://') + 1) === false) {
+            //ldap_connect ignores port parameter when URLs are passed
+            $host .= ':' . $port;
+        }
+        return $this->invokeLDAPMethod('connect', $host);
+    }
+
+    /**
+     * @param LDAP $link
+     * @param LDAP $result
+     * @param string $cookie
+     * @return bool|LDAP
+     */
+    public function controlPagedResultResponse($link, $result, &$cookie) {
+        $this->preFunctionCall('ldap_control_paged_result_response',
+            array($link, $result, $cookie));
+        $result = ldap_control_paged_result_response($link, $result, $cookie);
+        $this->postFunctionCall();
+
+        return $result;
+    }
+
+    /**
+     * @param LDAP $link
+     * @param int $pageSize
+     * @param bool $isCritical
+     * @param string $cookie
+     * @return mixed|true
+     */
+    public function controlPagedResult($link, $pageSize, $isCritical, $cookie) {
+        return $this->invokeLDAPMethod('control_paged_result', $link, $pageSize,
+                                        $isCritical, $cookie);
+    }
+
+    /**
+     * @param LDAP $link
+     * @param LDAP $result
+     * @return mixed
+     */
+    public function countEntries($link, $result) {
+        return $this->invokeLDAPMethod('count_entries', $link, $result);
+    }
+
+    /**
+     * @param LDAP $link
+     * @return mixed|string
+     */
+    public function errno($link) {
+        return $this->invokeLDAPMethod('errno', $link);
+    }
+
+    /**
+     * @param LDAP $link
+     * @return int|mixed
+     */
+    public function error($link) {
+        return $this->invokeLDAPMethod('error', $link);
+    }
+
+    /**
+     * Splits DN into its component parts
+     * @param string $dn
+     * @param int @withAttrib
+     * @return array|false
+     * @link http://www.php.net/manual/en/function.ldap-explode-dn.php
+     */
+    public function explodeDN($dn, $withAttrib) {
+        return $this->invokeLDAPMethod('explode_dn', $dn, $withAttrib);
+    }
+
+    /**
+     * @param LDAP $link
+     * @param LDAP $result
+     * @return mixed
+     */
+    public function firstEntry($link, $result) {
+        return $this->invokeLDAPMethod('first_entry', $link, $result);
+    }
+
+    /**
+     * @param LDAP $link
+     * @param LDAP $result
+     * @return array|mixed
+     */
+    public function getAttributes($link, $result) {
+        return $this->invokeLDAPMethod('get_attributes', $link, $result);
+    }
+
+    /**
+     * @param LDAP $link
+     * @param LDAP $result
+     * @return mixed|string
+     */
+    public function getDN($link, $result) {
+        return $this->invokeLDAPMethod('get_dn', $link, $result);
+    }
+
+    /**
+     * @param LDAP $link
+     * @param LDAP $result
+     * @return array|mixed
+     */
+    public function getEntries($link, $result) {
+        return $this->invokeLDAPMethod('get_entries', $link, $result);
+    }
+
+    /**
+     * @param LDAP $link
+     * @param resource $result
+     * @return mixed
+     */
+    public function nextEntry($link, $result) {
+        return $this->invokeLDAPMethod('next_entry', $link, $result);
+    }
+
+    /**
+     * @param LDAP $link
+     * @param string $baseDN
+     * @param string $filter
+     * @param array $attr
+     * @return mixed
+     */
+    public function read($link, $baseDN, $filter, $attr) {
+        return $this->invokeLDAPMethod('read', $link, $baseDN, $filter, $attr);
+    }
+
+    /**
+     * @param LDAP $link
+     * @param string $baseDN
+     * @param string $filter
+     * @param array $attr
+     * @param int $attrsOnly
+     * @param int $limit
+     * @return mixed
+     */
+    public function search($link, $baseDN, $filter, $attr, $attrsOnly = 0, $limit = 0) {
+        return $this->invokeLDAPMethod('search', $link, $baseDN, $filter, $attr, $attrsOnly, $limit);
+    }
+
+    /**
+     * @param LDAP $link
+     * @param string $userDN
+     * @param string $password
+     * @return bool
+     */
+    public function modReplace($link, $userDN, $password) {
+        return $this->invokeLDAPMethod('mod_replace', $link, $userDN, array('userPassword' => $password));
+    }
+
+    /**
+     * @param LDAP $link
+     * @param string $option
+     * @param int $value
+     * @return bool|mixed
+     */
+    public function setOption($link, $option, $value) {
+        return $this->invokeLDAPMethod('set_option', $link, $option, $value);
+    }
+
+    /**
+     * @param LDAP $link
+     * @return mixed|true
+     */
+    public function startTls($link) {
+        return $this->invokeLDAPMethod('start_tls', $link);
+    }
+
+    /**
+     * @param resource $link
+     * @return bool|mixed
+     */
+    public function unbind($link) {
+        return $this->invokeLDAPMethod('unbind', $link);
+    }
+
+    /**
+     * Checks whether the server supports LDAP
+     * @return boolean if it the case, false otherwise
+     * */
+    public function areLDAPFunctionsAvailable() {
+        return function_exists('ldap_connect');
+    }
+
+    /**
+     * Checks whether PHP supports LDAP Paged Results
+     * @return boolean if it the case, false otherwise
+     * */
+    public function hasPagedResultSupport() {
+        $hasSupport = function_exists('ldap_control_paged_result')
+            && function_exists('ldap_control_paged_result_response');
+        return $hasSupport;
+    }
+
+    /**
+     * Checks whether the submitted parameter is a resource
+     * @param Resource $resource the resource variable to check
+     * @return bool true if it is a resource, false otherwise
+     */
+    public function isResource($resource) {
+        return is_resource($resource);
+    }
+
+    /**
+     * Checks whether the return value from LDAP is wrong or not.
+     *
+     * When using ldap_search we provide an array, in case multiple bases are
+     * configured. Thus, we need to check the array elements.
+     *
+     * @param $result
+     * @return bool
+     */
+    protected function isResultFalse($result) {
+        if($result === false) {
+            return true;
+        }
+
+        if($this->curFunc === 'ldap_search' && is_array($result)) {
+            foreach ($result as $singleResult) {
+                if($singleResult === false) {
+                    return true;
+                }
+            }
+        }
+
+        return false;
+    }
+
+    /**
+     * @return mixed
+     */
+    protected function invokeLDAPMethod() {
+        $arguments = func_get_args();
+        $func = 'ldap_' . array_shift($arguments);
+        if(function_exists($func)) {
+            $this->preFunctionCall($func, $arguments);
+            $result = call_user_func_array($func, $arguments);
+            if ($this->isResultFalse($result)) {
+                $this->postFunctionCall();
+            }
+            return $result;
+        }
+        return null;
+    }
+
+    /**
+     * @param string $functionName
+     * @param array $args
+     */
+    private function preFunctionCall($functionName, $args) {
+        $this->curFunc = $functionName;
+        $this->curArgs = $args;
+    }
+
+    /**
+     * Analyzes the returned LDAP error and acts accordingly if not 0
+     *
+     * @param resource $resource the LDAP Connection resource
+     * @throws ConstraintViolationException
+     * @throws ServerNotAvailableException
+     * @throws \Exception
+     */
+    private function processLDAPError($resource) {
+        $errorCode = ldap_errno($resource);
+        if($errorCode === 0) {
+            return;
+        }
+        $errorMsg  = ldap_error($resource);
+
+        if($this->curFunc === 'ldap_get_entries'
+            && $errorCode === -4) {
+        } else if ($errorCode === 32) {
+            //for now
+        } else if ($errorCode === 10) {
+            //referrals, we switch them off, but then there is AD :)
+        } else if ($errorCode === -1) {
+            throw new ServerNotAvailableException('Lost connection to LDAP server.');
+        } else if ($errorCode === 48) {
+            throw new \Exception('LDAP authentication method rejected', $errorCode);
+        } else if ($errorCode === 1) {
+            throw new \Exception('LDAP Operations error', $errorCode);
+        } else if ($errorCode === 19) {
+            ldap_get_option($this->curArgs[0], LDAP_OPT_ERROR_STRING, $extended_error);
+            throw new ConstraintViolationException(!empty($extended_error)?$extended_error:$errorMsg, $errorCode);
+        } else {
+            \OCP\Util::writeLog('user_ldap',
+                'LDAP error '.$errorMsg.' (' .
+                $errorCode.') after calling '.
+                $this->curFunc,
+                \OCP\Util::DEBUG);
+        }
+    }
+
+    /**
+     * Called after an ldap method is run to act on LDAP error if necessary
+     */
+    private function postFunctionCall() {
+        if($this->isResource($this->curArgs[0])) {
+            $resource = $this->curArgs[0];
+        } else if(
+                $this->curFunc === 'ldap_search'
+            && is_array($this->curArgs[0])
+            && $this->isResource($this->curArgs[0][0])
+        ) {
+            // we use always the same LDAP connection resource, is enough to
+            // take the first one.
+            $resource = $this->curArgs[0][0];
+        } else {
+            return;
+        }
+
+        $this->processLDAPError($resource);
+
+        $this->curFunc = '';
+        $this->curArgs = [];
+    }
 }

apps/user_ldap/lib/User/User.php

Indentation +499 added lines, -499 removed lines

@@ -41,504 +41,504 @@
  * represents an LDAP user, gets and holds user-specific information from LDAP
  */
 class User {
-	/**
-	 * @var IUserTools
-	 */
-	protected $access;
-	/**
-	 * @var Connection
-	 */
-	protected $connection;
-	/**
-	 * @var IConfig
-	 */
-	protected $config;
-	/**
-	 * @var FilesystemHelper
-	 */
-	protected $fs;
-	/**
-	 * @var Image
-	 */
-	protected $image;
-	/**
-	 * @var LogWrapper
-	 */
-	protected $log;
-	/**
-	 * @var IAvatarManager
-	 */
-	protected $avatarManager;
-	/**
-	 * @var IUserManager
-	 */
-	protected $userManager;
-	/**
-	 * @var string
-	 */
-	protected $dn;
-	/**
-	 * @var string
-	 */
-	protected $uid;
-	/**
-	 * @var string[]
-	 */
-	protected $refreshedFeatures = array();
-	/**
-	 * @var string
-	 */
-	protected $avatarImage;
-
-	/**
-	 * DB config keys for user preferences
-	 */
-	const USER_PREFKEY_FIRSTLOGIN  = 'firstLoginAccomplished';
-	const USER_PREFKEY_LASTREFRESH = 'lastFeatureRefresh';
-
-	/**
-	 * @brief constructor, make sure the subclasses call this one!
-	 * @param string $username the internal username
-	 * @param string $dn the LDAP DN
-	 * @param IUserTools $access an instance that implements IUserTools for
-	 * LDAP interaction
-	 * @param IConfig $config
-	 * @param FilesystemHelper $fs
-	 * @param Image $image any empty instance
-	 * @param LogWrapper $log
-	 * @param IAvatarManager $avatarManager
-	 * @param IUserManager $userManager
-	 */
-	public function __construct($username, $dn, IUserTools $access,
-		IConfig $config, FilesystemHelper $fs, Image $image,
-		LogWrapper $log, IAvatarManager $avatarManager, IUserManager $userManager) {
-
-		if ($username === null) {
-			$log->log("uid for '$dn' must not be null!", Util::ERROR);
-			throw new \InvalidArgumentException('uid must not be null!');
-		} else if ($username === '') {
-			$log->log("uid for '$dn' must not be an empty string", Util::ERROR);
-			throw new \InvalidArgumentException('uid must not be an empty string!');
-		}
-
-		$this->access        = $access;
-		$this->connection    = $access->getConnection();
-		$this->config        = $config;
-		$this->fs            = $fs;
-		$this->dn            = $dn;
-		$this->uid           = $username;
-		$this->image         = $image;
-		$this->log           = $log;
-		$this->avatarManager = $avatarManager;
-		$this->userManager   = $userManager;
-	}
-
-	/**
-	 * @brief updates properties like email, quota or avatar provided by LDAP
-	 * @return null
-	 */
-	public function update() {
-		if(is_null($this->dn)) {
-			return null;
-		}
-
-		$hasLoggedIn = $this->config->getUserValue($this->uid, 'user_ldap',
-				self::USER_PREFKEY_FIRSTLOGIN, 0);
-
-		if($this->needsRefresh()) {
-			$this->updateEmail();
-			$this->updateQuota();
-			if($hasLoggedIn !== 0) {
-				//we do not need to try it, when the user has not been logged in
-				//before, because the file system will not be ready.
-				$this->updateAvatar();
-				//in order to get an avatar as soon as possible, mark the user
-				//as refreshed only when updating the avatar did happen
-				$this->markRefreshTime();
-			}
-		}
-	}
-
-	/**
-	 * processes results from LDAP for attributes as returned by getAttributesToRead()
-	 * @param array $ldapEntry the user entry as retrieved from LDAP
-	 */
-	public function processAttributes($ldapEntry) {
-		$this->markRefreshTime();
-		//Quota
-		$attr = strtolower($this->connection->ldapQuotaAttribute);
-		if(isset($ldapEntry[$attr])) {
-			$this->updateQuota($ldapEntry[$attr][0]);
-		}
-		unset($attr);
-
-		//Email
-		$attr = strtolower($this->connection->ldapEmailAttribute);
-		if(isset($ldapEntry[$attr])) {
-			$this->updateEmail($ldapEntry[$attr][0]);
-		}
-		unset($attr);
-
-		//displayName
-		$displayName = $displayName2 = '';
-		$attr = strtolower($this->connection->ldapUserDisplayName);
-		if(isset($ldapEntry[$attr])) {
-			$displayName = strval($ldapEntry[$attr][0]);
-		}
-		$attr = strtolower($this->connection->ldapUserDisplayName2);
-		if(isset($ldapEntry[$attr])) {
-			$displayName2 = strval($ldapEntry[$attr][0]);
-		}
-		if ($displayName !== '') {
-			$this->composeAndStoreDisplayName($displayName);
-			$this->access->cacheUserDisplayName(
-				$this->getUsername(),
-				$displayName,
-				$displayName2
-			);
-		}
-		unset($attr);
-
-		// LDAP Username, needed for s2s sharing
-		if(isset($ldapEntry['uid'])) {
-			$this->storeLDAPUserName($ldapEntry['uid'][0]);
-		} else if(isset($ldapEntry['samaccountname'])) {
-			$this->storeLDAPUserName($ldapEntry['samaccountname'][0]);
-		}
-
-		//homePath
-		if(strpos($this->connection->homeFolderNamingRule, 'attr:') === 0) {
-			$attr = strtolower(substr($this->connection->homeFolderNamingRule, strlen('attr:')));
-			if(isset($ldapEntry[$attr])) {
-				$this->access->cacheUserHome(
-					$this->getUsername(), $this->getHomePath($ldapEntry[$attr][0]));
-			}
-		}
-
-		//memberOf groups
-		$cacheKey = 'getMemberOf'.$this->getUsername();
-		$groups = false;
-		if(isset($ldapEntry['memberof'])) {
-			$groups = $ldapEntry['memberof'];
-		}
-		$this->connection->writeToCache($cacheKey, $groups);
-
-		//Avatar
-		$attrs = array('jpegphoto', 'thumbnailphoto');
-		foreach ($attrs as $attr)  {
-			if(isset($ldapEntry[$attr])) {
-				$this->avatarImage = $ldapEntry[$attr][0];
-				// the call to the method that saves the avatar in the file
-				// system must be postponed after the login. It is to ensure
-				// external mounts are mounted properly (e.g. with login
-				// credentials from the session).
-				\OCP\Util::connectHook('OC_User', 'post_login', $this, 'updateAvatarPostLogin');
-				break;
-			}
-		}
-	}
-
-	/**
-	 * @brief returns the LDAP DN of the user
-	 * @return string
-	 */
-	public function getDN() {
-		return $this->dn;
-	}
-
-	/**
-	 * @brief returns the ownCloud internal username of the user
-	 * @return string
-	 */
-	public function getUsername() {
-		return $this->uid;
-	}
-
-	/**
-	 * returns the home directory of the user if specified by LDAP settings
-	 * @param string $valueFromLDAP
-	 * @return bool|string
-	 * @throws \Exception
-	 */
-	public function getHomePath($valueFromLDAP = null) {
-		$path = strval($valueFromLDAP);
-		$attr = null;
-
-		if (is_null($valueFromLDAP)
-		   && strpos($this->access->connection->homeFolderNamingRule, 'attr:') === 0
-		   && $this->access->connection->homeFolderNamingRule !== 'attr:')
-		{
-			$attr = substr($this->access->connection->homeFolderNamingRule, strlen('attr:'));
-			$homedir = $this->access->readAttribute(
-				$this->access->username2dn($this->getUsername()), $attr);
-			if ($homedir && isset($homedir[0])) {
-				$path = $homedir[0];
-			}
-		}
-
-		if ($path !== '') {
-			//if attribute's value is an absolute path take this, otherwise append it to data dir
-			//check for / at the beginning or pattern c:\ resp. c:/
-			if(   '/' !== $path[0]
-			   && !(3 < strlen($path) && ctype_alpha($path[0])
-			       && $path[1] === ':' && ('\\' === $path[2] || '/' === $path[2]))
-			) {
-				$path = $this->config->getSystemValue('datadirectory',
-						\OC::$SERVERROOT.'/data' ) . '/' . $path;
-			}
-			//we need it to store it in the DB as well in case a user gets
-			//deleted so we can clean up afterwards
-			$this->config->setUserValue(
-				$this->getUsername(), 'user_ldap', 'homePath', $path
-			);
-			return $path;
-		}
-
-		if(    !is_null($attr)
-			&& $this->config->getAppValue('user_ldap', 'enforce_home_folder_naming_rule', true)
-		) {
-			// a naming rule attribute is defined, but it doesn't exist for that LDAP user
-			throw new \Exception('Home dir attribute can\'t be read from LDAP for uid: ' . $this->getUsername());
-		}
-
-		//false will apply default behaviour as defined and done by OC_User
-		$this->config->setUserValue($this->getUsername(), 'user_ldap', 'homePath', '');
-		return false;
-	}
-
-	public function getMemberOfGroups() {
-		$cacheKey = 'getMemberOf'.$this->getUsername();
-		$memberOfGroups = $this->connection->getFromCache($cacheKey);
-		if(!is_null($memberOfGroups)) {
-			return $memberOfGroups;
-		}
-		$groupDNs = $this->access->readAttribute($this->getDN(), 'memberOf');
-		$this->connection->writeToCache($cacheKey, $groupDNs);
-		return $groupDNs;
-	}
-
-	/**
-	 * @brief reads the image from LDAP that shall be used as Avatar
-	 * @return string data (provided by LDAP) | false
-	 */
-	public function getAvatarImage() {
-		if(!is_null($this->avatarImage)) {
-			return $this->avatarImage;
-		}
-
-		$this->avatarImage = false;
-		$attributes = array('jpegPhoto', 'thumbnailPhoto');
-		foreach($attributes as $attribute) {
-			$result = $this->access->readAttribute($this->dn, $attribute);
-			if($result !== false && is_array($result) && isset($result[0])) {
-				$this->avatarImage = $result[0];
-				break;
-			}
-		}
-
-		return $this->avatarImage;
-	}
-
-	/**
-	 * @brief marks the user as having logged in at least once
-	 * @return null
-	 */
-	public function markLogin() {
-		$this->config->setUserValue(
-			$this->uid, 'user_ldap', self::USER_PREFKEY_FIRSTLOGIN, 1);
-	}
-
-	/**
-	 * @brief marks the time when user features like email have been updated
-	 * @return null
-	 */
-	public function markRefreshTime() {
-		$this->config->setUserValue(
-			$this->uid, 'user_ldap', self::USER_PREFKEY_LASTREFRESH, time());
-	}
-
-	/**
-	 * @brief checks whether user features needs to be updated again by
-	 * comparing the difference of time of the last refresh to now with the
-	 * desired interval
-	 * @return bool
-	 */
-	private function needsRefresh() {
-		$lastChecked = $this->config->getUserValue($this->uid, 'user_ldap',
-			self::USER_PREFKEY_LASTREFRESH, 0);
-
-		//TODO make interval configurable
-		if((time() - intval($lastChecked)) < 86400 ) {
-			return false;
-		}
-		return  true;
-	}
-
-	/**
-	 * Stores a key-value pair in relation to this user
-	 *
-	 * @param string $key
-	 * @param string $value
-	 */
-	private function store($key, $value) {
-		$this->config->setUserValue($this->uid, 'user_ldap', $key, $value);
-	}
-
-	/**
-	 * Composes the display name and stores it in the database. The final
-	 * display name is returned.
-	 *
-	 * @param string $displayName
-	 * @param string $displayName2
-	 * @returns string the effective display name
-	 */
-	public function composeAndStoreDisplayName($displayName, $displayName2 = '') {
-		$displayName2 = strval($displayName2);
-		if($displayName2 !== '') {
-			$displayName .= ' (' . $displayName2 . ')';
-		}
-		$this->store('displayName', $displayName);
-		return $displayName;
-	}
-
-	/**
-	 * Stores the LDAP Username in the Database
-	 * @param string $userName
-	 */
-	public function storeLDAPUserName($userName) {
-		$this->store('uid', $userName);
-	}
-
-	/**
-	 * @brief checks whether an update method specified by feature was run
-	 * already. If not, it will marked like this, because it is expected that
-	 * the method will be run, when false is returned.
-	 * @param string $feature email | quota | avatar (can be extended)
-	 * @return bool
-	 */
-	private function wasRefreshed($feature) {
-		if(isset($this->refreshedFeatures[$feature])) {
-			return true;
-		}
-		$this->refreshedFeatures[$feature] = 1;
-		return false;
-	}
-
-	/**
-	 * fetches the email from LDAP and stores it as ownCloud user value
-	 * @param string $valueFromLDAP if known, to save an LDAP read request
-	 * @return null
-	 */
-	public function updateEmail($valueFromLDAP = null) {
-		if($this->wasRefreshed('email')) {
-			return;
-		}
-		$email = strval($valueFromLDAP);
-		if(is_null($valueFromLDAP)) {
-			$emailAttribute = $this->connection->ldapEmailAttribute;
-			if ($emailAttribute !== '') {
-				$aEmail = $this->access->readAttribute($this->dn, $emailAttribute);
-				if(is_array($aEmail) && (count($aEmail) > 0)) {
-					$email = strval($aEmail[0]);
-				}
-			}
-		}
-		if ($email !== '') {
-			$user = $this->userManager->get($this->uid);
-			if (!is_null($user)) {
-				$currentEmail = strval($user->getEMailAddress());
-				if ($currentEmail !== $email) {
-					$user->setEMailAddress($email);
-				}
-			}
-		}
-	}
-
-	/**
-	 * fetches the quota from LDAP and stores it as ownCloud user value
-	 * @param string $valueFromLDAP the quota attribute's value can be passed,
-	 * to save the readAttribute request
-	 * @return null
-	 */
-	public function updateQuota($valueFromLDAP = null) {
-		if($this->wasRefreshed('quota')) {
-			return;
-		}
-		//can be null
-		$quotaDefault = $this->connection->ldapQuotaDefault;
-		$quota = $quotaDefault !== '' ? $quotaDefault : null;
-		$quota = !is_null($valueFromLDAP) ? $valueFromLDAP : $quota;
-
-		if(is_null($valueFromLDAP)) {
-			$quotaAttribute = $this->connection->ldapQuotaAttribute;
-			if ($quotaAttribute !== '') {
-				$aQuota = $this->access->readAttribute($this->dn, $quotaAttribute);
-				if($aQuota && (count($aQuota) > 0)) {
-					$quota = $aQuota[0];
-				}
-			}
-		}
-		if(!is_null($quota)) {
-			$this->userManager->get($this->uid)->setQuota($quota);
-		}
-	}
-
-	/**
-	 * called by a post_login hook to save the avatar picture
-	 *
-	 * @param array $params
-	 */
-	public function updateAvatarPostLogin($params) {
-		if(isset($params['uid']) && $params['uid'] === $this->getUsername()) {
-			$this->updateAvatar();
-		}
-	}
-
-	/**
-	 * @brief attempts to get an image from LDAP and sets it as ownCloud avatar
-	 * @return null
-	 */
-	public function updateAvatar() {
-		if($this->wasRefreshed('avatar')) {
-			return;
-		}
-		$avatarImage = $this->getAvatarImage();
-		if($avatarImage === false) {
-			//not set, nothing left to do;
-			return;
-		}
-		$this->image->loadFromBase64(base64_encode($avatarImage));
-		$this->setOwnCloudAvatar();
-	}
-
-	/**
-	 * @brief sets an image as ownCloud avatar
-	 * @return null
-	 */
-	private function setOwnCloudAvatar() {
-		if(!$this->image->valid()) {
-			$this->log->log('jpegPhoto data invalid for '.$this->dn, \OCP\Util::ERROR);
-			return;
-		}
-		//make sure it is a square and not bigger than 128x128
-		$size = min(array($this->image->width(), $this->image->height(), 128));
-		if(!$this->image->centerCrop($size)) {
-			$this->log->log('croping image for avatar failed for '.$this->dn, \OCP\Util::ERROR);
-			return;
-		}
-
-		if(!$this->fs->isLoaded()) {
-			$this->fs->setup($this->uid);
-		}
-
-		try {
-			$avatar = $this->avatarManager->getAvatar($this->uid);
-			$avatar->set($this->image);
-		} catch (\Exception $e) {
-			\OC::$server->getLogger()->notice(
-				'Could not set avatar for ' . $this->dn	. ', because: ' . $e->getMessage(),
-				['app' => 'user_ldap']);
-		}
-	}
+    /**
+     * @var IUserTools
+     */
+    protected $access;
+    /**
+     * @var Connection
+     */
+    protected $connection;
+    /**
+     * @var IConfig
+     */
+    protected $config;
+    /**
+     * @var FilesystemHelper
+     */
+    protected $fs;
+    /**
+     * @var Image
+     */
+    protected $image;
+    /**
+     * @var LogWrapper
+     */
+    protected $log;
+    /**
+     * @var IAvatarManager
+     */
+    protected $avatarManager;
+    /**
+     * @var IUserManager
+     */
+    protected $userManager;
+    /**
+     * @var string
+     */
+    protected $dn;
+    /**
+     * @var string
+     */
+    protected $uid;
+    /**
+     * @var string[]
+     */
+    protected $refreshedFeatures = array();
+    /**
+     * @var string
+     */
+    protected $avatarImage;
+
+    /**
+     * DB config keys for user preferences
+     */
+    const USER_PREFKEY_FIRSTLOGIN  = 'firstLoginAccomplished';
+    const USER_PREFKEY_LASTREFRESH = 'lastFeatureRefresh';
+
+    /**
+     * @brief constructor, make sure the subclasses call this one!
+     * @param string $username the internal username
+     * @param string $dn the LDAP DN
+     * @param IUserTools $access an instance that implements IUserTools for
+     * LDAP interaction
+     * @param IConfig $config
+     * @param FilesystemHelper $fs
+     * @param Image $image any empty instance
+     * @param LogWrapper $log
+     * @param IAvatarManager $avatarManager
+     * @param IUserManager $userManager
+     */
+    public function __construct($username, $dn, IUserTools $access,
+        IConfig $config, FilesystemHelper $fs, Image $image,
+        LogWrapper $log, IAvatarManager $avatarManager, IUserManager $userManager) {
+
+        if ($username === null) {
+            $log->log("uid for '$dn' must not be null!", Util::ERROR);
+            throw new \InvalidArgumentException('uid must not be null!');
+        } else if ($username === '') {
+            $log->log("uid for '$dn' must not be an empty string", Util::ERROR);
+            throw new \InvalidArgumentException('uid must not be an empty string!');
+        }
+
+        $this->access        = $access;
+        $this->connection    = $access->getConnection();
+        $this->config        = $config;
+        $this->fs            = $fs;
+        $this->dn            = $dn;
+        $this->uid           = $username;
+        $this->image         = $image;
+        $this->log           = $log;
+        $this->avatarManager = $avatarManager;
+        $this->userManager   = $userManager;
+    }
+
+    /**
+     * @brief updates properties like email, quota or avatar provided by LDAP
+     * @return null
+     */
+    public function update() {
+        if(is_null($this->dn)) {
+            return null;
+        }
+
+        $hasLoggedIn = $this->config->getUserValue($this->uid, 'user_ldap',
+                self::USER_PREFKEY_FIRSTLOGIN, 0);
+
+        if($this->needsRefresh()) {
+            $this->updateEmail();
+            $this->updateQuota();
+            if($hasLoggedIn !== 0) {
+                //we do not need to try it, when the user has not been logged in
+                //before, because the file system will not be ready.
+                $this->updateAvatar();
+                //in order to get an avatar as soon as possible, mark the user
+                //as refreshed only when updating the avatar did happen
+                $this->markRefreshTime();
+            }
+        }
+    }
+
+    /**
+     * processes results from LDAP for attributes as returned by getAttributesToRead()
+     * @param array $ldapEntry the user entry as retrieved from LDAP
+     */
+    public function processAttributes($ldapEntry) {
+        $this->markRefreshTime();
+        //Quota
+        $attr = strtolower($this->connection->ldapQuotaAttribute);
+        if(isset($ldapEntry[$attr])) {
+            $this->updateQuota($ldapEntry[$attr][0]);
+        }
+        unset($attr);
+
+        //Email
+        $attr = strtolower($this->connection->ldapEmailAttribute);
+        if(isset($ldapEntry[$attr])) {
+            $this->updateEmail($ldapEntry[$attr][0]);
+        }
+        unset($attr);
+
+        //displayName
+        $displayName = $displayName2 = '';
+        $attr = strtolower($this->connection->ldapUserDisplayName);
+        if(isset($ldapEntry[$attr])) {
+            $displayName = strval($ldapEntry[$attr][0]);
+        }
+        $attr = strtolower($this->connection->ldapUserDisplayName2);
+        if(isset($ldapEntry[$attr])) {
+            $displayName2 = strval($ldapEntry[$attr][0]);
+        }
+        if ($displayName !== '') {
+            $this->composeAndStoreDisplayName($displayName);
+            $this->access->cacheUserDisplayName(
+                $this->getUsername(),
+                $displayName,
+                $displayName2
+            );
+        }
+        unset($attr);
+
+        // LDAP Username, needed for s2s sharing
+        if(isset($ldapEntry['uid'])) {
+            $this->storeLDAPUserName($ldapEntry['uid'][0]);
+        } else if(isset($ldapEntry['samaccountname'])) {
+            $this->storeLDAPUserName($ldapEntry['samaccountname'][0]);
+        }
+
+        //homePath
+        if(strpos($this->connection->homeFolderNamingRule, 'attr:') === 0) {
+            $attr = strtolower(substr($this->connection->homeFolderNamingRule, strlen('attr:')));
+            if(isset($ldapEntry[$attr])) {
+                $this->access->cacheUserHome(
+                    $this->getUsername(), $this->getHomePath($ldapEntry[$attr][0]));
+            }
+        }
+
+        //memberOf groups
+        $cacheKey = 'getMemberOf'.$this->getUsername();
+        $groups = false;
+        if(isset($ldapEntry['memberof'])) {
+            $groups = $ldapEntry['memberof'];
+        }
+        $this->connection->writeToCache($cacheKey, $groups);
+
+        //Avatar
+        $attrs = array('jpegphoto', 'thumbnailphoto');
+        foreach ($attrs as $attr)  {
+            if(isset($ldapEntry[$attr])) {
+                $this->avatarImage = $ldapEntry[$attr][0];
+                // the call to the method that saves the avatar in the file
+                // system must be postponed after the login. It is to ensure
+                // external mounts are mounted properly (e.g. with login
+                // credentials from the session).
+                \OCP\Util::connectHook('OC_User', 'post_login', $this, 'updateAvatarPostLogin');
+                break;
+            }
+        }
+    }
+
+    /**
+     * @brief returns the LDAP DN of the user
+     * @return string
+     */
+    public function getDN() {
+        return $this->dn;
+    }
+
+    /**
+     * @brief returns the ownCloud internal username of the user
+     * @return string
+     */
+    public function getUsername() {
+        return $this->uid;
+    }
+
+    /**
+     * returns the home directory of the user if specified by LDAP settings
+     * @param string $valueFromLDAP
+     * @return bool|string
+     * @throws \Exception
+     */
+    public function getHomePath($valueFromLDAP = null) {
+        $path = strval($valueFromLDAP);
+        $attr = null;
+
+        if (is_null($valueFromLDAP)
+           && strpos($this->access->connection->homeFolderNamingRule, 'attr:') === 0
+           && $this->access->connection->homeFolderNamingRule !== 'attr:')
+        {
+            $attr = substr($this->access->connection->homeFolderNamingRule, strlen('attr:'));
+            $homedir = $this->access->readAttribute(
+                $this->access->username2dn($this->getUsername()), $attr);
+            if ($homedir && isset($homedir[0])) {
+                $path = $homedir[0];
+            }
+        }
+
+        if ($path !== '') {
+            //if attribute's value is an absolute path take this, otherwise append it to data dir
+            //check for / at the beginning or pattern c:\ resp. c:/
+            if(   '/' !== $path[0]
+               && !(3 < strlen($path) && ctype_alpha($path[0])
+                   && $path[1] === ':' && ('\\' === $path[2] || '/' === $path[2]))
+            ) {
+                $path = $this->config->getSystemValue('datadirectory',
+                        \OC::$SERVERROOT.'/data' ) . '/' . $path;
+            }
+            //we need it to store it in the DB as well in case a user gets
+            //deleted so we can clean up afterwards
+            $this->config->setUserValue(
+                $this->getUsername(), 'user_ldap', 'homePath', $path
+            );
+            return $path;
+        }
+
+        if(    !is_null($attr)
+            && $this->config->getAppValue('user_ldap', 'enforce_home_folder_naming_rule', true)
+        ) {
+            // a naming rule attribute is defined, but it doesn't exist for that LDAP user
+            throw new \Exception('Home dir attribute can\'t be read from LDAP for uid: ' . $this->getUsername());
+        }
+
+        //false will apply default behaviour as defined and done by OC_User
+        $this->config->setUserValue($this->getUsername(), 'user_ldap', 'homePath', '');
+        return false;
+    }
+
+    public function getMemberOfGroups() {
+        $cacheKey = 'getMemberOf'.$this->getUsername();
+        $memberOfGroups = $this->connection->getFromCache($cacheKey);
+        if(!is_null($memberOfGroups)) {
+            return $memberOfGroups;
+        }
+        $groupDNs = $this->access->readAttribute($this->getDN(), 'memberOf');
+        $this->connection->writeToCache($cacheKey, $groupDNs);
+        return $groupDNs;
+    }
+
+    /**
+     * @brief reads the image from LDAP that shall be used as Avatar
+     * @return string data (provided by LDAP) | false
+     */
+    public function getAvatarImage() {
+        if(!is_null($this->avatarImage)) {
+            return $this->avatarImage;
+        }
+
+        $this->avatarImage = false;
+        $attributes = array('jpegPhoto', 'thumbnailPhoto');
+        foreach($attributes as $attribute) {
+            $result = $this->access->readAttribute($this->dn, $attribute);
+            if($result !== false && is_array($result) && isset($result[0])) {
+                $this->avatarImage = $result[0];
+                break;
+            }
+        }
+
+        return $this->avatarImage;
+    }
+
+    /**
+     * @brief marks the user as having logged in at least once
+     * @return null
+     */
+    public function markLogin() {
+        $this->config->setUserValue(
+            $this->uid, 'user_ldap', self::USER_PREFKEY_FIRSTLOGIN, 1);
+    }
+
+    /**
+     * @brief marks the time when user features like email have been updated
+     * @return null
+     */
+    public function markRefreshTime() {
+        $this->config->setUserValue(
+            $this->uid, 'user_ldap', self::USER_PREFKEY_LASTREFRESH, time());
+    }
+
+    /**
+     * @brief checks whether user features needs to be updated again by
+     * comparing the difference of time of the last refresh to now with the
+     * desired interval
+     * @return bool
+     */
+    private function needsRefresh() {
+        $lastChecked = $this->config->getUserValue($this->uid, 'user_ldap',
+            self::USER_PREFKEY_LASTREFRESH, 0);
+
+        //TODO make interval configurable
+        if((time() - intval($lastChecked)) < 86400 ) {
+            return false;
+        }
+        return  true;
+    }
+
+    /**
+     * Stores a key-value pair in relation to this user
+     *
+     * @param string $key
+     * @param string $value
+     */
+    private function store($key, $value) {
+        $this->config->setUserValue($this->uid, 'user_ldap', $key, $value);
+    }
+
+    /**
+     * Composes the display name and stores it in the database. The final
+     * display name is returned.
+     *
+     * @param string $displayName
+     * @param string $displayName2
+     * @returns string the effective display name
+     */
+    public function composeAndStoreDisplayName($displayName, $displayName2 = '') {
+        $displayName2 = strval($displayName2);
+        if($displayName2 !== '') {
+            $displayName .= ' (' . $displayName2 . ')';
+        }
+        $this->store('displayName', $displayName);
+        return $displayName;
+    }
+
+    /**
+     * Stores the LDAP Username in the Database
+     * @param string $userName
+     */
+    public function storeLDAPUserName($userName) {
+        $this->store('uid', $userName);
+    }
+
+    /**
+     * @brief checks whether an update method specified by feature was run
+     * already. If not, it will marked like this, because it is expected that
+     * the method will be run, when false is returned.
+     * @param string $feature email | quota | avatar (can be extended)
+     * @return bool
+     */
+    private function wasRefreshed($feature) {
+        if(isset($this->refreshedFeatures[$feature])) {
+            return true;
+        }
+        $this->refreshedFeatures[$feature] = 1;
+        return false;
+    }
+
+    /**
+     * fetches the email from LDAP and stores it as ownCloud user value
+     * @param string $valueFromLDAP if known, to save an LDAP read request
+     * @return null
+     */
+    public function updateEmail($valueFromLDAP = null) {
+        if($this->wasRefreshed('email')) {
+            return;
+        }
+        $email = strval($valueFromLDAP);
+        if(is_null($valueFromLDAP)) {
+            $emailAttribute = $this->connection->ldapEmailAttribute;
+            if ($emailAttribute !== '') {
+                $aEmail = $this->access->readAttribute($this->dn, $emailAttribute);
+                if(is_array($aEmail) && (count($aEmail) > 0)) {
+                    $email = strval($aEmail[0]);
+                }
+            }
+        }
+        if ($email !== '') {
+            $user = $this->userManager->get($this->uid);
+            if (!is_null($user)) {
+                $currentEmail = strval($user->getEMailAddress());
+                if ($currentEmail !== $email) {
+                    $user->setEMailAddress($email);
+                }
+            }
+        }
+    }
+
+    /**
+     * fetches the quota from LDAP and stores it as ownCloud user value
+     * @param string $valueFromLDAP the quota attribute's value can be passed,
+     * to save the readAttribute request
+     * @return null
+     */
+    public function updateQuota($valueFromLDAP = null) {
+        if($this->wasRefreshed('quota')) {
+            return;
+        }
+        //can be null
+        $quotaDefault = $this->connection->ldapQuotaDefault;
+        $quota = $quotaDefault !== '' ? $quotaDefault : null;
+        $quota = !is_null($valueFromLDAP) ? $valueFromLDAP : $quota;
+
+        if(is_null($valueFromLDAP)) {
+            $quotaAttribute = $this->connection->ldapQuotaAttribute;
+            if ($quotaAttribute !== '') {
+                $aQuota = $this->access->readAttribute($this->dn, $quotaAttribute);
+                if($aQuota && (count($aQuota) > 0)) {
+                    $quota = $aQuota[0];
+                }
+            }
+        }
+        if(!is_null($quota)) {
+            $this->userManager->get($this->uid)->setQuota($quota);
+        }
+    }
+
+    /**
+     * called by a post_login hook to save the avatar picture
+     *
+     * @param array $params
+     */
+    public function updateAvatarPostLogin($params) {
+        if(isset($params['uid']) && $params['uid'] === $this->getUsername()) {
+            $this->updateAvatar();
+        }
+    }
+
+    /**
+     * @brief attempts to get an image from LDAP and sets it as ownCloud avatar
+     * @return null
+     */
+    public function updateAvatar() {
+        if($this->wasRefreshed('avatar')) {
+            return;
+        }
+        $avatarImage = $this->getAvatarImage();
+        if($avatarImage === false) {
+            //not set, nothing left to do;
+            return;
+        }
+        $this->image->loadFromBase64(base64_encode($avatarImage));
+        $this->setOwnCloudAvatar();
+    }
+
+    /**
+     * @brief sets an image as ownCloud avatar
+     * @return null
+     */
+    private function setOwnCloudAvatar() {
+        if(!$this->image->valid()) {
+            $this->log->log('jpegPhoto data invalid for '.$this->dn, \OCP\Util::ERROR);
+            return;
+        }
+        //make sure it is a square and not bigger than 128x128
+        $size = min(array($this->image->width(), $this->image->height(), 128));
+        if(!$this->image->centerCrop($size)) {
+            $this->log->log('croping image for avatar failed for '.$this->dn, \OCP\Util::ERROR);
+            return;
+        }
+
+        if(!$this->fs->isLoaded()) {
+            $this->fs->setup($this->uid);
+        }
+
+        try {
+            $avatar = $this->avatarManager->getAvatar($this->uid);
+            $avatar->set($this->image);
+        } catch (\Exception $e) {
+            \OC::$server->getLogger()->notice(
+                'Could not set avatar for ' . $this->dn	. ', because: ' . $e->getMessage(),
+                ['app' => 'user_ldap']);
+        }
+    }
 
 }

apps/user_ldap/lib/User/DeletedUsersIndex.php

Indentation +70 added lines, -70 removed lines

@@ -31,84 +31,84 @@
  * @package OCA\User_LDAP
  */
 class DeletedUsersIndex {
-	/**
-	 * @var \OCP\IConfig $config
-	 */
-	protected $config;
+    /**
+     * @var \OCP\IConfig $config
+     */
+    protected $config;
 
-	/**
-	 * @var \OCP\IDBConnection $db
-	 */
-	protected $db;
+    /**
+     * @var \OCP\IDBConnection $db
+     */
+    protected $db;
 
-	/**
-	 * @var \OCA\User_LDAP\Mapping\UserMapping $mapping
-	 */
-	protected $mapping;
+    /**
+     * @var \OCA\User_LDAP\Mapping\UserMapping $mapping
+     */
+    protected $mapping;
 
-	/**
-	 * @var array $deletedUsers
-	 */
-	protected $deletedUsers;
+    /**
+     * @var array $deletedUsers
+     */
+    protected $deletedUsers;
 
-	/**
-	 * @param \OCP\IConfig $config
-	 * @param \OCP\IDBConnection $db
-	 * @param \OCA\User_LDAP\Mapping\UserMapping $mapping
-	 */
-	public function __construct(\OCP\IConfig $config, \OCP\IDBConnection $db, UserMapping $mapping) {
-		$this->config = $config;
-		$this->db = $db;
-		$this->mapping = $mapping;
-	}
+    /**
+     * @param \OCP\IConfig $config
+     * @param \OCP\IDBConnection $db
+     * @param \OCA\User_LDAP\Mapping\UserMapping $mapping
+     */
+    public function __construct(\OCP\IConfig $config, \OCP\IDBConnection $db, UserMapping $mapping) {
+        $this->config = $config;
+        $this->db = $db;
+        $this->mapping = $mapping;
+    }
 
-	/**
-	 * reads LDAP users marked as deleted from the database
-	 * @return \OCA\User_LDAP\User\OfflineUser[]
-	 */
-	private function fetchDeletedUsers() {
-		$deletedUsers = $this->config->getUsersForUserValue(
-			'user_ldap', 'isDeleted', '1');
+    /**
+     * reads LDAP users marked as deleted from the database
+     * @return \OCA\User_LDAP\User\OfflineUser[]
+     */
+    private function fetchDeletedUsers() {
+        $deletedUsers = $this->config->getUsersForUserValue(
+            'user_ldap', 'isDeleted', '1');
 
-		$userObjects = array();
-		foreach($deletedUsers as $user) {
-			$userObjects[] = new OfflineUser($user, $this->config, $this->db, $this->mapping);
-		}
-		$this->deletedUsers = $userObjects;
+        $userObjects = array();
+        foreach($deletedUsers as $user) {
+            $userObjects[] = new OfflineUser($user, $this->config, $this->db, $this->mapping);
+        }
+        $this->deletedUsers = $userObjects;
 
-		return $this->deletedUsers;
-	}
+        return $this->deletedUsers;
+    }
 
-	/**
-	 * returns all LDAP users that are marked as deleted
-	 * @return \OCA\User_LDAP\User\OfflineUser[]
-	 */
-	public function getUsers() {
-		if(is_array($this->deletedUsers)) {
-			return $this->deletedUsers;
-		}
-		return $this->fetchDeletedUsers();
-	}
+    /**
+     * returns all LDAP users that are marked as deleted
+     * @return \OCA\User_LDAP\User\OfflineUser[]
+     */
+    public function getUsers() {
+        if(is_array($this->deletedUsers)) {
+            return $this->deletedUsers;
+        }
+        return $this->fetchDeletedUsers();
+    }
 
-	/**
-	 * whether at least one user was detected as deleted
-	 * @return bool
-	 */
-	public function hasUsers() {
-		if($this->deletedUsers === false) {
-			$this->fetchDeletedUsers();
-		}
-		if(is_array($this->deletedUsers) && count($this->deletedUsers) > 0) {
-			return true;
-		}
-		return false;
-	}
+    /**
+     * whether at least one user was detected as deleted
+     * @return bool
+     */
+    public function hasUsers() {
+        if($this->deletedUsers === false) {
+            $this->fetchDeletedUsers();
+        }
+        if(is_array($this->deletedUsers) && count($this->deletedUsers) > 0) {
+            return true;
+        }
+        return false;
+    }
 
-	/**
-	 * marks a user as deleted
-	 * @param string $ocName
-	 */
-	public function markUser($ocName) {
-		$this->config->setUserValue($ocName, 'user_ldap', 'isDeleted', '1');
-	}
+    /**
+     * marks a user as deleted
+     * @param string $ocName
+     */
+    public function markUser($ocName) {
+        $this->config->setUserValue($ocName, 'user_ldap', 'isDeleted', '1');
+    }
 }

apps/user_ldap/lib/User/IUserTools.php

Indentation +5 added lines, -5 removed lines

@@ -30,13 +30,13 @@
  * defines methods that are required by User class for LDAP interaction
  */
 interface IUserTools {
-	public function getConnection();
+    public function getConnection();
 
-	public function readAttribute($dn, $attr, $filter = 'objectClass=*');
+    public function readAttribute($dn, $attr, $filter = 'objectClass=*');
 
-	public function stringResemblesDN($string);
+    public function stringResemblesDN($string);
 
-	public function dn2username($dn, $ldapname = null);
+    public function dn2username($dn, $ldapname = null);
 
-	public function username2dn($name);
+    public function username2dn($name);
 }

apps/user_ldap/lib/User/Manager.php

Indentation +195 added lines, -195 removed lines

@@ -42,200 +42,200 @@
  * cache
  */
 class Manager {
-	/** @var IUserTools */
-	protected $access;
-
-	/** @var IConfig */
-	protected $ocConfig;
-
-	/** @var IDBConnection */
-	protected $db;
-
-	/** @var FilesystemHelper */
-	protected $ocFilesystem;
-
-	/** @var LogWrapper */
-	protected $ocLog;
-
-	/** @var Image */
-	protected $image;
-
-	/** @param \OCP\IAvatarManager */
-	protected $avatarManager;
-
-	/**
-	 * @var CappedMemoryCache $usersByDN
-	 */
-	protected $usersByDN;
-	/**
-	 * @var CappedMemoryCache $usersByUid
-	 */
-	protected $usersByUid;
-
-	/**
-	 * @param IConfig $ocConfig
-	 * @param \OCA\User_LDAP\FilesystemHelper $ocFilesystem object that
-	 * gives access to necessary functions from the OC filesystem
-	 * @param  \OCA\User_LDAP\LogWrapper $ocLog
-	 * @param IAvatarManager $avatarManager
-	 * @param Image $image an empty image instance
-	 * @param IDBConnection $db
-	 * @throws \Exception when the methods mentioned above do not exist
-	 */
-	public function __construct(IConfig $ocConfig,
-								FilesystemHelper $ocFilesystem, LogWrapper $ocLog,
-								IAvatarManager $avatarManager, Image $image,
-								IDBConnection $db, IUserManager $userManager) {
-
-		$this->ocConfig      = $ocConfig;
-		$this->ocFilesystem  = $ocFilesystem;
-		$this->ocLog         = $ocLog;
-		$this->avatarManager = $avatarManager;
-		$this->image         = $image;
-		$this->db            = $db;
-		$this->userManager   = $userManager;
-		$this->usersByDN     = new CappedMemoryCache();
-		$this->usersByUid    = new CappedMemoryCache();
-	}
-
-	/**
-	 * @brief binds manager to an instance of IUserTools (implemented by
-	 * Access). It needs to be assigned first before the manager can be used.
-	 * @param IUserTools
-	 */
-	public function setLdapAccess(IUserTools $access) {
-		$this->access = $access;
-	}
-
-	/**
-	 * @brief creates an instance of User and caches (just runtime) it in the
-	 * property array
-	 * @param string $dn the DN of the user
-	 * @param string $uid the internal (owncloud) username
-	 * @return \OCA\User_LDAP\User\User
-	 */
-	private function createAndCache($dn, $uid) {
-		$this->checkAccess();
-		$user = new User($uid, $dn, $this->access, $this->ocConfig,
-			$this->ocFilesystem, clone $this->image, $this->ocLog,
-			$this->avatarManager, $this->userManager);
-		$this->usersByDN[$dn]   = $user;
-		$this->usersByUid[$uid] = $user;
-		return $user;
-	}
-
-	/**
-	 * @brief checks whether the Access instance has been set
-	 * @throws \Exception if Access has not been set
-	 * @return null
-	 */
-	private function checkAccess() {
-		if(is_null($this->access)) {
-			throw new \Exception('LDAP Access instance must be set first');
-		}
-	}
-
-	/**
-	 * returns a list of attributes that will be processed further, e.g. quota,
-	 * email, displayname, or others.
-	 * @param bool $minimal - optional, set to true to skip attributes with big
-	 * payload
-	 * @return string[]
-	 */
-	public function getAttributes($minimal = false) {
-		$attributes = array('dn', 'uid', 'samaccountname', 'memberof');
-		$possible = array(
-			$this->access->getConnection()->ldapQuotaAttribute,
-			$this->access->getConnection()->ldapEmailAttribute,
-			$this->access->getConnection()->ldapUserDisplayName,
-			$this->access->getConnection()->ldapUserDisplayName2,
-		);
-		foreach($possible as $attr) {
-			if(!is_null($attr)) {
-				$attributes[] = $attr;
-			}
-		}
-
-		$homeRule = $this->access->getConnection()->homeFolderNamingRule;
-		if(strpos($homeRule, 'attr:') === 0) {
-			$attributes[] = substr($homeRule, strlen('attr:'));
-		}
-
-		if(!$minimal) {
-			// attributes that are not really important but may come with big
-			// payload.
-			$attributes = array_merge($attributes, array(
-				'jpegphoto',
-				'thumbnailphoto'
-			));
-		}
-
-		return $attributes;
-	}
-
-	/**
-	 * Checks whether the specified user is marked as deleted
-	 * @param string $id the ownCloud user name
-	 * @return bool
-	 */
-	public function isDeletedUser($id) {
-		$isDeleted = $this->ocConfig->getUserValue(
-			$id, 'user_ldap', 'isDeleted', 0);
-		return intval($isDeleted) === 1;
-	}
-
-	/**
-	 * creates and returns an instance of OfflineUser for the specified user
-	 * @param string $id
-	 * @return \OCA\User_LDAP\User\OfflineUser
-	 */
-	public function getDeletedUser($id) {
-		return new OfflineUser(
-			$id,
-			$this->ocConfig,
-			$this->db,
-			$this->access->getUserMapper());
-	}
-
-	/**
-	 * @brief returns a User object by it's ownCloud username
-	 * @param string $id the DN or username of the user
-	 * @return \OCA\User_LDAP\User\User|\OCA\User_LDAP\User\OfflineUser|null
-	 */
-	protected function createInstancyByUserName($id) {
-		//most likely a uid. Check whether it is a deleted user
-		if($this->isDeletedUser($id)) {
-			return $this->getDeletedUser($id);
-		}
-		$dn = $this->access->username2dn($id);
-		if($dn !== false) {
-			return $this->createAndCache($dn, $id);
-		}
-		return null;
-	}
-
-	/**
-	 * @brief returns a User object by it's DN or ownCloud username
-	 * @param string $id the DN or username of the user
-	 * @return \OCA\User_LDAP\User\User|\OCA\User_LDAP\User\OfflineUser|null
-	 * @throws \Exception when connection could not be established
-	 */
-	public function get($id) {
-		$this->checkAccess();
-		if(isset($this->usersByDN[$id])) {
-			return $this->usersByDN[$id];
-		} else if(isset($this->usersByUid[$id])) {
-			return $this->usersByUid[$id];
-		}
-
-		if($this->access->stringResemblesDN($id) ) {
-			$uid = $this->access->dn2username($id);
-			if($uid !== false) {
-				return $this->createAndCache($id, $uid);
-			}
-		}
-
-		return $this->createInstancyByUserName($id);
-	}
+    /** @var IUserTools */
+    protected $access;
+
+    /** @var IConfig */
+    protected $ocConfig;
+
+    /** @var IDBConnection */
+    protected $db;
+
+    /** @var FilesystemHelper */
+    protected $ocFilesystem;
+
+    /** @var LogWrapper */
+    protected $ocLog;
+
+    /** @var Image */
+    protected $image;
+
+    /** @param \OCP\IAvatarManager */
+    protected $avatarManager;
+
+    /**
+     * @var CappedMemoryCache $usersByDN
+     */
+    protected $usersByDN;
+    /**
+     * @var CappedMemoryCache $usersByUid
+     */
+    protected $usersByUid;
+
+    /**
+     * @param IConfig $ocConfig
+     * @param \OCA\User_LDAP\FilesystemHelper $ocFilesystem object that
+     * gives access to necessary functions from the OC filesystem
+     * @param  \OCA\User_LDAP\LogWrapper $ocLog
+     * @param IAvatarManager $avatarManager
+     * @param Image $image an empty image instance
+     * @param IDBConnection $db
+     * @throws \Exception when the methods mentioned above do not exist
+     */
+    public function __construct(IConfig $ocConfig,
+                                FilesystemHelper $ocFilesystem, LogWrapper $ocLog,
+                                IAvatarManager $avatarManager, Image $image,
+                                IDBConnection $db, IUserManager $userManager) {
+
+        $this->ocConfig      = $ocConfig;
+        $this->ocFilesystem  = $ocFilesystem;
+        $this->ocLog         = $ocLog;
+        $this->avatarManager = $avatarManager;
+        $this->image         = $image;
+        $this->db            = $db;
+        $this->userManager   = $userManager;
+        $this->usersByDN     = new CappedMemoryCache();
+        $this->usersByUid    = new CappedMemoryCache();
+    }
+
+    /**
+     * @brief binds manager to an instance of IUserTools (implemented by
+     * Access). It needs to be assigned first before the manager can be used.
+     * @param IUserTools
+     */
+    public function setLdapAccess(IUserTools $access) {
+        $this->access = $access;
+    }
+
+    /**
+     * @brief creates an instance of User and caches (just runtime) it in the
+     * property array
+     * @param string $dn the DN of the user
+     * @param string $uid the internal (owncloud) username
+     * @return \OCA\User_LDAP\User\User
+     */
+    private function createAndCache($dn, $uid) {
+        $this->checkAccess();
+        $user = new User($uid, $dn, $this->access, $this->ocConfig,
+            $this->ocFilesystem, clone $this->image, $this->ocLog,
+            $this->avatarManager, $this->userManager);
+        $this->usersByDN[$dn]   = $user;
+        $this->usersByUid[$uid] = $user;
+        return $user;
+    }
+
+    /**
+     * @brief checks whether the Access instance has been set
+     * @throws \Exception if Access has not been set
+     * @return null
+     */
+    private function checkAccess() {
+        if(is_null($this->access)) {
+            throw new \Exception('LDAP Access instance must be set first');
+        }
+    }
+
+    /**
+     * returns a list of attributes that will be processed further, e.g. quota,
+     * email, displayname, or others.
+     * @param bool $minimal - optional, set to true to skip attributes with big
+     * payload
+     * @return string[]
+     */
+    public function getAttributes($minimal = false) {
+        $attributes = array('dn', 'uid', 'samaccountname', 'memberof');
+        $possible = array(
+            $this->access->getConnection()->ldapQuotaAttribute,
+            $this->access->getConnection()->ldapEmailAttribute,
+            $this->access->getConnection()->ldapUserDisplayName,
+            $this->access->getConnection()->ldapUserDisplayName2,
+        );
+        foreach($possible as $attr) {
+            if(!is_null($attr)) {
+                $attributes[] = $attr;
+            }
+        }
+
+        $homeRule = $this->access->getConnection()->homeFolderNamingRule;
+        if(strpos($homeRule, 'attr:') === 0) {
+            $attributes[] = substr($homeRule, strlen('attr:'));
+        }
+
+        if(!$minimal) {
+            // attributes that are not really important but may come with big
+            // payload.
+            $attributes = array_merge($attributes, array(
+                'jpegphoto',
+                'thumbnailphoto'
+            ));
+        }
+
+        return $attributes;
+    }
+
+    /**
+     * Checks whether the specified user is marked as deleted
+     * @param string $id the ownCloud user name
+     * @return bool
+     */
+    public function isDeletedUser($id) {
+        $isDeleted = $this->ocConfig->getUserValue(
+            $id, 'user_ldap', 'isDeleted', 0);
+        return intval($isDeleted) === 1;
+    }
+
+    /**
+     * creates and returns an instance of OfflineUser for the specified user
+     * @param string $id
+     * @return \OCA\User_LDAP\User\OfflineUser
+     */
+    public function getDeletedUser($id) {
+        return new OfflineUser(
+            $id,
+            $this->ocConfig,
+            $this->db,
+            $this->access->getUserMapper());
+    }
+
+    /**
+     * @brief returns a User object by it's ownCloud username
+     * @param string $id the DN or username of the user
+     * @return \OCA\User_LDAP\User\User|\OCA\User_LDAP\User\OfflineUser|null
+     */
+    protected function createInstancyByUserName($id) {
+        //most likely a uid. Check whether it is a deleted user
+        if($this->isDeletedUser($id)) {
+            return $this->getDeletedUser($id);
+        }
+        $dn = $this->access->username2dn($id);
+        if($dn !== false) {
+            return $this->createAndCache($dn, $id);
+        }
+        return null;
+    }
+
+    /**
+     * @brief returns a User object by it's DN or ownCloud username
+     * @param string $id the DN or username of the user
+     * @return \OCA\User_LDAP\User\User|\OCA\User_LDAP\User\OfflineUser|null
+     * @throws \Exception when connection could not be established
+     */
+    public function get($id) {
+        $this->checkAccess();
+        if(isset($this->usersByDN[$id])) {
+            return $this->usersByDN[$id];
+        } else if(isset($this->usersByUid[$id])) {
+            return $this->usersByUid[$id];
+        }
+
+        if($this->access->stringResemblesDN($id) ) {
+            $uid = $this->access->dn2username($id);
+            if($uid !== false) {
+                return $this->createAndCache($id, $uid);
+            }
+        }
+
+        return $this->createInstancyByUserName($id);
+    }
 
 }

apps/user_ldap/lib/User/OfflineUser.php

Indentation +193 added lines, -193 removed lines

@@ -27,205 +27,205 @@
 use OCA\User_LDAP\Mapping\UserMapping;
 
 class OfflineUser {
-	/**
-	 * @var string $ocName
-	 */
-	protected $ocName;
-	/**
-	 * @var string $dn
-	 */
-	protected $dn;
-	/**
-	 * @var string $uid the UID as provided by LDAP
-	 */
-	protected $uid;
-	/**
-	 * @var string $displayName
-	 */
-	protected $displayName;
-	/**
-	 * @var string $homePath
-	 */
-	protected $homePath;
-	/**
-	 * @var string $lastLogin the timestamp of the last login
-	 */
-	protected $lastLogin;
-	/**
-	 * @var string $email
-	 */
-	protected $email;
-	/**
-	 * @var bool $hasActiveShares
-	 */
-	protected $hasActiveShares;
-	/**
-	 * @var \OCP\IConfig $config
-	 */
-	protected $config;
-	/**
-	 * @var \OCP\IDBConnection $db
-	 */
-	protected $db;
-	/**
-	 * @var \OCA\User_LDAP\Mapping\UserMapping
-	 */
-	protected $mapping;
-
-	/**
-	 * @param string $ocName
-	 * @param \OCP\IConfig $config
-	 * @param \OCP\IDBConnection $db
-	 * @param \OCA\User_LDAP\Mapping\UserMapping $mapping
-	 */
-	public function __construct($ocName, \OCP\IConfig $config, \OCP\IDBConnection $db, UserMapping $mapping) {
-		$this->ocName = $ocName;
-		$this->config = $config;
-		$this->db = $db;
-		$this->mapping = $mapping;
-		$this->fetchDetails();
-	}
-
-	/**
-	 * remove the Delete-flag from the user.
-	 */
-	public function unmark() {
-		$this->config->setUserValue($this->ocName, 'user_ldap', 'isDeleted', '0');
-	}
-
-	/**
-	 * exports the user details in an assoc array
-	 * @return array
-	 */
-	public function export() {
-		$data = array();
-		$data['ocName'] = $this->getOCName();
-		$data['dn'] = $this->getDN();
-		$data['uid'] = $this->getUID();
-		$data['displayName'] = $this->getDisplayName();
-		$data['homePath'] = $this->getHomePath();
-		$data['lastLogin'] = $this->getLastLogin();
-		$data['email'] = $this->getEmail();
-		$data['hasActiveShares'] = $this->getHasActiveShares();
-
-		return $data;
-	}
-
-	/**
-	 * getter for ownCloud internal name
-	 * @return string
-	 */
-	public function getOCName() {
-		return $this->ocName;
-	}
-
-	/**
-	 * getter for LDAP uid
-	 * @return string
-	 */
-	public function getUID() {
-		return $this->uid;
-	}
-
-	/**
-	 * getter for LDAP DN
-	 * @return string
-	 */
-	public function getDN() {
-		return $this->dn;
-	}
-
-	/**
-	 * getter for display name
-	 * @return string
-	 */
-	public function getDisplayName() {
-		return $this->displayName;
-	}
-
-	/**
-	 * getter for email
-	 * @return string
-	 */
-	public function getEmail() {
-		return $this->email;
-	}
-
-	/**
-	 * getter for home directory path
-	 * @return string
-	 */
-	public function getHomePath() {
-		return $this->homePath;
-	}
-
-	/**
-	 * getter for the last login timestamp
-	 * @return int
-	 */
-	public function getLastLogin() {
-		return intval($this->lastLogin);
-	}
-
-	/**
-	 * getter for having active shares
-	 * @return bool
-	 */
-	public function getHasActiveShares() {
-		return $this->hasActiveShares;
-	}
-
-	/**
-	 * reads the user details
-	 */
-	protected function fetchDetails() {
-		$properties = array (
-			'displayName' => 'user_ldap',
-			'uid'         => 'user_ldap',
-			'homePath'    => 'user_ldap',
-			'email'       => 'settings',
-			'lastLogin'   => 'login'
-		);
-		foreach($properties as $property => $app) {
-			$this->$property = $this->config->getUserValue($this->ocName, $app, $property, '');
-		}
-
-		$dn = $this->mapping->getDNByName($this->ocName);
-		$this->dn = ($dn !== false) ? $dn : '';
-
-		$this->determineShares();
-	}
-
-
-	/**
-	 * finds out whether the user has active shares. The result is stored in
-	 * $this->hasActiveShares
-	 */
-	protected function determineShares() {
-		$query = $this->db->prepare('
+    /**
+     * @var string $ocName
+     */
+    protected $ocName;
+    /**
+     * @var string $dn
+     */
+    protected $dn;
+    /**
+     * @var string $uid the UID as provided by LDAP
+     */
+    protected $uid;
+    /**
+     * @var string $displayName
+     */
+    protected $displayName;
+    /**
+     * @var string $homePath
+     */
+    protected $homePath;
+    /**
+     * @var string $lastLogin the timestamp of the last login
+     */
+    protected $lastLogin;
+    /**
+     * @var string $email
+     */
+    protected $email;
+    /**
+     * @var bool $hasActiveShares
+     */
+    protected $hasActiveShares;
+    /**
+     * @var \OCP\IConfig $config
+     */
+    protected $config;
+    /**
+     * @var \OCP\IDBConnection $db
+     */
+    protected $db;
+    /**
+     * @var \OCA\User_LDAP\Mapping\UserMapping
+     */
+    protected $mapping;
+
+    /**
+     * @param string $ocName
+     * @param \OCP\IConfig $config
+     * @param \OCP\IDBConnection $db
+     * @param \OCA\User_LDAP\Mapping\UserMapping $mapping
+     */
+    public function __construct($ocName, \OCP\IConfig $config, \OCP\IDBConnection $db, UserMapping $mapping) {
+        $this->ocName = $ocName;
+        $this->config = $config;
+        $this->db = $db;
+        $this->mapping = $mapping;
+        $this->fetchDetails();
+    }
+
+    /**
+     * remove the Delete-flag from the user.
+     */
+    public function unmark() {
+        $this->config->setUserValue($this->ocName, 'user_ldap', 'isDeleted', '0');
+    }
+
+    /**
+     * exports the user details in an assoc array
+     * @return array
+     */
+    public function export() {
+        $data = array();
+        $data['ocName'] = $this->getOCName();
+        $data['dn'] = $this->getDN();
+        $data['uid'] = $this->getUID();
+        $data['displayName'] = $this->getDisplayName();
+        $data['homePath'] = $this->getHomePath();
+        $data['lastLogin'] = $this->getLastLogin();
+        $data['email'] = $this->getEmail();
+        $data['hasActiveShares'] = $this->getHasActiveShares();
+
+        return $data;
+    }
+
+    /**
+     * getter for ownCloud internal name
+     * @return string
+     */
+    public function getOCName() {
+        return $this->ocName;
+    }
+
+    /**
+     * getter for LDAP uid
+     * @return string
+     */
+    public function getUID() {
+        return $this->uid;
+    }
+
+    /**
+     * getter for LDAP DN
+     * @return string
+     */
+    public function getDN() {
+        return $this->dn;
+    }
+
+    /**
+     * getter for display name
+     * @return string
+     */
+    public function getDisplayName() {
+        return $this->displayName;
+    }
+
+    /**
+     * getter for email
+     * @return string
+     */
+    public function getEmail() {
+        return $this->email;
+    }
+
+    /**
+     * getter for home directory path
+     * @return string
+     */
+    public function getHomePath() {
+        return $this->homePath;
+    }
+
+    /**
+     * getter for the last login timestamp
+     * @return int
+     */
+    public function getLastLogin() {
+        return intval($this->lastLogin);
+    }
+
+    /**
+     * getter for having active shares
+     * @return bool
+     */
+    public function getHasActiveShares() {
+        return $this->hasActiveShares;
+    }
+
+    /**
+     * reads the user details
+     */
+    protected function fetchDetails() {
+        $properties = array (
+            'displayName' => 'user_ldap',
+            'uid'         => 'user_ldap',
+            'homePath'    => 'user_ldap',
+            'email'       => 'settings',
+            'lastLogin'   => 'login'
+        );
+        foreach($properties as $property => $app) {
+            $this->$property = $this->config->getUserValue($this->ocName, $app, $property, '');
+        }
+
+        $dn = $this->mapping->getDNByName($this->ocName);
+        $this->dn = ($dn !== false) ? $dn : '';
+
+        $this->determineShares();
+    }
+
+
+    /**
+     * finds out whether the user has active shares. The result is stored in
+     * $this->hasActiveShares
+     */
+    protected function determineShares() {
+        $query = $this->db->prepare('
 			SELECT COUNT(`uid_owner`)
 			FROM `*PREFIX*share`
 			WHERE `uid_owner` = ?
 		', 1);
-		$query->execute(array($this->ocName));
-		$sResult = $query->fetchColumn(0);
-		if(intval($sResult) === 1) {
-			$this->hasActiveShares = true;
-			return;
-		}
-
-		$query = $this->db->prepare('
+        $query->execute(array($this->ocName));
+        $sResult = $query->fetchColumn(0);
+        if(intval($sResult) === 1) {
+            $this->hasActiveShares = true;
+            return;
+        }
+
+        $query = $this->db->prepare('
 			SELECT COUNT(`owner`)
 			FROM `*PREFIX*share_external`
 			WHERE `owner` = ?
 		', 1);
-		$query->execute(array($this->ocName));
-		$sResult = $query->fetchColumn(0);
-		if(intval($sResult) === 1) {
-			$this->hasActiveShares = true;
-			return;
-		}
-
-		$this->hasActiveShares = false;
-	}
+        $query->execute(array($this->ocName));
+        $sResult = $query->fetchColumn(0);
+        if(intval($sResult) === 1) {
+            $this->hasActiveShares = true;
+            return;
+        }
+
+        $this->hasActiveShares = false;
+    }
 }

apps/user_ldap/lib/IUserLDAP.php

Indentation +19 added lines, -19 removed lines

@@ -24,26 +24,26 @@
 
 interface IUserLDAP {
 
-	//Functions used by LDAPProvider
+    //Functions used by LDAPProvider
 	
-	/**
-	 * Return access for LDAP interaction.
-	 * @param string $uid
-	 * @return Access instance of Access for LDAP interaction
-	 */
-	public function getLDAPAccess($uid);
+    /**
+     * Return access for LDAP interaction.
+     * @param string $uid
+     * @return Access instance of Access for LDAP interaction
+     */
+    public function getLDAPAccess($uid);
 	
-	/**
-	 * Return a new LDAP connection for the specified user.
-	 * @param string $uid
-	 * @return resource of the LDAP connection
-	 */
-	public function getNewLDAPConnection($uid);
+    /**
+     * Return a new LDAP connection for the specified user.
+     * @param string $uid
+     * @return resource of the LDAP connection
+     */
+    public function getNewLDAPConnection($uid);
 
-	/**
-	 * Return the username for the given LDAP DN, if available.
-	 * @param string $dn
-	 * @return string|false with the username
-	 */
-	public function dn2UserName($dn);
+    /**
+     * Return the username for the given LDAP DN, if available.
+     * @param string $dn
+     * @return string|false with the username
+     */
+    public function dn2UserName($dn);
 }

apps/user_ldap/lib/Controller/ConfigAPIController.php

Indentation +262 added lines, -262 removed lines

@@ -40,283 +40,283 @@
 
 class ConfigAPIController extends OCSController {
 
-	/** @var Helper */
-	private $ldapHelper;
+    /** @var Helper */
+    private $ldapHelper;
 
-	/** @var ILogger */
-	private $logger;
+    /** @var ILogger */
+    private $logger;
 
-	public function __construct(
-		$appName,
-		IRequest $request,
-		CapabilitiesManager $capabilitiesManager,
-		IUserSession $userSession,
-		IUserManager $userManager,
-		Throttler $throttler,
-		Manager $keyManager,
-		Helper $ldapHelper,
-		ILogger $logger
-	) {
-		parent::__construct(
-			$appName,
-			$request,
-			$capabilitiesManager,
-			$userSession,
-			$userManager,
-			$throttler,
-			$keyManager
-		);
+    public function __construct(
+        $appName,
+        IRequest $request,
+        CapabilitiesManager $capabilitiesManager,
+        IUserSession $userSession,
+        IUserManager $userManager,
+        Throttler $throttler,
+        Manager $keyManager,
+        Helper $ldapHelper,
+        ILogger $logger
+    ) {
+        parent::__construct(
+            $appName,
+            $request,
+            $capabilitiesManager,
+            $userSession,
+            $userManager,
+            $throttler,
+            $keyManager
+        );
 
 
-		$this->ldapHelper = $ldapHelper;
-		$this->logger = $logger;
-	}
+        $this->ldapHelper = $ldapHelper;
+        $this->logger = $logger;
+    }
 
-	/**
-	 * creates a new (empty) configuration and returns the resulting prefix
-	 *
-	 * Example: curl -X POST -H "OCS-APIREQUEST: true"  -u $admin:$password \
-	 *   https://nextcloud.server/ocs/v2.php/apps/user_ldap/api/v1/config
-	 *
-	 * results in:
-	 *
-	 * <?xml version="1.0"?>
-	 * <ocs>
-	 *   <meta>
-	 *     <status>ok</status>
-	 *     <statuscode>200</statuscode>
-	 *     <message>OK</message>
-	 *   </meta>
-	 *   <data>
-	 *     <configID>s40</configID>
-	 *   </data>
-	 * </ocs>
-	 *
-	 * Failing example: if an exception is thrown (e.g. Database connection lost)
-	 * the detailed error will be logged. The output will then look like:
-	 *
-	 * <?xml version="1.0"?>
-	 * <ocs>
-	 *   <meta>
-	 *     <status>failure</status>
-	 *     <statuscode>999</statuscode>
-	 *     <message>An issue occurred when creating the new config.</message>
-	 *   </meta>
-	 *   <data/>
-	 * </ocs>
-	 *
-	 * For JSON output provide the format=json parameter
-	 *
-	 * @return DataResponse
-	 * @throws OCSException
-	 */
-	public function create() {
-		try {
-			$configPrefix = $this->ldapHelper->getNextServerConfigurationPrefix();
-			$configHolder = new Configuration($configPrefix);
-			$configHolder->saveConfiguration();
-		} catch (\Exception $e) {
-			$this->logger->logException($e);
-			throw new OCSException('An issue occurred when creating the new config.');
-		}
-		return new DataResponse(['configID' => $configPrefix]);
-	}
+    /**
+     * creates a new (empty) configuration and returns the resulting prefix
+     *
+     * Example: curl -X POST -H "OCS-APIREQUEST: true"  -u $admin:$password \
+     *   https://nextcloud.server/ocs/v2.php/apps/user_ldap/api/v1/config
+     *
+     * results in:
+     *
+     * <?xml version="1.0"?>
+     * <ocs>
+     *   <meta>
+     *     <status>ok</status>
+     *     <statuscode>200</statuscode>
+     *     <message>OK</message>
+     *   </meta>
+     *   <data>
+     *     <configID>s40</configID>
+     *   </data>
+     * </ocs>
+     *
+     * Failing example: if an exception is thrown (e.g. Database connection lost)
+     * the detailed error will be logged. The output will then look like:
+     *
+     * <?xml version="1.0"?>
+     * <ocs>
+     *   <meta>
+     *     <status>failure</status>
+     *     <statuscode>999</statuscode>
+     *     <message>An issue occurred when creating the new config.</message>
+     *   </meta>
+     *   <data/>
+     * </ocs>
+     *
+     * For JSON output provide the format=json parameter
+     *
+     * @return DataResponse
+     * @throws OCSException
+     */
+    public function create() {
+        try {
+            $configPrefix = $this->ldapHelper->getNextServerConfigurationPrefix();
+            $configHolder = new Configuration($configPrefix);
+            $configHolder->saveConfiguration();
+        } catch (\Exception $e) {
+            $this->logger->logException($e);
+            throw new OCSException('An issue occurred when creating the new config.');
+        }
+        return new DataResponse(['configID' => $configPrefix]);
+    }
 
-	/**
-	 * Deletes a LDAP configuration, if present.
-	 *
-	 * Example:
-	 *   curl -X DELETE -H "OCS-APIREQUEST: true" -u $admin:$password \
-	 *    https://nextcloud.server/ocs/v2.php/apps/user_ldap/api/v1/config/s60
-	 *
-	 * <?xml version="1.0"?>
-	 * <ocs>
-	 *   <meta>
-	 *     <status>ok</status>
-	 *     <statuscode>200</statuscode>
-	 *     <message>OK</message>
-	 *   </meta>
-	 *   <data/>
-	 * </ocs>
-	 *
-	 * @param string $configID
-	 * @return DataResponse
-	 * @throws OCSBadRequestException
-	 * @throws OCSException
-	 */
-	public function delete($configID) {
-		try {
-			$this->ensureConfigIDExists($configID);
-			if(!$this->ldapHelper->deleteServerConfiguration($configID)) {
-				throw new OCSException('Could not delete configuration');
-			}
-		} catch(OCSException $e) {
-			throw $e;
-		} catch(\Exception $e) {
-			$this->logger->logException($e);
-			throw new OCSException('An issue occurred when deleting the config.');
-		}
+    /**
+     * Deletes a LDAP configuration, if present.
+     *
+     * Example:
+     *   curl -X DELETE -H "OCS-APIREQUEST: true" -u $admin:$password \
+     *    https://nextcloud.server/ocs/v2.php/apps/user_ldap/api/v1/config/s60
+     *
+     * <?xml version="1.0"?>
+     * <ocs>
+     *   <meta>
+     *     <status>ok</status>
+     *     <statuscode>200</statuscode>
+     *     <message>OK</message>
+     *   </meta>
+     *   <data/>
+     * </ocs>
+     *
+     * @param string $configID
+     * @return DataResponse
+     * @throws OCSBadRequestException
+     * @throws OCSException
+     */
+    public function delete($configID) {
+        try {
+            $this->ensureConfigIDExists($configID);
+            if(!$this->ldapHelper->deleteServerConfiguration($configID)) {
+                throw new OCSException('Could not delete configuration');
+            }
+        } catch(OCSException $e) {
+            throw $e;
+        } catch(\Exception $e) {
+            $this->logger->logException($e);
+            throw new OCSException('An issue occurred when deleting the config.');
+        }
 
-		return new DataResponse();
-	}
+        return new DataResponse();
+    }
 
-	/**
-	 * modifies a configuration
-	 *
-	 * Example:
-	 *   curl -X PUT -d "configData[ldapHost]=ldaps://my.ldap.server&configData[ldapPort]=636" \
-	 *    -H "OCS-APIREQUEST: true" -u $admin:$password \
-	 *    https://nextcloud.server/ocs/v2.php/apps/user_ldap/api/v1/config/s60
-	 *
-	 * <?xml version="1.0"?>
-	 * <ocs>
-	 *   <meta>
-	 *     <status>ok</status>
-	 *     <statuscode>200</statuscode>
-	 *     <message>OK</message>
-	 *   </meta>
-	 *   <data/>
-	 * </ocs>
-	 *
-	 * @param string $configID
-	 * @param array $configData
-	 * @return DataResponse
-	 * @throws OCSException
-	 */
-	public function modify($configID, $configData) {
-		try {
-			$this->ensureConfigIDExists($configID);
+    /**
+     * modifies a configuration
+     *
+     * Example:
+     *   curl -X PUT -d "configData[ldapHost]=ldaps://my.ldap.server&configData[ldapPort]=636" \
+     *    -H "OCS-APIREQUEST: true" -u $admin:$password \
+     *    https://nextcloud.server/ocs/v2.php/apps/user_ldap/api/v1/config/s60
+     *
+     * <?xml version="1.0"?>
+     * <ocs>
+     *   <meta>
+     *     <status>ok</status>
+     *     <statuscode>200</statuscode>
+     *     <message>OK</message>
+     *   </meta>
+     *   <data/>
+     * </ocs>
+     *
+     * @param string $configID
+     * @param array $configData
+     * @return DataResponse
+     * @throws OCSException
+     */
+    public function modify($configID, $configData) {
+        try {
+            $this->ensureConfigIDExists($configID);
 
-			if(!is_array($configData)) {
-				throw new OCSBadRequestException('configData is not properly set');
-			}
+            if(!is_array($configData)) {
+                throw new OCSBadRequestException('configData is not properly set');
+            }
 
-			$configuration = new Configuration($configID);
-			$configKeys = $configuration->getConfigTranslationArray();
+            $configuration = new Configuration($configID);
+            $configKeys = $configuration->getConfigTranslationArray();
 
-			foreach ($configKeys as $i => $key) {
-				if(isset($configData[$key])) {
-					$configuration->$key = $configData[$key];
-				}
-			}
+            foreach ($configKeys as $i => $key) {
+                if(isset($configData[$key])) {
+                    $configuration->$key = $configData[$key];
+                }
+            }
 
-			$configuration->saveConfiguration();
-		} catch(OCSException $e) {
-			throw $e;
-		} catch (\Exception $e) {
-			$this->logger->logException($e);
-			throw new OCSException('An issue occurred when modifying the config.');
-		}
+            $configuration->saveConfiguration();
+        } catch(OCSException $e) {
+            throw $e;
+        } catch (\Exception $e) {
+            $this->logger->logException($e);
+            throw new OCSException('An issue occurred when modifying the config.');
+        }
 
-		return new DataResponse();
-	}
+        return new DataResponse();
+    }
 
-	/**
-	 * retrieves a configuration
-	 *
-	 * <?xml version="1.0"?>
-	 * <ocs>
-	 *   <meta>
-	 *     <status>ok</status>
-	 *     <statuscode>200</statuscode>
-	 *     <message>OK</message>
-	 *   </meta>
-	 *   <data>
-	 *     <ldapHost>ldaps://my.ldap.server</ldapHost>
-	 *     <ldapPort>7770</ldapPort>
-	 *     <ldapBackupHost></ldapBackupHost>
-	 *     <ldapBackupPort></ldapBackupPort>
-	 *     <ldapBase>ou=small,dc=my,dc=ldap,dc=server</ldapBase>
-	 *     <ldapBaseUsers>ou=users,ou=small,dc=my,dc=ldap,dc=server</ldapBaseUsers>
-	 *     <ldapBaseGroups>ou=small,dc=my,dc=ldap,dc=server</ldapBaseGroups>
-	 *     <ldapAgentName>cn=root,dc=my,dc=ldap,dc=server</ldapAgentName>
-	 *     <ldapAgentPassword>clearTextWithShowPassword=1</ldapAgentPassword>
-	 *     <ldapTLS>1</ldapTLS>
-	 *     <turnOffCertCheck>0</turnOffCertCheck>
-	 *     <ldapIgnoreNamingRules/>
-	 *     <ldapUserDisplayName>displayname</ldapUserDisplayName>
-	 *     <ldapUserDisplayName2>uid</ldapUserDisplayName2>
-	 *     <ldapUserFilterObjectclass>inetOrgPerson</ldapUserFilterObjectclass>
-	 *     <ldapUserFilterGroups></ldapUserFilterGroups>
-	 *     <ldapUserFilter>(&amp;(objectclass=nextcloudUser)(nextcloudEnabled=TRUE))</ldapUserFilter>
-	 *     <ldapUserFilterMode>1</ldapUserFilterMode>
-	 *     <ldapGroupFilter>(&amp;(|(objectclass=nextcloudGroup)))</ldapGroupFilter>
-	 *     <ldapGroupFilterMode>0</ldapGroupFilterMode>
-	 *     <ldapGroupFilterObjectclass>nextcloudGroup</ldapGroupFilterObjectclass>
-	 *     <ldapGroupFilterGroups></ldapGroupFilterGroups>
-	 *     <ldapGroupDisplayName>cn</ldapGroupDisplayName>
-	 *     <ldapGroupMemberAssocAttr>memberUid</ldapGroupMemberAssocAttr>
-	 *     <ldapLoginFilter>(&amp;(|(objectclass=inetOrgPerson))(uid=%uid))</ldapLoginFilter>
-	 *     <ldapLoginFilterMode>0</ldapLoginFilterMode>
-	 *     <ldapLoginFilterEmail>0</ldapLoginFilterEmail>
-	 *     <ldapLoginFilterUsername>1</ldapLoginFilterUsername>
-	 *     <ldapLoginFilterAttributes></ldapLoginFilterAttributes>
-	 *     <ldapQuotaAttribute></ldapQuotaAttribute>
-	 *     <ldapQuotaDefault></ldapQuotaDefault>
-	 *     <ldapEmailAttribute>mail</ldapEmailAttribute>
-	 *     <ldapCacheTTL>20</ldapCacheTTL>
-	 *     <ldapUuidUserAttribute>auto</ldapUuidUserAttribute>
-	 *     <ldapUuidGroupAttribute>auto</ldapUuidGroupAttribute>
-	 *     <ldapOverrideMainServer></ldapOverrideMainServer>
-	 *     <ldapConfigurationActive>1</ldapConfigurationActive>
-	 *     <ldapAttributesForUserSearch>uid;sn;givenname</ldapAttributesForUserSearch>
-	 *     <ldapAttributesForGroupSearch></ldapAttributesForGroupSearch>
-	 *     <ldapExperiencedAdmin>0</ldapExperiencedAdmin>
-	 *     <homeFolderNamingRule></homeFolderNamingRule>
-	 *     <hasPagedResultSupport></hasPagedResultSupport>
-	 *     <hasMemberOfFilterSupport></hasMemberOfFilterSupport>
-	 *     <useMemberOfToDetectMembership>1</useMemberOfToDetectMembership>
-	 *     <ldapExpertUsernameAttr>uid</ldapExpertUsernameAttr>
-	 *     <ldapExpertUUIDUserAttr>uid</ldapExpertUUIDUserAttr>
-	 *     <ldapExpertUUIDGroupAttr></ldapExpertUUIDGroupAttr>
-	 *     <lastJpegPhotoLookup>0</lastJpegPhotoLookup>
-	 *     <ldapNestedGroups>0</ldapNestedGroups>
-	 *     <ldapPagingSize>500</ldapPagingSize>
-	 *     <turnOnPasswordChange>1</turnOnPasswordChange>
-	 *     <ldapDynamicGroupMemberURL></ldapDynamicGroupMemberURL>
-	 *   </data>
-	 * </ocs>
-	 *
-	 * @param string $configID
-	 * @param bool|string $showPassword
-	 * @return DataResponse
-	 * @throws OCSException
-	 */
-	public function show($configID, $showPassword = false) {
-		try {
-			$this->ensureConfigIDExists($configID);
+    /**
+     * retrieves a configuration
+     *
+     * <?xml version="1.0"?>
+     * <ocs>
+     *   <meta>
+     *     <status>ok</status>
+     *     <statuscode>200</statuscode>
+     *     <message>OK</message>
+     *   </meta>
+     *   <data>
+     *     <ldapHost>ldaps://my.ldap.server</ldapHost>
+     *     <ldapPort>7770</ldapPort>
+     *     <ldapBackupHost></ldapBackupHost>
+     *     <ldapBackupPort></ldapBackupPort>
+     *     <ldapBase>ou=small,dc=my,dc=ldap,dc=server</ldapBase>
+     *     <ldapBaseUsers>ou=users,ou=small,dc=my,dc=ldap,dc=server</ldapBaseUsers>
+     *     <ldapBaseGroups>ou=small,dc=my,dc=ldap,dc=server</ldapBaseGroups>
+     *     <ldapAgentName>cn=root,dc=my,dc=ldap,dc=server</ldapAgentName>
+     *     <ldapAgentPassword>clearTextWithShowPassword=1</ldapAgentPassword>
+     *     <ldapTLS>1</ldapTLS>
+     *     <turnOffCertCheck>0</turnOffCertCheck>
+     *     <ldapIgnoreNamingRules/>
+     *     <ldapUserDisplayName>displayname</ldapUserDisplayName>
+     *     <ldapUserDisplayName2>uid</ldapUserDisplayName2>
+     *     <ldapUserFilterObjectclass>inetOrgPerson</ldapUserFilterObjectclass>
+     *     <ldapUserFilterGroups></ldapUserFilterGroups>
+     *     <ldapUserFilter>(&amp;(objectclass=nextcloudUser)(nextcloudEnabled=TRUE))</ldapUserFilter>
+     *     <ldapUserFilterMode>1</ldapUserFilterMode>
+     *     <ldapGroupFilter>(&amp;(|(objectclass=nextcloudGroup)))</ldapGroupFilter>
+     *     <ldapGroupFilterMode>0</ldapGroupFilterMode>
+     *     <ldapGroupFilterObjectclass>nextcloudGroup</ldapGroupFilterObjectclass>
+     *     <ldapGroupFilterGroups></ldapGroupFilterGroups>
+     *     <ldapGroupDisplayName>cn</ldapGroupDisplayName>
+     *     <ldapGroupMemberAssocAttr>memberUid</ldapGroupMemberAssocAttr>
+     *     <ldapLoginFilter>(&amp;(|(objectclass=inetOrgPerson))(uid=%uid))</ldapLoginFilter>
+     *     <ldapLoginFilterMode>0</ldapLoginFilterMode>
+     *     <ldapLoginFilterEmail>0</ldapLoginFilterEmail>
+     *     <ldapLoginFilterUsername>1</ldapLoginFilterUsername>
+     *     <ldapLoginFilterAttributes></ldapLoginFilterAttributes>
+     *     <ldapQuotaAttribute></ldapQuotaAttribute>
+     *     <ldapQuotaDefault></ldapQuotaDefault>
+     *     <ldapEmailAttribute>mail</ldapEmailAttribute>
+     *     <ldapCacheTTL>20</ldapCacheTTL>
+     *     <ldapUuidUserAttribute>auto</ldapUuidUserAttribute>
+     *     <ldapUuidGroupAttribute>auto</ldapUuidGroupAttribute>
+     *     <ldapOverrideMainServer></ldapOverrideMainServer>
+     *     <ldapConfigurationActive>1</ldapConfigurationActive>
+     *     <ldapAttributesForUserSearch>uid;sn;givenname</ldapAttributesForUserSearch>
+     *     <ldapAttributesForGroupSearch></ldapAttributesForGroupSearch>
+     *     <ldapExperiencedAdmin>0</ldapExperiencedAdmin>
+     *     <homeFolderNamingRule></homeFolderNamingRule>
+     *     <hasPagedResultSupport></hasPagedResultSupport>
+     *     <hasMemberOfFilterSupport></hasMemberOfFilterSupport>
+     *     <useMemberOfToDetectMembership>1</useMemberOfToDetectMembership>
+     *     <ldapExpertUsernameAttr>uid</ldapExpertUsernameAttr>
+     *     <ldapExpertUUIDUserAttr>uid</ldapExpertUUIDUserAttr>
+     *     <ldapExpertUUIDGroupAttr></ldapExpertUUIDGroupAttr>
+     *     <lastJpegPhotoLookup>0</lastJpegPhotoLookup>
+     *     <ldapNestedGroups>0</ldapNestedGroups>
+     *     <ldapPagingSize>500</ldapPagingSize>
+     *     <turnOnPasswordChange>1</turnOnPasswordChange>
+     *     <ldapDynamicGroupMemberURL></ldapDynamicGroupMemberURL>
+     *   </data>
+     * </ocs>
+     *
+     * @param string $configID
+     * @param bool|string $showPassword
+     * @return DataResponse
+     * @throws OCSException
+     */
+    public function show($configID, $showPassword = false) {
+        try {
+            $this->ensureConfigIDExists($configID);
 
-			$config = new Configuration($configID);
-			$data = $config->getConfiguration();
-			if(!boolval(intval($showPassword))) {
-				$data['ldapAgentPassword'] = '***';
-			}
-			foreach ($data as $key => $value) {
-				if(is_array($value)) {
-					$value = implode(';', $value);
-					$data[$key] = $value;
-				}
-			}
-		} catch(OCSException $e) {
-			throw $e;
-		} catch (\Exception $e) {
-			$this->logger->logException($e);
-			throw new OCSException('An issue occurred when modifying the config.');
-		}
+            $config = new Configuration($configID);
+            $data = $config->getConfiguration();
+            if(!boolval(intval($showPassword))) {
+                $data['ldapAgentPassword'] = '***';
+            }
+            foreach ($data as $key => $value) {
+                if(is_array($value)) {
+                    $value = implode(';', $value);
+                    $data[$key] = $value;
+                }
+            }
+        } catch(OCSException $e) {
+            throw $e;
+        } catch (\Exception $e) {
+            $this->logger->logException($e);
+            throw new OCSException('An issue occurred when modifying the config.');
+        }
 
-		return new DataResponse($data);
-	}
+        return new DataResponse($data);
+    }
 
-	/**
-	 * if the given config ID is not available, an exception is thrown
-	 *
-	 * @param string $configID
-	 * @throws OCSNotFoundException
-	 */
-	private function ensureConfigIDExists($configID) {
-		$prefixes = $this->ldapHelper->getServerConfigurationPrefixes();
-		if(!in_array($configID, $prefixes, true)) {
-			throw new OCSNotFoundException('Config ID not found');
-		}
-	}
+    /**
+     * if the given config ID is not available, an exception is thrown
+     *
+     * @param string $configID
+     * @throws OCSNotFoundException
+     */
+    private function ensureConfigIDExists($configID) {
+        $prefixes = $this->ldapHelper->getServerConfigurationPrefixes();
+        if(!in_array($configID, $prefixes, true)) {
+            throw new OCSNotFoundException('Config ID not found');
+        }
+    }
 }

apps/user_ldap/lib/Jobs/UpdateGroups.php

Indentation +163 added lines, -163 removed lines

@@ -41,182 +41,182 @@
 use OCA\User_LDAP\User\Manager;
 
 class UpdateGroups extends \OC\BackgroundJob\TimedJob {
-	static private $groupsFromDB;
-
-	static private $groupBE;
-
-	public function __construct(){
-		$this->interval = self::getRefreshInterval();
-	}
-
-	/**
-	 * @param mixed $argument
-	 */
-	public function run($argument){
-		self::updateGroups();
-	}
-
-	static public function updateGroups() {
-		\OCP\Util::writeLog('user_ldap', 'Run background job "updateGroups"', \OCP\Util::DEBUG);
-
-		$knownGroups = array_keys(self::getKnownGroups());
-		$actualGroups = self::getGroupBE()->getGroups();
-
-		if(empty($actualGroups) && empty($knownGroups)) {
-			\OCP\Util::writeLog('user_ldap',
-				'bgJ "updateGroups" – groups do not seem to be configured properly, aborting.',
-				\OCP\Util::INFO);
-			return;
-		}
-
-		self::handleKnownGroups(array_intersect($actualGroups, $knownGroups));
-		self::handleCreatedGroups(array_diff($actualGroups, $knownGroups));
-		self::handleRemovedGroups(array_diff($knownGroups, $actualGroups));
-
-		\OCP\Util::writeLog('user_ldap', 'bgJ "updateGroups" – Finished.', \OCP\Util::DEBUG);
-	}
-
-	/**
-	 * @return int
-	 */
-	static private function getRefreshInterval() {
-		//defaults to every hour
-		return \OCP\Config::getAppValue('user_ldap', 'bgjRefreshInterval', 3600);
-	}
-
-	/**
-	 * @param string[] $groups
-	 */
-	static private function handleKnownGroups($groups) {
-		\OCP\Util::writeLog('user_ldap', 'bgJ "updateGroups" – Dealing with known Groups.', \OCP\Util::DEBUG);
-		$query = \OCP\DB::prepare('
+    static private $groupsFromDB;
+
+    static private $groupBE;
+
+    public function __construct(){
+        $this->interval = self::getRefreshInterval();
+    }
+
+    /**
+     * @param mixed $argument
+     */
+    public function run($argument){
+        self::updateGroups();
+    }
+
+    static public function updateGroups() {
+        \OCP\Util::writeLog('user_ldap', 'Run background job "updateGroups"', \OCP\Util::DEBUG);
+
+        $knownGroups = array_keys(self::getKnownGroups());
+        $actualGroups = self::getGroupBE()->getGroups();
+
+        if(empty($actualGroups) && empty($knownGroups)) {
+            \OCP\Util::writeLog('user_ldap',
+                'bgJ "updateGroups" – groups do not seem to be configured properly, aborting.',
+                \OCP\Util::INFO);
+            return;
+        }
+
+        self::handleKnownGroups(array_intersect($actualGroups, $knownGroups));
+        self::handleCreatedGroups(array_diff($actualGroups, $knownGroups));
+        self::handleRemovedGroups(array_diff($knownGroups, $actualGroups));
+
+        \OCP\Util::writeLog('user_ldap', 'bgJ "updateGroups" – Finished.', \OCP\Util::DEBUG);
+    }
+
+    /**
+     * @return int
+     */
+    static private function getRefreshInterval() {
+        //defaults to every hour
+        return \OCP\Config::getAppValue('user_ldap', 'bgjRefreshInterval', 3600);
+    }
+
+    /**
+     * @param string[] $groups
+     */
+    static private function handleKnownGroups($groups) {
+        \OCP\Util::writeLog('user_ldap', 'bgJ "updateGroups" – Dealing with known Groups.', \OCP\Util::DEBUG);
+        $query = \OCP\DB::prepare('
 			UPDATE `*PREFIX*ldap_group_members`
 			SET `owncloudusers` = ?
 			WHERE `owncloudname` = ?
 		');
-		foreach($groups as $group) {
-			//we assume, that self::$groupsFromDB has been retrieved already
-			$knownUsers = unserialize(self::$groupsFromDB[$group]['owncloudusers']);
-			$actualUsers = self::getGroupBE()->usersInGroup($group);
-			$hasChanged = false;
-			foreach(array_diff($knownUsers, $actualUsers) as $removedUser) {
-				\OCP\Util::emitHook('OC_User', 'post_removeFromGroup', array('uid' => $removedUser, 'gid' => $group));
-				\OCP\Util::writeLog('user_ldap',
-				'bgJ "updateGroups" – "'.$removedUser.'" removed from "'.$group.'".',
-				\OCP\Util::INFO);
-				$hasChanged = true;
-			}
-			foreach(array_diff($actualUsers, $knownUsers) as $addedUser) {
-				\OCP\Util::emitHook('OC_User', 'post_addToGroup', array('uid' => $addedUser, 'gid' => $group));
-				\OCP\Util::writeLog('user_ldap',
-				'bgJ "updateGroups" – "'.$addedUser.'" added to "'.$group.'".',
-				\OCP\Util::INFO);
-				$hasChanged = true;
-			}
-			if($hasChanged) {
-				$query->execute(array(serialize($actualUsers), $group));
-			}
-		}
-		\OCP\Util::writeLog('user_ldap',
-			'bgJ "updateGroups" – FINISHED dealing with known Groups.',
-			\OCP\Util::DEBUG);
-	}
-
-	/**
-	 * @param string[] $createdGroups
-	 */
-	static private function handleCreatedGroups($createdGroups) {
-		\OCP\Util::writeLog('user_ldap', 'bgJ "updateGroups" – dealing with created Groups.', \OCP\Util::DEBUG);
-		$query = \OCP\DB::prepare('
+        foreach($groups as $group) {
+            //we assume, that self::$groupsFromDB has been retrieved already
+            $knownUsers = unserialize(self::$groupsFromDB[$group]['owncloudusers']);
+            $actualUsers = self::getGroupBE()->usersInGroup($group);
+            $hasChanged = false;
+            foreach(array_diff($knownUsers, $actualUsers) as $removedUser) {
+                \OCP\Util::emitHook('OC_User', 'post_removeFromGroup', array('uid' => $removedUser, 'gid' => $group));
+                \OCP\Util::writeLog('user_ldap',
+                'bgJ "updateGroups" – "'.$removedUser.'" removed from "'.$group.'".',
+                \OCP\Util::INFO);
+                $hasChanged = true;
+            }
+            foreach(array_diff($actualUsers, $knownUsers) as $addedUser) {
+                \OCP\Util::emitHook('OC_User', 'post_addToGroup', array('uid' => $addedUser, 'gid' => $group));
+                \OCP\Util::writeLog('user_ldap',
+                'bgJ "updateGroups" – "'.$addedUser.'" added to "'.$group.'".',
+                \OCP\Util::INFO);
+                $hasChanged = true;
+            }
+            if($hasChanged) {
+                $query->execute(array(serialize($actualUsers), $group));
+            }
+        }
+        \OCP\Util::writeLog('user_ldap',
+            'bgJ "updateGroups" – FINISHED dealing with known Groups.',
+            \OCP\Util::DEBUG);
+    }
+
+    /**
+     * @param string[] $createdGroups
+     */
+    static private function handleCreatedGroups($createdGroups) {
+        \OCP\Util::writeLog('user_ldap', 'bgJ "updateGroups" – dealing with created Groups.', \OCP\Util::DEBUG);
+        $query = \OCP\DB::prepare('
 			INSERT
 			INTO `*PREFIX*ldap_group_members` (`owncloudname`, `owncloudusers`)
 			VALUES (?, ?)
 		');
-		foreach($createdGroups as $createdGroup) {
-			\OCP\Util::writeLog('user_ldap',
-				'bgJ "updateGroups" – new group "'.$createdGroup.'" found.',
-				\OCP\Util::INFO);
-			$users = serialize(self::getGroupBE()->usersInGroup($createdGroup));
-			$query->execute(array($createdGroup, $users));
-		}
-		\OCP\Util::writeLog('user_ldap',
-			'bgJ "updateGroups" – FINISHED dealing with created Groups.',
-			\OCP\Util::DEBUG);
-	}
-
-	/**
-	 * @param string[] $removedGroups
-	 */
-	static private function handleRemovedGroups($removedGroups) {
-		\OCP\Util::writeLog('user_ldap', 'bgJ "updateGroups" – dealing with removed groups.', \OCP\Util::DEBUG);
-		$query = \OCP\DB::prepare('
+        foreach($createdGroups as $createdGroup) {
+            \OCP\Util::writeLog('user_ldap',
+                'bgJ "updateGroups" – new group "'.$createdGroup.'" found.',
+                \OCP\Util::INFO);
+            $users = serialize(self::getGroupBE()->usersInGroup($createdGroup));
+            $query->execute(array($createdGroup, $users));
+        }
+        \OCP\Util::writeLog('user_ldap',
+            'bgJ "updateGroups" – FINISHED dealing with created Groups.',
+            \OCP\Util::DEBUG);
+    }
+
+    /**
+     * @param string[] $removedGroups
+     */
+    static private function handleRemovedGroups($removedGroups) {
+        \OCP\Util::writeLog('user_ldap', 'bgJ "updateGroups" – dealing with removed groups.', \OCP\Util::DEBUG);
+        $query = \OCP\DB::prepare('
 			DELETE
 			FROM `*PREFIX*ldap_group_members`
 			WHERE `owncloudname` = ?
 		');
-		foreach($removedGroups as $removedGroup) {
-			\OCP\Util::writeLog('user_ldap',
-				'bgJ "updateGroups" – group "'.$removedGroup.'" was removed.',
-				\OCP\Util::INFO);
-			$query->execute(array($removedGroup));
-		}
-		\OCP\Util::writeLog('user_ldap',
-			'bgJ "updateGroups" – FINISHED dealing with removed groups.',
-			\OCP\Util::DEBUG);
-	}
-
-	/**
-	 * @return \OCA\User_LDAP\Group_LDAP|\OCA\User_LDAP\Group_Proxy
-	 */
-	static private function getGroupBE() {
-		if(!is_null(self::$groupBE)) {
-			return self::$groupBE;
-		}
-		$helper = new Helper(\OC::$server->getConfig());
-		$configPrefixes = $helper->getServerConfigurationPrefixes(true);
-		$ldapWrapper = new LDAP();
-		if(count($configPrefixes) === 1) {
-			//avoid the proxy when there is only one LDAP server configured
-			$dbc = \OC::$server->getDatabaseConnection();
-			$userManager = new Manager(
-				\OC::$server->getConfig(),
-				new FilesystemHelper(),
-				new LogWrapper(),
-				\OC::$server->getAvatarManager(),
-				new \OCP\Image(),
-				$dbc,
-				\OC::$server->getUserManager());
-			$connector = new Connection($ldapWrapper, $configPrefixes[0]);
-			$ldapAccess = new Access($connector, $ldapWrapper, $userManager, $helper);
-			$groupMapper = new GroupMapping($dbc);
-			$userMapper  = new UserMapping($dbc);
-			$ldapAccess->setGroupMapper($groupMapper);
-			$ldapAccess->setUserMapper($userMapper);
-			self::$groupBE = new \OCA\User_LDAP\Group_LDAP($ldapAccess);
-		} else {
-			self::$groupBE = new \OCA\User_LDAP\Group_Proxy($configPrefixes, $ldapWrapper);
-		}
-
-		return self::$groupBE;
-	}
-
-	/**
-	 * @return array
-	 */
-	static private function getKnownGroups() {
-		if(is_array(self::$groupsFromDB)) {
-			return self::$groupsFromDB;
-		}
-		$query = \OCP\DB::prepare('
+        foreach($removedGroups as $removedGroup) {
+            \OCP\Util::writeLog('user_ldap',
+                'bgJ "updateGroups" – group "'.$removedGroup.'" was removed.',
+                \OCP\Util::INFO);
+            $query->execute(array($removedGroup));
+        }
+        \OCP\Util::writeLog('user_ldap',
+            'bgJ "updateGroups" – FINISHED dealing with removed groups.',
+            \OCP\Util::DEBUG);
+    }
+
+    /**
+     * @return \OCA\User_LDAP\Group_LDAP|\OCA\User_LDAP\Group_Proxy
+     */
+    static private function getGroupBE() {
+        if(!is_null(self::$groupBE)) {
+            return self::$groupBE;
+        }
+        $helper = new Helper(\OC::$server->getConfig());
+        $configPrefixes = $helper->getServerConfigurationPrefixes(true);
+        $ldapWrapper = new LDAP();
+        if(count($configPrefixes) === 1) {
+            //avoid the proxy when there is only one LDAP server configured
+            $dbc = \OC::$server->getDatabaseConnection();
+            $userManager = new Manager(
+                \OC::$server->getConfig(),
+                new FilesystemHelper(),
+                new LogWrapper(),
+                \OC::$server->getAvatarManager(),
+                new \OCP\Image(),
+                $dbc,
+                \OC::$server->getUserManager());
+            $connector = new Connection($ldapWrapper, $configPrefixes[0]);
+            $ldapAccess = new Access($connector, $ldapWrapper, $userManager, $helper);
+            $groupMapper = new GroupMapping($dbc);
+            $userMapper  = new UserMapping($dbc);
+            $ldapAccess->setGroupMapper($groupMapper);
+            $ldapAccess->setUserMapper($userMapper);
+            self::$groupBE = new \OCA\User_LDAP\Group_LDAP($ldapAccess);
+        } else {
+            self::$groupBE = new \OCA\User_LDAP\Group_Proxy($configPrefixes, $ldapWrapper);
+        }
+
+        return self::$groupBE;
+    }
+
+    /**
+     * @return array
+     */
+    static private function getKnownGroups() {
+        if(is_array(self::$groupsFromDB)) {
+            return self::$groupsFromDB;
+        }
+        $query = \OCP\DB::prepare('
 			SELECT `owncloudname`, `owncloudusers`
 			FROM `*PREFIX*ldap_group_members`
 		');
-		$result = $query->execute()->fetchAll();
-		self::$groupsFromDB = array();
-		foreach($result as $dataset) {
-			self::$groupsFromDB[$dataset['owncloudname']] = $dataset;
-		}
-
-		return self::$groupsFromDB;
-	}
+        $result = $query->execute()->fetchAll();
+        self::$groupsFromDB = array();
+        foreach($result as $dataset) {
+            self::$groupsFromDB[$dataset['owncloudname']] = $dataset;
+        }
+
+        return self::$groupsFromDB;
+    }
 }