Inspection of "Merge pull request #32250 from nextcloud/cleanup/c..." - nextcloud/server - Measure and Improve Code Quality continuously with Scrutinizer

Passed

Push — master ( 48bb54...fe33e9 )

by John

created 2022-05-13 06:27 UTC

Status

Indentation +201 added lines, -201 removed lines patch added patch discarded remove patch

@@ -47,205 +47,205 @@
 block discarded – undo
  * cache
  */
 class Manager {
-	protected ?Access $access = null;
-	protected IConfig $ocConfig;
-	protected IDBConnection $db;
-	protected IUserManager $userManager;
-	protected INotificationManager $notificationManager;
-	protected FilesystemHelper $ocFilesystem;
-	protected LoggerInterface $logger;
-	protected Image $image;
-	protected IAvatarManager $avatarManager;
-	/** @var CappedMemoryCache<User> $usersByDN */
-	protected CappedMemoryCache $usersByDN;
-	/** @var CappedMemoryCache<User> $usersByUid */
-	protected CappedMemoryCache $usersByUid;
-	private IManager $shareManager;
-
-	public function __construct(
-		IConfig $ocConfig,
-		FilesystemHelper $ocFilesystem,
-		LoggerInterface $logger,
-		IAvatarManager $avatarManager,
-		Image $image,
-		IUserManager $userManager,
-		INotificationManager $notificationManager,
-		IManager $shareManager
-	) {
-		$this->ocConfig = $ocConfig;
-		$this->ocFilesystem = $ocFilesystem;
-		$this->logger = $logger;
-		$this->avatarManager = $avatarManager;
-		$this->image = $image;
-		$this->userManager = $userManager;
-		$this->notificationManager = $notificationManager;
-		$this->usersByDN = new CappedMemoryCache();
-		$this->usersByUid = new CappedMemoryCache();
-		$this->shareManager = $shareManager;
-	}
-
-	/**
-	 * Binds manager to an instance of Access.
-	 * It needs to be assigned first before the manager can be used.
-	 * @param Access
-	 */
-	public function setLdapAccess(Access $access) {
-		$this->access = $access;
-	}
-
-	/**
-	 * @brief creates an instance of User and caches (just runtime) it in the
-	 * property array
-	 * @param string $dn the DN of the user
-	 * @param string $uid the internal (owncloud) username
-	 * @return \OCA\User_LDAP\User\User
-	 */
-	private function createAndCache($dn, $uid) {
-		$this->checkAccess();
-		$user = new User($uid, $dn, $this->access, $this->ocConfig,
-			$this->ocFilesystem, clone $this->image, $this->logger,
-			$this->avatarManager, $this->userManager,
-			$this->notificationManager);
-		$this->usersByDN[$dn] = $user;
-		$this->usersByUid[$uid] = $user;
-		return $user;
-	}
-
-	/**
-	 * removes a user entry from the cache
-	 * @param $uid
-	 */
-	public function invalidate($uid) {
-		if (!isset($this->usersByUid[$uid])) {
-			return;
-		}
-		$dn = $this->usersByUid[$uid]->getDN();
-		unset($this->usersByUid[$uid]);
-		unset($this->usersByDN[$dn]);
-	}
-
-	/**
-	 * @brief checks whether the Access instance has been set
-	 * @throws \Exception if Access has not been set
-	 * @return null
-	 */
-	private function checkAccess() {
-		if (is_null($this->access)) {
-			throw new \Exception('LDAP Access instance must be set first');
-		}
-	}
-
-	/**
-	 * returns a list of attributes that will be processed further, e.g. quota,
-	 * email, displayname, or others.
-	 *
-	 * @param bool $minimal - optional, set to true to skip attributes with big
-	 * payload
-	 * @return string[]
-	 */
-	public function getAttributes($minimal = false) {
-		$baseAttributes = array_merge(Access::UUID_ATTRIBUTES, ['dn', 'uid', 'samaccountname', 'memberof']);
-		$attributes = [
-			$this->access->getConnection()->ldapExpertUUIDUserAttr,
-			$this->access->getConnection()->ldapQuotaAttribute,
-			$this->access->getConnection()->ldapEmailAttribute,
-			$this->access->getConnection()->ldapUserDisplayName,
-			$this->access->getConnection()->ldapUserDisplayName2,
-			$this->access->getConnection()->ldapExtStorageHomeAttribute,
-		];
-
-		$homeRule = (string)$this->access->getConnection()->homeFolderNamingRule;
-		if (strpos($homeRule, 'attr:') === 0) {
-			$attributes[] = substr($homeRule, strlen('attr:'));
-		}
-
-		if (!$minimal) {
-			// attributes that are not really important but may come with big
-			// payload.
-			$attributes = array_merge(
-				$attributes,
-				$this->access->getConnection()->resolveRule('avatar')
-			);
-		}
-
-		$attributes = array_reduce($attributes,
-			function ($list, $attribute) {
-				$attribute = strtolower(trim((string)$attribute));
-				if (!empty($attribute) && !in_array($attribute, $list)) {
-					$list[] = $attribute;
-				}
-
-				return $list;
-			},
-			$baseAttributes // hard-coded, lower-case, non-empty attributes
-		);
-
-		return $attributes;
-	}
-
-	/**
-	 * Checks whether the specified user is marked as deleted
-	 * @param string $id the Nextcloud user name
-	 * @return bool
-	 */
-	public function isDeletedUser($id) {
-		$isDeleted = $this->ocConfig->getUserValue(
-			$id, 'user_ldap', 'isDeleted', 0);
-		return (int)$isDeleted === 1;
-	}
-
-	/**
-	 * creates and returns an instance of OfflineUser for the specified user
-	 * @param string $id
-	 * @return \OCA\User_LDAP\User\OfflineUser
-	 */
-	public function getDeletedUser($id) {
-		return new OfflineUser(
-			$id,
-			$this->ocConfig,
-			$this->access->getUserMapper(),
-			$this->shareManager
-		);
-	}
-
-	/**
-	 * @brief returns a User object by it's Nextcloud username
-	 * @param string $id the DN or username of the user
-	 * @return \OCA\User_LDAP\User\User|\OCA\User_LDAP\User\OfflineUser|null
-	 */
-	protected function createInstancyByUserName($id) {
-		//most likely a uid. Check whether it is a deleted user
-		if ($this->isDeletedUser($id)) {
-			return $this->getDeletedUser($id);
-		}
-		$dn = $this->access->username2dn($id);
-		if ($dn !== false) {
-			return $this->createAndCache($dn, $id);
-		}
-		return null;
-	}
-
-	/**
-	 * @brief returns a User object by it's DN or Nextcloud username
-	 * @param string $id the DN or username of the user
-	 * @return \OCA\User_LDAP\User\User|\OCA\User_LDAP\User\OfflineUser|null
-	 * @throws \Exception when connection could not be established
-	 */
-	public function get($id) {
-		$this->checkAccess();
-		if (isset($this->usersByDN[$id])) {
-			return $this->usersByDN[$id];
-		} elseif (isset($this->usersByUid[$id])) {
-			return $this->usersByUid[$id];
-		}
-
-		if ($this->access->stringResemblesDN($id)) {
-			$uid = $this->access->dn2username($id);
-			if ($uid !== false) {
-				return $this->createAndCache($id, $uid);
-			}
-		}
-
-		return $this->createInstancyByUserName($id);
-	}
+    protected ?Access $access = null;
+    protected IConfig $ocConfig;
+    protected IDBConnection $db;
+    protected IUserManager $userManager;
+    protected INotificationManager $notificationManager;
+    protected FilesystemHelper $ocFilesystem;
+    protected LoggerInterface $logger;
+    protected Image $image;
+    protected IAvatarManager $avatarManager;
+    /** @var CappedMemoryCache<User> $usersByDN */
+    protected CappedMemoryCache $usersByDN;
+    /** @var CappedMemoryCache<User> $usersByUid */
+    protected CappedMemoryCache $usersByUid;
+    private IManager $shareManager;
+
+    public function __construct(
+        IConfig $ocConfig,
+        FilesystemHelper $ocFilesystem,
+        LoggerInterface $logger,
+        IAvatarManager $avatarManager,
+        Image $image,
+        IUserManager $userManager,
+        INotificationManager $notificationManager,
+        IManager $shareManager
+    ) {
+        $this->ocConfig = $ocConfig;
+        $this->ocFilesystem = $ocFilesystem;
+        $this->logger = $logger;
+        $this->avatarManager = $avatarManager;
+        $this->image = $image;
+        $this->userManager = $userManager;
+        $this->notificationManager = $notificationManager;
+        $this->usersByDN = new CappedMemoryCache();
+        $this->usersByUid = new CappedMemoryCache();
+        $this->shareManager = $shareManager;
+    }
+
+    /**
+     * Binds manager to an instance of Access.
+     * It needs to be assigned first before the manager can be used.
+     * @param Access
+     */
+    public function setLdapAccess(Access $access) {
+        $this->access = $access;
+    }
+
+    /**
+     * @brief creates an instance of User and caches (just runtime) it in the
+     * property array
+     * @param string $dn the DN of the user
+     * @param string $uid the internal (owncloud) username
+     * @return \OCA\User_LDAP\User\User
+     */
+    private function createAndCache($dn, $uid) {
+        $this->checkAccess();
+        $user = new User($uid, $dn, $this->access, $this->ocConfig,
+            $this->ocFilesystem, clone $this->image, $this->logger,
+            $this->avatarManager, $this->userManager,
+            $this->notificationManager);
+        $this->usersByDN[$dn] = $user;
+        $this->usersByUid[$uid] = $user;
+        return $user;
+    }
+
+    /**
+     * removes a user entry from the cache
+     * @param $uid
+     */
+    public function invalidate($uid) {
+        if (!isset($this->usersByUid[$uid])) {
+            return;
+        }
+        $dn = $this->usersByUid[$uid]->getDN();
+        unset($this->usersByUid[$uid]);
+        unset($this->usersByDN[$dn]);
+    }
+
+    /**
+     * @brief checks whether the Access instance has been set
+     * @throws \Exception if Access has not been set
+     * @return null
+     */
+    private function checkAccess() {
+        if (is_null($this->access)) {
+            throw new \Exception('LDAP Access instance must be set first');
+        }
+    }
+
+    /**
+     * returns a list of attributes that will be processed further, e.g. quota,
+     * email, displayname, or others.
+     *
+     * @param bool $minimal - optional, set to true to skip attributes with big
+     * payload
+     * @return string[]
+     */
+    public function getAttributes($minimal = false) {
+        $baseAttributes = array_merge(Access::UUID_ATTRIBUTES, ['dn', 'uid', 'samaccountname', 'memberof']);
+        $attributes = [
+            $this->access->getConnection()->ldapExpertUUIDUserAttr,
+            $this->access->getConnection()->ldapQuotaAttribute,
+            $this->access->getConnection()->ldapEmailAttribute,
+            $this->access->getConnection()->ldapUserDisplayName,
+            $this->access->getConnection()->ldapUserDisplayName2,
+            $this->access->getConnection()->ldapExtStorageHomeAttribute,
+        ];
+
+        $homeRule = (string)$this->access->getConnection()->homeFolderNamingRule;
+        if (strpos($homeRule, 'attr:') === 0) {
+            $attributes[] = substr($homeRule, strlen('attr:'));
+        }
+
+        if (!$minimal) {
+            // attributes that are not really important but may come with big
+            // payload.
+            $attributes = array_merge(
+                $attributes,
+                $this->access->getConnection()->resolveRule('avatar')
+            );
+        }
+
+        $attributes = array_reduce($attributes,
+            function ($list, $attribute) {
+                $attribute = strtolower(trim((string)$attribute));
+                if (!empty($attribute) && !in_array($attribute, $list)) {
+                    $list[] = $attribute;
+                }
+
+                return $list;
+            },
+            $baseAttributes // hard-coded, lower-case, non-empty attributes
+        );
+
+        return $attributes;
+    }
+
+    /**
+     * Checks whether the specified user is marked as deleted
+     * @param string $id the Nextcloud user name
+     * @return bool
+     */
+    public function isDeletedUser($id) {
+        $isDeleted = $this->ocConfig->getUserValue(
+            $id, 'user_ldap', 'isDeleted', 0);
+        return (int)$isDeleted === 1;
+    }
+
+    /**
+     * creates and returns an instance of OfflineUser for the specified user
+     * @param string $id
+     * @return \OCA\User_LDAP\User\OfflineUser
+     */
+    public function getDeletedUser($id) {
+        return new OfflineUser(
+            $id,
+            $this->ocConfig,
+            $this->access->getUserMapper(),
+            $this->shareManager
+        );
+    }
+
+    /**
+     * @brief returns a User object by it's Nextcloud username
+     * @param string $id the DN or username of the user
+     * @return \OCA\User_LDAP\User\User|\OCA\User_LDAP\User\OfflineUser|null
+     */
+    protected function createInstancyByUserName($id) {
+        //most likely a uid. Check whether it is a deleted user
+        if ($this->isDeletedUser($id)) {
+            return $this->getDeletedUser($id);
+        }
+        $dn = $this->access->username2dn($id);
+        if ($dn !== false) {
+            return $this->createAndCache($dn, $id);
+        }
+        return null;
+    }
+
+    /**
+     * @brief returns a User object by it's DN or Nextcloud username
+     * @param string $id the DN or username of the user
+     * @return \OCA\User_LDAP\User\User|\OCA\User_LDAP\User\OfflineUser|null
+     * @throws \Exception when connection could not be established
+     */
+    public function get($id) {
+        $this->checkAccess();
+        if (isset($this->usersByDN[$id])) {
+            return $this->usersByDN[$id];
+        } elseif (isset($this->usersByUid[$id])) {
+            return $this->usersByUid[$id];
+        }
+
+        if ($this->access->stringResemblesDN($id)) {
+            $uid = $this->access->dn2username($id);
+            if ($uid !== false) {
+                return $this->createAndCache($id, $uid);
+            }
+        }
+
+        return $this->createInstancyByUserName($id);
+    }
 }

Please login to merge, or discard this patch.

apps/user_ldap/lib/Helper.php 1 patch

Indentation +249 added lines, -249 removed lines patch added patch discarded remove patch

@@ -35,253 +35,253 @@
 block discarded – undo
 use OCP\IDBConnection;
 
 class Helper {
-	private IConfig $config;
-	private IDBConnection $connection;
-	/** @var CappedMemoryCache<string> */
-	protected CappedMemoryCache $sanitizeDnCache;
-
-	public function __construct(IConfig $config,
-								IDBConnection $connection) {
-		$this->config = $config;
-		$this->connection = $connection;
-		$this->sanitizeDnCache = new CappedMemoryCache(10000);
-	}
-
-	/**
-	 * returns prefixes for each saved LDAP/AD server configuration.
-	 *
-	 * @param bool $activeConfigurations optional, whether only active configuration shall be
-	 * retrieved, defaults to false
-	 * @return array with a list of the available prefixes
-	 *
-	 * Configuration prefixes are used to set up configurations for n LDAP or
-	 * AD servers. Since configuration is stored in the database, table
-	 * appconfig under appid user_ldap, the common identifiers in column
-	 * 'configkey' have a prefix. The prefix for the very first server
-	 * configuration is empty.
-	 * Configkey Examples:
-	 * Server 1: ldap_login_filter
-	 * Server 2: s1_ldap_login_filter
-	 * Server 3: s2_ldap_login_filter
-	 *
-	 * The prefix needs to be passed to the constructor of Connection class,
-	 * except the default (first) server shall be connected to.
-	 *
-	 */
-	public function getServerConfigurationPrefixes($activeConfigurations = false): array {
-		$referenceConfigkey = 'ldap_configuration_active';
-
-		$keys = $this->getServersConfig($referenceConfigkey);
-
-		$prefixes = [];
-		foreach ($keys as $key) {
-			if ($activeConfigurations && $this->config->getAppValue('user_ldap', $key, '0') !== '1') {
-				continue;
-			}
-
-			$len = strlen($key) - strlen($referenceConfigkey);
-			$prefixes[] = substr($key, 0, $len);
-		}
-		asort($prefixes);
-
-		return $prefixes;
-	}
-
-	/**
-	 *
-	 * determines the host for every configured connection
-	 *
-	 * @return array an array with configprefix as keys
-	 *
-	 */
-	public function getServerConfigurationHosts() {
-		$referenceConfigkey = 'ldap_host';
-
-		$keys = $this->getServersConfig($referenceConfigkey);
-
-		$result = [];
-		foreach ($keys as $key) {
-			$len = strlen($key) - strlen($referenceConfigkey);
-			$prefix = substr($key, 0, $len);
-			$result[$prefix] = $this->config->getAppValue('user_ldap', $key);
-		}
-
-		return $result;
-	}
-
-	/**
-	 * return the next available configuration prefix
-	 *
-	 * @return string
-	 */
-	public function getNextServerConfigurationPrefix() {
-		$serverConnections = $this->getServerConfigurationPrefixes();
-
-		if (count($serverConnections) === 0) {
-			return 's01';
-		}
-
-		sort($serverConnections);
-		$lastKey = array_pop($serverConnections);
-		$lastNumber = (int)str_replace('s', '', $lastKey);
-		return 's' . str_pad((string)($lastNumber + 1), 2, '0', STR_PAD_LEFT);
-	}
-
-	private function getServersConfig(string $value): array {
-		$regex = '/' . $value . '$/S';
-
-		$keys = $this->config->getAppKeys('user_ldap');
-		$result = [];
-		foreach ($keys as $key) {
-			if (preg_match($regex, $key) === 1) {
-				$result[] = $key;
-			}
-		}
-
-		return $result;
-	}
-
-	/**
-	 * deletes a given saved LDAP/AD server configuration.
-	 *
-	 * @param string $prefix the configuration prefix of the config to delete
-	 * @return bool true on success, false otherwise
-	 */
-	public function deleteServerConfiguration($prefix) {
-		if (!in_array($prefix, self::getServerConfigurationPrefixes())) {
-			return false;
-		}
-
-		$query = $this->connection->getQueryBuilder();
-		$query->delete('appconfig')
-			->where($query->expr()->eq('appid', $query->createNamedParameter('user_ldap')))
-			->andWhere($query->expr()->like('configkey', $query->createNamedParameter((string)$prefix . '%')))
-			->andWhere($query->expr()->notIn('configkey', $query->createNamedParameter([
-				'enabled',
-				'installed_version',
-				'types',
-				'bgjUpdateGroupsLastRun',
-			], IQueryBuilder::PARAM_STR_ARRAY)));
-
-		if (empty($prefix)) {
-			$query->andWhere($query->expr()->notLike('configkey', $query->createNamedParameter('s%')));
-		}
-
-		$deletedRows = $query->execute();
-		return $deletedRows !== 0;
-	}
-
-	/**
-	 * checks whether there is one or more disabled LDAP configurations
-	 */
-	public function haveDisabledConfigurations(): bool {
-		$all = $this->getServerConfigurationPrefixes(false);
-		$active = $this->getServerConfigurationPrefixes(true);
-
-		return count($all) !== count($active) || count($all) === 0;
-	}
-
-	/**
-	 * extracts the domain from a given URL
-	 *
-	 * @param string $url the URL
-	 * @return string|false domain as string on success, false otherwise
-	 */
-	public function getDomainFromURL($url) {
-		$uinfo = parse_url($url);
-		if (!is_array($uinfo)) {
-			return false;
-		}
-
-		$domain = false;
-		if (isset($uinfo['host'])) {
-			$domain = $uinfo['host'];
-		} elseif (isset($uinfo['path'])) {
-			$domain = $uinfo['path'];
-		}
-
-		return $domain;
-	}
-
-	/**
-	 * sanitizes a DN received from the LDAP server
-	 *
-	 * @param array|string $dn the DN in question
-	 * @return array|string the sanitized DN
-	 */
-	public function sanitizeDN($dn) {
-		//treating multiple base DNs
-		if (is_array($dn)) {
-			$result = [];
-			foreach ($dn as $singleDN) {
-				$result[] = $this->sanitizeDN($singleDN);
-			}
-			return $result;
-		}
-
-		if (!is_string($dn)) {
-			throw new \LogicException('String expected ' . \gettype($dn) . ' given');
-		}
-
-		if (($sanitizedDn = $this->sanitizeDnCache->get($dn)) !== null) {
-			return $sanitizedDn;
-		}
-
-		//OID sometimes gives back DNs with whitespace after the comma
-		// a la "uid=foo, cn=bar, dn=..." We need to tackle this!
-		$sanitizedDn = preg_replace('/([^\\\]),(\s+)/u', '\1,', $dn);
-
-		//make comparisons and everything work
-		$sanitizedDn = mb_strtolower($sanitizedDn, 'UTF-8');
-
-		//escape DN values according to RFC 2253 – this is already done by ldap_explode_dn
-		//to use the DN in search filters, \ needs to be escaped to \5c additionally
-		//to use them in bases, we convert them back to simple backslashes in readAttribute()
-		$replacements = [
-			'\,' => '\5c2C',
-			'\=' => '\5c3D',
-			'\+' => '\5c2B',
-			'\<' => '\5c3C',
-			'\>' => '\5c3E',
-			'\;' => '\5c3B',
-			'\"' => '\5c22',
-			'\#' => '\5c23',
-			'(' => '\28',
-			')' => '\29',
-			'*' => '\2A',
-		];
-		$sanitizedDn = str_replace(array_keys($replacements), array_values($replacements), $sanitizedDn);
-		$this->sanitizeDnCache->set($dn, $sanitizedDn);
-
-		return $sanitizedDn;
-	}
-
-	/**
-	 * converts a stored DN so it can be used as base parameter for LDAP queries, internally we store them for usage in LDAP filters
-	 *
-	 * @param string $dn the DN
-	 * @return string
-	 */
-	public function DNasBaseParameter($dn) {
-		return str_ireplace('\\5c', '\\', $dn);
-	}
-
-	/**
-	 * listens to a hook thrown by server2server sharing and replaces the given
-	 * login name by a username, if it matches an LDAP user.
-	 *
-	 * @param array $param contains a reference to a $uid var under 'uid' key
-	 * @throws \Exception
-	 */
-	public static function loginName2UserName($param): void {
-		if (!isset($param['uid'])) {
-			throw new \Exception('key uid is expected to be set in $param');
-		}
-
-		$userBackend = \OC::$server->get(User_Proxy::class);
-		$uid = $userBackend->loginName2UserName($param['uid']);
-		if ($uid !== false) {
-			$param['uid'] = $uid;
-		}
-	}
+    private IConfig $config;
+    private IDBConnection $connection;
+    /** @var CappedMemoryCache<string> */
+    protected CappedMemoryCache $sanitizeDnCache;
+
+    public function __construct(IConfig $config,
+                                IDBConnection $connection) {
+        $this->config = $config;
+        $this->connection = $connection;
+        $this->sanitizeDnCache = new CappedMemoryCache(10000);
+    }
+
+    /**
+     * returns prefixes for each saved LDAP/AD server configuration.
+     *
+     * @param bool $activeConfigurations optional, whether only active configuration shall be
+     * retrieved, defaults to false
+     * @return array with a list of the available prefixes
+     *
+     * Configuration prefixes are used to set up configurations for n LDAP or
+     * AD servers. Since configuration is stored in the database, table
+     * appconfig under appid user_ldap, the common identifiers in column
+     * 'configkey' have a prefix. The prefix for the very first server
+     * configuration is empty.
+     * Configkey Examples:
+     * Server 1: ldap_login_filter
+     * Server 2: s1_ldap_login_filter
+     * Server 3: s2_ldap_login_filter
+     *
+     * The prefix needs to be passed to the constructor of Connection class,
+     * except the default (first) server shall be connected to.
+     *
+     */
+    public function getServerConfigurationPrefixes($activeConfigurations = false): array {
+        $referenceConfigkey = 'ldap_configuration_active';
+
+        $keys = $this->getServersConfig($referenceConfigkey);
+
+        $prefixes = [];
+        foreach ($keys as $key) {
+            if ($activeConfigurations && $this->config->getAppValue('user_ldap', $key, '0') !== '1') {
+                continue;
+            }
+
+            $len = strlen($key) - strlen($referenceConfigkey);
+            $prefixes[] = substr($key, 0, $len);
+        }
+        asort($prefixes);
+
+        return $prefixes;
+    }
+
+    /**
+     *
+     * determines the host for every configured connection
+     *
+     * @return array an array with configprefix as keys
+     *
+     */
+    public function getServerConfigurationHosts() {
+        $referenceConfigkey = 'ldap_host';
+
+        $keys = $this->getServersConfig($referenceConfigkey);
+
+        $result = [];
+        foreach ($keys as $key) {
+            $len = strlen($key) - strlen($referenceConfigkey);
+            $prefix = substr($key, 0, $len);
+            $result[$prefix] = $this->config->getAppValue('user_ldap', $key);
+        }
+
+        return $result;
+    }
+
+    /**
+     * return the next available configuration prefix
+     *
+     * @return string
+     */
+    public function getNextServerConfigurationPrefix() {
+        $serverConnections = $this->getServerConfigurationPrefixes();
+
+        if (count($serverConnections) === 0) {
+            return 's01';
+        }
+
+        sort($serverConnections);
+        $lastKey = array_pop($serverConnections);
+        $lastNumber = (int)str_replace('s', '', $lastKey);
+        return 's' . str_pad((string)($lastNumber + 1), 2, '0', STR_PAD_LEFT);
+    }
+
+    private function getServersConfig(string $value): array {
+        $regex = '/' . $value . '$/S';
+
+        $keys = $this->config->getAppKeys('user_ldap');
+        $result = [];
+        foreach ($keys as $key) {
+            if (preg_match($regex, $key) === 1) {
+                $result[] = $key;
+            }
+        }
+
+        return $result;
+    }
+
+    /**
+     * deletes a given saved LDAP/AD server configuration.
+     *
+     * @param string $prefix the configuration prefix of the config to delete
+     * @return bool true on success, false otherwise
+     */
+    public function deleteServerConfiguration($prefix) {
+        if (!in_array($prefix, self::getServerConfigurationPrefixes())) {
+            return false;
+        }
+
+        $query = $this->connection->getQueryBuilder();
+        $query->delete('appconfig')
+            ->where($query->expr()->eq('appid', $query->createNamedParameter('user_ldap')))
+            ->andWhere($query->expr()->like('configkey', $query->createNamedParameter((string)$prefix . '%')))
+            ->andWhere($query->expr()->notIn('configkey', $query->createNamedParameter([
+                'enabled',
+                'installed_version',
+                'types',
+                'bgjUpdateGroupsLastRun',
+            ], IQueryBuilder::PARAM_STR_ARRAY)));
+
+        if (empty($prefix)) {
+            $query->andWhere($query->expr()->notLike('configkey', $query->createNamedParameter('s%')));
+        }
+
+        $deletedRows = $query->execute();
+        return $deletedRows !== 0;
+    }
+
+    /**
+     * checks whether there is one or more disabled LDAP configurations
+     */
+    public function haveDisabledConfigurations(): bool {
+        $all = $this->getServerConfigurationPrefixes(false);
+        $active = $this->getServerConfigurationPrefixes(true);
+
+        return count($all) !== count($active) || count($all) === 0;
+    }
+
+    /**
+     * extracts the domain from a given URL
+     *
+     * @param string $url the URL
+     * @return string|false domain as string on success, false otherwise
+     */
+    public function getDomainFromURL($url) {
+        $uinfo = parse_url($url);
+        if (!is_array($uinfo)) {
+            return false;
+        }
+
+        $domain = false;
+        if (isset($uinfo['host'])) {
+            $domain = $uinfo['host'];
+        } elseif (isset($uinfo['path'])) {
+            $domain = $uinfo['path'];
+        }
+
+        return $domain;
+    }
+
+    /**
+     * sanitizes a DN received from the LDAP server
+     *
+     * @param array|string $dn the DN in question
+     * @return array|string the sanitized DN
+     */
+    public function sanitizeDN($dn) {
+        //treating multiple base DNs
+        if (is_array($dn)) {
+            $result = [];
+            foreach ($dn as $singleDN) {
+                $result[] = $this->sanitizeDN($singleDN);
+            }
+            return $result;
+        }
+
+        if (!is_string($dn)) {
+            throw new \LogicException('String expected ' . \gettype($dn) . ' given');
+        }
+
+        if (($sanitizedDn = $this->sanitizeDnCache->get($dn)) !== null) {
+            return $sanitizedDn;
+        }
+
+        //OID sometimes gives back DNs with whitespace after the comma
+        // a la "uid=foo, cn=bar, dn=..." We need to tackle this!
+        $sanitizedDn = preg_replace('/([^\\\]),(\s+)/u', '\1,', $dn);
+
+        //make comparisons and everything work
+        $sanitizedDn = mb_strtolower($sanitizedDn, 'UTF-8');
+
+        //escape DN values according to RFC 2253 – this is already done by ldap_explode_dn
+        //to use the DN in search filters, \ needs to be escaped to \5c additionally
+        //to use them in bases, we convert them back to simple backslashes in readAttribute()
+        $replacements = [
+            '\,' => '\5c2C',
+            '\=' => '\5c3D',
+            '\+' => '\5c2B',
+            '\<' => '\5c3C',
+            '\>' => '\5c3E',
+            '\;' => '\5c3B',
+            '\"' => '\5c22',
+            '\#' => '\5c23',
+            '(' => '\28',
+            ')' => '\29',
+            '*' => '\2A',
+        ];
+        $sanitizedDn = str_replace(array_keys($replacements), array_values($replacements), $sanitizedDn);
+        $this->sanitizeDnCache->set($dn, $sanitizedDn);
+
+        return $sanitizedDn;
+    }
+
+    /**
+     * converts a stored DN so it can be used as base parameter for LDAP queries, internally we store them for usage in LDAP filters
+     *
+     * @param string $dn the DN
+     * @return string
+     */
+    public function DNasBaseParameter($dn) {
+        return str_ireplace('\\5c', '\\', $dn);
+    }
+
+    /**
+     * listens to a hook thrown by server2server sharing and replaces the given
+     * login name by a username, if it matches an LDAP user.
+     *
+     * @param array $param contains a reference to a $uid var under 'uid' key
+     * @throws \Exception
+     */
+    public static function loginName2UserName($param): void {
+        if (!isset($param['uid'])) {
+            throw new \Exception('key uid is expected to be set in $param');
+        }
+
+        $userBackend = \OC::$server->get(User_Proxy::class);
+        $uid = $userBackend->loginName2UserName($param['uid']);
+        if ($uid !== false) {
+            $param['uid'] = $uid;
+        }
+    }
 }

Please login to merge, or discard this patch.

apps/files_external/lib/Lib/Storage/AmazonS3.php 1 patch

Indentation +706 added lines, -706 removed lines patch added patch discarded remove patch

@@ -57,710 +57,710 @@
 block discarded – undo
 use OCP\ICache;
 
 class AmazonS3 extends \OC\Files\Storage\Common {
-	use S3ConnectionTrait;
-	use S3ObjectTrait;
-
-	public function needsPartFile() {
-		return false;
-	}
-
-	/** @var CappedMemoryCache<array|false> */
-	private CappedMemoryCache $objectCache;
-
-	/** @var CappedMemoryCache<bool> */
-	private CappedMemoryCache $directoryCache;
-
-	/** @var CappedMemoryCache<array> */
-	private CappedMemoryCache $filesCache;
-
-	private IMimeTypeDetector $mimeDetector;
-	private ?bool $versioningEnabled = null;
-	private ICache $memCache;
-
-	public function __construct($parameters) {
-		parent::__construct($parameters);
-		$this->parseParams($parameters);
-		$this->id = 'amazon::external::' . md5($this->params['hostname'] . ':' . $this->params['bucket'] . ':' . $this->params['key']);
-		$this->objectCache = new CappedMemoryCache();
-		$this->directoryCache = new CappedMemoryCache();
-		$this->filesCache = new CappedMemoryCache();
-		$this->mimeDetector = Server::get(IMimeTypeDetector::class);
-		/** @var ICacheFactory $cacheFactory */
-		$cacheFactory = Server::get(ICacheFactory::class);
-		$this->memCache = $cacheFactory->createLocal('s3-external');
-	}
-
-	/**
-	 * @param string $path
-	 * @return string correctly encoded path
-	 */
-	private function normalizePath($path) {
-		$path = trim($path, '/');
-
-		if (!$path) {
-			$path = '.';
-		}
-
-		return $path;
-	}
-
-	private function isRoot($path) {
-		return $path === '.';
-	}
-
-	private function cleanKey($path) {
-		if ($this->isRoot($path)) {
-			return '/';
-		}
-		return $path;
-	}
-
-	private function clearCache() {
-		$this->objectCache = new CappedMemoryCache();
-		$this->directoryCache = new CappedMemoryCache();
-		$this->filesCache = new CappedMemoryCache();
-	}
-
-	private function invalidateCache($key) {
-		unset($this->objectCache[$key]);
-		$keys = array_keys($this->objectCache->getData());
-		$keyLength = strlen($key);
-		foreach ($keys as $existingKey) {
-			if (substr($existingKey, 0, $keyLength) === $key) {
-				unset($this->objectCache[$existingKey]);
-			}
-		}
-		unset($this->filesCache[$key]);
-		$keys = array_keys($this->directoryCache->getData());
-		$keyLength = strlen($key);
-		foreach ($keys as $existingKey) {
-			if (substr($existingKey, 0, $keyLength) === $key) {
-				unset($this->directoryCache[$existingKey]);
-			}
-		}
-		unset($this->directoryCache[$key]);
-	}
-
-	/**
-	 * @return array|false
-	 */
-	private function headObject(string $key) {
-		if (!isset($this->objectCache[$key])) {
-			try {
-				$this->objectCache[$key] = $this->getConnection()->headObject([
-					'Bucket' => $this->bucket,
-					'Key' => $key
-				])->toArray();
-			} catch (S3Exception $e) {
-				if ($e->getStatusCode() >= 500) {
-					throw $e;
-				}
-				$this->objectCache[$key] = false;
-			}
-		}
-
-		if (is_array($this->objectCache[$key]) && !isset($this->objectCache[$key]["Key"])) {
-			/** @psalm-suppress InvalidArgument Psalm doesn't understand nested arrays well */
-			$this->objectCache[$key]["Key"] = $key;
-		}
-		return $this->objectCache[$key];
-	}
-
-	/**
-	 * Return true if directory exists
-	 *
-	 * There are no folders in s3. A folder like structure could be archived
-	 * by prefixing files with the folder name.
-	 *
-	 * Implementation from flysystem-aws-s3-v3:
-	 * https://github.com/thephpleague/flysystem-aws-s3-v3/blob/8241e9cc5b28f981e0d24cdaf9867f14c7498ae4/src/AwsS3Adapter.php#L670-L694
-	 *
-	 * @param $path
-	 * @return bool
-	 * @throws \Exception
-	 */
-	private function doesDirectoryExist($path) {
-		if ($path === '.' || $path === '') {
-			return true;
-		}
-		$path = rtrim($path, '/') . '/';
-
-		if (isset($this->directoryCache[$path])) {
-			return $this->directoryCache[$path];
-		}
-		try {
-			// Maybe this isn't an actual key, but a prefix.
-			// Do a prefix listing of objects to determine.
-			$result = $this->getConnection()->listObjectsV2([
-				'Bucket' => $this->bucket,
-				'Prefix' => $path,
-				'MaxKeys' => 1,
-			]);
-
-			if (isset($result['Contents'])) {
-				$this->directoryCache[$path] = true;
-				return true;
-			}
-
-			// empty directories have their own object
-			$object = $this->headObject($path);
-
-			if ($object) {
-				$this->directoryCache[$path] = true;
-				return true;
-			}
-		} catch (S3Exception $e) {
-			if ($e->getStatusCode() >= 400 && $e->getStatusCode() < 500) {
-				$this->directoryCache[$path] = false;
-			}
-			throw $e;
-		}
-
-
-		$this->directoryCache[$path] = false;
-		return false;
-	}
-
-	/**
-	 * Remove a file or folder
-	 *
-	 * @param string $path
-	 * @return bool
-	 */
-	protected function remove($path) {
-		// remember fileType to reduce http calls
-		$fileType = $this->filetype($path);
-		if ($fileType === 'dir') {
-			return $this->rmdir($path);
-		} elseif ($fileType === 'file') {
-			return $this->unlink($path);
-		} else {
-			return false;
-		}
-	}
-
-	public function mkdir($path) {
-		$path = $this->normalizePath($path);
-
-		if ($this->is_dir($path)) {
-			return false;
-		}
-
-		try {
-			$this->getConnection()->putObject([
-				'Bucket' => $this->bucket,
-				'Key' => $path . '/',
-				'Body' => '',
-				'ContentType' => FileInfo::MIMETYPE_FOLDER
-			]);
-			$this->testTimeout();
-		} catch (S3Exception $e) {
-			\OC::$server->getLogger()->logException($e, ['app' => 'files_external']);
-			return false;
-		}
-
-		$this->invalidateCache($path);
-
-		return true;
-	}
-
-	public function file_exists($path) {
-		return $this->filetype($path) !== false;
-	}
-
-
-	public function rmdir($path) {
-		$path = $this->normalizePath($path);
-
-		if ($this->isRoot($path)) {
-			return $this->clearBucket();
-		}
-
-		if (!$this->file_exists($path)) {
-			return false;
-		}
-
-		$this->invalidateCache($path);
-		return $this->batchDelete($path);
-	}
-
-	protected function clearBucket() {
-		$this->clearCache();
-		try {
-			$this->getConnection()->clearBucket([
-				"Bucket" => $this->bucket
-			]);
-			return true;
-			// clearBucket() is not working with Ceph, so if it fails we try the slower approach
-		} catch (\Exception $e) {
-			return $this->batchDelete();
-		}
-	}
-
-	private function batchDelete($path = null) {
-		$params = [
-			'Bucket' => $this->bucket
-		];
-		if ($path !== null) {
-			$params['Prefix'] = $path . '/';
-		}
-		try {
-			$connection = $this->getConnection();
-			// Since there are no real directories on S3, we need
-			// to delete all objects prefixed with the path.
-			do {
-				// instead of the iterator, manually loop over the list ...
-				$objects = $connection->listObjects($params);
-				// ... so we can delete the files in batches
-				if (isset($objects['Contents'])) {
-					$connection->deleteObjects([
-						'Bucket' => $this->bucket,
-						'Delete' => [
-							'Objects' => $objects['Contents']
-						]
-					]);
-					$this->testTimeout();
-				}
-				// we reached the end when the list is no longer truncated
-			} while ($objects['IsTruncated']);
-			if ($path !== '' && $path !== null) {
-				$this->deleteObject($path);
-			}
-		} catch (S3Exception $e) {
-			\OC::$server->getLogger()->logException($e, ['app' => 'files_external']);
-			return false;
-		}
-		return true;
-	}
-
-	public function opendir($path) {
-		try {
-			$content = iterator_to_array($this->getDirectoryContent($path));
-			return IteratorDirectory::wrap(array_map(function (array $item) {
-				return $item['name'];
-			}, $content));
-		} catch (S3Exception $e) {
-			return false;
-		}
-	}
-
-	public function stat($path) {
-		$path = $this->normalizePath($path);
-
-		if ($this->is_dir($path)) {
-			$stat = $this->getDirectoryMetaData($path);
-		} else {
-			$object = $this->headObject($path);
-			if ($object === false) {
-				return false;
-			}
-			$stat = $this->objectToMetaData($object);
-		}
-		$stat['atime'] = time();
-
-		return $stat;
-	}
-
-	/**
-	 * Return content length for object
-	 *
-	 * When the information is already present (e.g. opendir has been called before)
-	 * this value is return. Otherwise a headObject is emitted.
-	 *
-	 * @param $path
-	 * @return int|mixed
-	 */
-	private function getContentLength($path) {
-		if (isset($this->filesCache[$path])) {
-			return (int)$this->filesCache[$path]['ContentLength'];
-		}
-
-		$result = $this->headObject($path);
-		if (isset($result['ContentLength'])) {
-			return (int)$result['ContentLength'];
-		}
-
-		return 0;
-	}
-
-	/**
-	 * Return last modified for object
-	 *
-	 * When the information is already present (e.g. opendir has been called before)
-	 * this value is return. Otherwise a headObject is emitted.
-	 *
-	 * @param $path
-	 * @return mixed|string
-	 */
-	private function getLastModified($path) {
-		if (isset($this->filesCache[$path])) {
-			return $this->filesCache[$path]['LastModified'];
-		}
-
-		$result = $this->headObject($path);
-		if (isset($result['LastModified'])) {
-			return $result['LastModified'];
-		}
-
-		return 'now';
-	}
-
-	public function is_dir($path) {
-		$path = $this->normalizePath($path);
-
-		if (isset($this->filesCache[$path])) {
-			return false;
-		}
-
-		try {
-			return $this->doesDirectoryExist($path);
-		} catch (S3Exception $e) {
-			\OC::$server->getLogger()->logException($e, ['app' => 'files_external']);
-			return false;
-		}
-	}
-
-	public function filetype($path) {
-		$path = $this->normalizePath($path);
-
-		if ($this->isRoot($path)) {
-			return 'dir';
-		}
-
-		try {
-			if (isset($this->directoryCache[$path]) && $this->directoryCache[$path]) {
-				return 'dir';
-			}
-			if (isset($this->filesCache[$path]) || $this->headObject($path)) {
-				return 'file';
-			}
-			if ($this->doesDirectoryExist($path)) {
-				return 'dir';
-			}
-		} catch (S3Exception $e) {
-			\OC::$server->getLogger()->logException($e, ['app' => 'files_external']);
-			return false;
-		}
-
-		return false;
-	}
-
-	public function getPermissions($path) {
-		$type = $this->filetype($path);
-		if (!$type) {
-			return 0;
-		}
-		return $type === 'dir' ? Constants::PERMISSION_ALL : Constants::PERMISSION_ALL - Constants::PERMISSION_CREATE;
-	}
-
-	public function unlink($path) {
-		$path = $this->normalizePath($path);
-
-		if ($this->is_dir($path)) {
-			return $this->rmdir($path);
-		}
-
-		try {
-			$this->deleteObject($path);
-			$this->invalidateCache($path);
-		} catch (S3Exception $e) {
-			\OC::$server->getLogger()->logException($e, ['app' => 'files_external']);
-			return false;
-		}
-
-		return true;
-	}
-
-	public function fopen($path, $mode) {
-		$path = $this->normalizePath($path);
-
-		switch ($mode) {
-			case 'r':
-			case 'rb':
-				// Don't try to fetch empty files
-				$stat = $this->stat($path);
-				if (is_array($stat) && isset($stat['size']) && $stat['size'] === 0) {
-					return fopen('php://memory', $mode);
-				}
-
-				try {
-					return $this->readObject($path);
-				} catch (S3Exception $e) {
-					\OC::$server->getLogger()->logException($e, ['app' => 'files_external']);
-					return false;
-				}
-			case 'w':
-			case 'wb':
-				$tmpFile = \OC::$server->getTempManager()->getTemporaryFile();
-
-				$handle = fopen($tmpFile, 'w');
-				return CallbackWrapper::wrap($handle, null, null, function () use ($path, $tmpFile) {
-					$this->writeBack($tmpFile, $path);
-				});
-			case 'a':
-			case 'ab':
-			case 'r+':
-			case 'w+':
-			case 'wb+':
-			case 'a+':
-			case 'x':
-			case 'x+':
-			case 'c':
-			case 'c+':
-				if (strrpos($path, '.') !== false) {
-					$ext = substr($path, strrpos($path, '.'));
-				} else {
-					$ext = '';
-				}
-				$tmpFile = \OC::$server->getTempManager()->getTemporaryFile($ext);
-				if ($this->file_exists($path)) {
-					$source = $this->readObject($path);
-					file_put_contents($tmpFile, $source);
-				}
-
-				$handle = fopen($tmpFile, $mode);
-				return CallbackWrapper::wrap($handle, null, null, function () use ($path, $tmpFile) {
-					$this->writeBack($tmpFile, $path);
-				});
-		}
-		return false;
-	}
-
-	public function touch($path, $mtime = null) {
-		if (is_null($mtime)) {
-			$mtime = time();
-		}
-		$metadata = [
-			'lastmodified' => gmdate(\DateTime::RFC1123, $mtime)
-		];
-
-		try {
-			if (!$this->file_exists($path)) {
-				$mimeType = $this->mimeDetector->detectPath($path);
-				$this->getConnection()->putObject([
-					'Bucket' => $this->bucket,
-					'Key' => $this->cleanKey($path),
-					'Metadata' => $metadata,
-					'Body' => '',
-					'ContentType' => $mimeType,
-					'MetadataDirective' => 'REPLACE',
-				]);
-				$this->testTimeout();
-			}
-		} catch (S3Exception $e) {
-			\OC::$server->getLogger()->logException($e, ['app' => 'files_external']);
-			return false;
-		}
-
-		$this->invalidateCache($path);
-		return true;
-	}
-
-	public function copy($path1, $path2, $isFile = null) {
-		$path1 = $this->normalizePath($path1);
-		$path2 = $this->normalizePath($path2);
-
-		if ($isFile === true || $this->is_file($path1)) {
-			try {
-				$this->getConnection()->copyObject([
-					'Bucket' => $this->bucket,
-					'Key' => $this->cleanKey($path2),
-					'CopySource' => S3Client::encodeKey($this->bucket . '/' . $path1)
-				]);
-				$this->testTimeout();
-			} catch (S3Exception $e) {
-				\OC::$server->getLogger()->logException($e, ['app' => 'files_external']);
-				return false;
-			}
-		} else {
-			$this->remove($path2);
-
-			try {
-				$this->mkdir($path2);
-				$this->testTimeout();
-			} catch (S3Exception $e) {
-				\OC::$server->getLogger()->logException($e, ['app' => 'files_external']);
-				return false;
-			}
-
-			foreach ($this->getDirectoryContent($path1) as $item) {
-				$source = $path1 . '/' . $item['name'];
-				$target = $path2 . '/' . $item['name'];
-				$this->copy($source, $target, $item['mimetype'] !== FileInfo::MIMETYPE_FOLDER);
-			}
-		}
-
-		$this->invalidateCache($path2);
-
-		return true;
-	}
-
-	public function rename($path1, $path2) {
-		$path1 = $this->normalizePath($path1);
-		$path2 = $this->normalizePath($path2);
-
-		if ($this->is_file($path1)) {
-			if ($this->copy($path1, $path2) === false) {
-				return false;
-			}
-
-			if ($this->unlink($path1) === false) {
-				$this->unlink($path2);
-				return false;
-			}
-		} else {
-			if ($this->copy($path1, $path2) === false) {
-				return false;
-			}
-
-			if ($this->rmdir($path1) === false) {
-				$this->rmdir($path2);
-				return false;
-			}
-		}
-
-		return true;
-	}
-
-	public function test() {
-		$this->getConnection()->headBucket([
-			'Bucket' => $this->bucket
-		]);
-		return true;
-	}
-
-	public function getId() {
-		return $this->id;
-	}
-
-	public function writeBack($tmpFile, $path) {
-		try {
-			$source = fopen($tmpFile, 'r');
-			$this->writeObject($path, $source, $this->mimeDetector->detectPath($path));
-			$this->invalidateCache($path);
-
-			unlink($tmpFile);
-			return true;
-		} catch (S3Exception $e) {
-			\OC::$server->getLogger()->logException($e, ['app' => 'files_external']);
-			return false;
-		}
-	}
-
-	/**
-	 * check if curl is installed
-	 */
-	public static function checkDependencies() {
-		return true;
-	}
-
-	public function getDirectoryContent($directory): \Traversable {
-		$path = $this->normalizePath($directory);
-
-		if ($this->isRoot($path)) {
-			$path = '';
-		} else {
-			$path .= '/';
-		}
-
-		$results = $this->getConnection()->getPaginator('ListObjectsV2', [
-			'Bucket' => $this->bucket,
-			'Delimiter' => '/',
-			'Prefix' => $path,
-		]);
-
-		foreach ($results as $result) {
-			// sub folders
-			if (is_array($result['CommonPrefixes'])) {
-				foreach ($result['CommonPrefixes'] as $prefix) {
-					$dir = $this->getDirectoryMetaData($prefix['Prefix']);
-					if ($dir) {
-						yield $dir;
-					}
-				}
-			}
-			if (is_array($result['Contents'])) {
-				foreach ($result['Contents'] as $object) {
-					$this->objectCache[$object['Key']] = $object;
-					if ($object['Key'] !== $path) {
-						yield $this->objectToMetaData($object);
-					}
-				}
-			}
-		}
-	}
-
-	private function objectToMetaData(array $object): array {
-		return [
-			'name' => basename($object['Key']),
-			'mimetype' => $this->mimeDetector->detectPath($object['Key']),
-			'mtime' => strtotime($object['LastModified']),
-			'storage_mtime' => strtotime($object['LastModified']),
-			'etag' => $object['ETag'],
-			'permissions' => Constants::PERMISSION_ALL - Constants::PERMISSION_CREATE,
-			'size' => (int)($object['Size'] ?? $object['ContentLength']),
-		];
-	}
-
-	private function getDirectoryMetaData(string $path): ?array {
-		$path = trim($path, '/');
-		// when versioning is enabled, delete markers are returned as part of CommonPrefixes
-		// resulting in "ghost" folders, verify that each folder actually exists
-		if ($this->versioningEnabled() && !$this->doesDirectoryExist($path)) {
-			return null;
-		}
-		$cacheEntry = $this->getCache()->get($path);
-		if ($cacheEntry instanceof CacheEntry) {
-			return $cacheEntry->getData();
-		} else {
-			return [
-				'name' => basename($path),
-				'mimetype' => FileInfo::MIMETYPE_FOLDER,
-				'mtime' => time(),
-				'storage_mtime' => time(),
-				'etag' => uniqid(),
-				'permissions' => Constants::PERMISSION_ALL,
-				'size' => -1,
-			];
-		}
-	}
-
-	public function versioningEnabled(): bool {
-		if ($this->versioningEnabled === null) {
-			$cached = $this->memCache->get('versioning-enabled::' . $this->getBucket());
-			if ($cached === null) {
-				$this->versioningEnabled = $this->getVersioningStatusFromBucket();
-				$this->memCache->set('versioning-enabled::' . $this->getBucket(), $this->versioningEnabled, 60);
-			} else {
-				$this->versioningEnabled = $cached;
-			}
-		}
-		return $this->versioningEnabled;
-	}
-
-	protected function getVersioningStatusFromBucket(): bool {
-		try {
-			$result = $this->getConnection()->getBucketVersioning(['Bucket' => $this->getBucket()]);
-			return $result->get('Status') === 'Enabled';
-		} catch (S3Exception $s3Exception) {
-			// This is needed for compatibility with Storj gateway which does not support versioning yet
-			if ($s3Exception->getAwsErrorCode() === 'NotImplemented') {
-				return false;
-			}
-			throw $s3Exception;
-		}
-	}
-
-	public function hasUpdated($path, $time) {
-		// for files we can get the proper mtime
-		if ($path !== '' && $object = $this->headObject($path)) {
-			$stat = $this->objectToMetaData($object);
-			return $stat['mtime'] > $time;
-		} else {
-			// for directories, the only real option we have is to do a prefix listing and iterate over all objects
-			// however, since this is just as expensive as just re-scanning the directory, we can simply return true
-			// and have the scanner figure out if anything has actually changed
-			return true;
-		}
-	}
+    use S3ConnectionTrait;
+    use S3ObjectTrait;
+
+    public function needsPartFile() {
+        return false;
+    }
+
+    /** @var CappedMemoryCache<array|false> */
+    private CappedMemoryCache $objectCache;
+
+    /** @var CappedMemoryCache<bool> */
+    private CappedMemoryCache $directoryCache;
+
+    /** @var CappedMemoryCache<array> */
+    private CappedMemoryCache $filesCache;
+
+    private IMimeTypeDetector $mimeDetector;
+    private ?bool $versioningEnabled = null;
+    private ICache $memCache;
+
+    public function __construct($parameters) {
+        parent::__construct($parameters);
+        $this->parseParams($parameters);
+        $this->id = 'amazon::external::' . md5($this->params['hostname'] . ':' . $this->params['bucket'] . ':' . $this->params['key']);
+        $this->objectCache = new CappedMemoryCache();
+        $this->directoryCache = new CappedMemoryCache();
+        $this->filesCache = new CappedMemoryCache();
+        $this->mimeDetector = Server::get(IMimeTypeDetector::class);
+        /** @var ICacheFactory $cacheFactory */
+        $cacheFactory = Server::get(ICacheFactory::class);
+        $this->memCache = $cacheFactory->createLocal('s3-external');
+    }
+
+    /**
+     * @param string $path
+     * @return string correctly encoded path
+     */
+    private function normalizePath($path) {
+        $path = trim($path, '/');
+
+        if (!$path) {
+            $path = '.';
+        }
+
+        return $path;
+    }
+
+    private function isRoot($path) {
+        return $path === '.';
+    }
+
+    private function cleanKey($path) {
+        if ($this->isRoot($path)) {
+            return '/';
+        }
+        return $path;
+    }
+
+    private function clearCache() {
+        $this->objectCache = new CappedMemoryCache();
+        $this->directoryCache = new CappedMemoryCache();
+        $this->filesCache = new CappedMemoryCache();
+    }
+
+    private function invalidateCache($key) {
+        unset($this->objectCache[$key]);
+        $keys = array_keys($this->objectCache->getData());
+        $keyLength = strlen($key);
+        foreach ($keys as $existingKey) {
+            if (substr($existingKey, 0, $keyLength) === $key) {
+                unset($this->objectCache[$existingKey]);
+            }
+        }
+        unset($this->filesCache[$key]);
+        $keys = array_keys($this->directoryCache->getData());
+        $keyLength = strlen($key);
+        foreach ($keys as $existingKey) {
+            if (substr($existingKey, 0, $keyLength) === $key) {
+                unset($this->directoryCache[$existingKey]);
+            }
+        }
+        unset($this->directoryCache[$key]);
+    }
+
+    /**
+     * @return array|false
+     */
+    private function headObject(string $key) {
+        if (!isset($this->objectCache[$key])) {
+            try {
+                $this->objectCache[$key] = $this->getConnection()->headObject([
+                    'Bucket' => $this->bucket,
+                    'Key' => $key
+                ])->toArray();
+            } catch (S3Exception $e) {
+                if ($e->getStatusCode() >= 500) {
+                    throw $e;
+                }
+                $this->objectCache[$key] = false;
+            }
+        }
+
+        if (is_array($this->objectCache[$key]) && !isset($this->objectCache[$key]["Key"])) {
+            /** @psalm-suppress InvalidArgument Psalm doesn't understand nested arrays well */
+            $this->objectCache[$key]["Key"] = $key;
+        }
+        return $this->objectCache[$key];
+    }
+
+    /**
+     * Return true if directory exists
+     *
+     * There are no folders in s3. A folder like structure could be archived
+     * by prefixing files with the folder name.
+     *
+     * Implementation from flysystem-aws-s3-v3:
+     * https://github.com/thephpleague/flysystem-aws-s3-v3/blob/8241e9cc5b28f981e0d24cdaf9867f14c7498ae4/src/AwsS3Adapter.php#L670-L694
+     *
+     * @param $path
+     * @return bool
+     * @throws \Exception
+     */
+    private function doesDirectoryExist($path) {
+        if ($path === '.' || $path === '') {
+            return true;
+        }
+        $path = rtrim($path, '/') . '/';
+
+        if (isset($this->directoryCache[$path])) {
+            return $this->directoryCache[$path];
+        }
+        try {
+            // Maybe this isn't an actual key, but a prefix.
+            // Do a prefix listing of objects to determine.
+            $result = $this->getConnection()->listObjectsV2([
+                'Bucket' => $this->bucket,
+                'Prefix' => $path,
+                'MaxKeys' => 1,
+            ]);
+
+            if (isset($result['Contents'])) {
+                $this->directoryCache[$path] = true;
+                return true;
+            }
+
+            // empty directories have their own object
+            $object = $this->headObject($path);
+
+            if ($object) {
+                $this->directoryCache[$path] = true;
+                return true;
+            }
+        } catch (S3Exception $e) {
+            if ($e->getStatusCode() >= 400 && $e->getStatusCode() < 500) {
+                $this->directoryCache[$path] = false;
+            }
+            throw $e;
+        }
+
+
+        $this->directoryCache[$path] = false;
+        return false;
+    }
+
+    /**
+     * Remove a file or folder
+     *
+     * @param string $path
+     * @return bool
+     */
+    protected function remove($path) {
+        // remember fileType to reduce http calls
+        $fileType = $this->filetype($path);
+        if ($fileType === 'dir') {
+            return $this->rmdir($path);
+        } elseif ($fileType === 'file') {
+            return $this->unlink($path);
+        } else {
+            return false;
+        }
+    }
+
+    public function mkdir($path) {
+        $path = $this->normalizePath($path);
+
+        if ($this->is_dir($path)) {
+            return false;
+        }
+
+        try {
+            $this->getConnection()->putObject([
+                'Bucket' => $this->bucket,
+                'Key' => $path . '/',
+                'Body' => '',
+                'ContentType' => FileInfo::MIMETYPE_FOLDER
+            ]);
+            $this->testTimeout();
+        } catch (S3Exception $e) {
+            \OC::$server->getLogger()->logException($e, ['app' => 'files_external']);
+            return false;
+        }
+
+        $this->invalidateCache($path);
+
+        return true;
+    }
+
+    public function file_exists($path) {
+        return $this->filetype($path) !== false;
+    }
+
+
+    public function rmdir($path) {
+        $path = $this->normalizePath($path);
+
+        if ($this->isRoot($path)) {
+            return $this->clearBucket();
+        }
+
+        if (!$this->file_exists($path)) {
+            return false;
+        }
+
+        $this->invalidateCache($path);
+        return $this->batchDelete($path);
+    }
+
+    protected function clearBucket() {
+        $this->clearCache();
+        try {
+            $this->getConnection()->clearBucket([
+                "Bucket" => $this->bucket
+            ]);
+            return true;
+            // clearBucket() is not working with Ceph, so if it fails we try the slower approach
+        } catch (\Exception $e) {
+            return $this->batchDelete();
+        }
+    }
+
+    private function batchDelete($path = null) {
+        $params = [
+            'Bucket' => $this->bucket
+        ];
+        if ($path !== null) {
+            $params['Prefix'] = $path . '/';
+        }
+        try {
+            $connection = $this->getConnection();
+            // Since there are no real directories on S3, we need
+            // to delete all objects prefixed with the path.
+            do {
+                // instead of the iterator, manually loop over the list ...
+                $objects = $connection->listObjects($params);
+                // ... so we can delete the files in batches
+                if (isset($objects['Contents'])) {
+                    $connection->deleteObjects([
+                        'Bucket' => $this->bucket,
+                        'Delete' => [
+                            'Objects' => $objects['Contents']
+                        ]
+                    ]);
+                    $this->testTimeout();
+                }
+                // we reached the end when the list is no longer truncated
+            } while ($objects['IsTruncated']);
+            if ($path !== '' && $path !== null) {
+                $this->deleteObject($path);
+            }
+        } catch (S3Exception $e) {
+            \OC::$server->getLogger()->logException($e, ['app' => 'files_external']);
+            return false;
+        }
+        return true;
+    }
+
+    public function opendir($path) {
+        try {
+            $content = iterator_to_array($this->getDirectoryContent($path));
+            return IteratorDirectory::wrap(array_map(function (array $item) {
+                return $item['name'];
+            }, $content));
+        } catch (S3Exception $e) {
+            return false;
+        }
+    }
+
+    public function stat($path) {
+        $path = $this->normalizePath($path);
+
+        if ($this->is_dir($path)) {
+            $stat = $this->getDirectoryMetaData($path);
+        } else {
+            $object = $this->headObject($path);
+            if ($object === false) {
+                return false;
+            }
+            $stat = $this->objectToMetaData($object);
+        }
+        $stat['atime'] = time();
+
+        return $stat;
+    }
+
+    /**
+     * Return content length for object
+     *
+     * When the information is already present (e.g. opendir has been called before)
+     * this value is return. Otherwise a headObject is emitted.
+     *
+     * @param $path
+     * @return int|mixed
+     */
+    private function getContentLength($path) {
+        if (isset($this->filesCache[$path])) {
+            return (int)$this->filesCache[$path]['ContentLength'];
+        }
+
+        $result = $this->headObject($path);
+        if (isset($result['ContentLength'])) {
+            return (int)$result['ContentLength'];
+        }
+
+        return 0;
+    }
+
+    /**
+     * Return last modified for object
+     *
+     * When the information is already present (e.g. opendir has been called before)
+     * this value is return. Otherwise a headObject is emitted.
+     *
+     * @param $path
+     * @return mixed|string
+     */
+    private function getLastModified($path) {
+        if (isset($this->filesCache[$path])) {
+            return $this->filesCache[$path]['LastModified'];
+        }
+
+        $result = $this->headObject($path);
+        if (isset($result['LastModified'])) {
+            return $result['LastModified'];
+        }
+
+        return 'now';
+    }
+
+    public function is_dir($path) {
+        $path = $this->normalizePath($path);
+
+        if (isset($this->filesCache[$path])) {
+            return false;
+        }
+
+        try {
+            return $this->doesDirectoryExist($path);
+        } catch (S3Exception $e) {
+            \OC::$server->getLogger()->logException($e, ['app' => 'files_external']);
+            return false;
+        }
+    }
+
+    public function filetype($path) {
+        $path = $this->normalizePath($path);
+
+        if ($this->isRoot($path)) {
+            return 'dir';
+        }
+
+        try {
+            if (isset($this->directoryCache[$path]) && $this->directoryCache[$path]) {
+                return 'dir';
+            }
+            if (isset($this->filesCache[$path]) || $this->headObject($path)) {
+                return 'file';
+            }
+            if ($this->doesDirectoryExist($path)) {
+                return 'dir';
+            }
+        } catch (S3Exception $e) {
+            \OC::$server->getLogger()->logException($e, ['app' => 'files_external']);
+            return false;
+        }
+
+        return false;
+    }
+
+    public function getPermissions($path) {
+        $type = $this->filetype($path);
+        if (!$type) {
+            return 0;
+        }
+        return $type === 'dir' ? Constants::PERMISSION_ALL : Constants::PERMISSION_ALL - Constants::PERMISSION_CREATE;
+    }
+
+    public function unlink($path) {
+        $path = $this->normalizePath($path);
+
+        if ($this->is_dir($path)) {
+            return $this->rmdir($path);
+        }
+
+        try {
+            $this->deleteObject($path);
+            $this->invalidateCache($path);
+        } catch (S3Exception $e) {
+            \OC::$server->getLogger()->logException($e, ['app' => 'files_external']);
+            return false;
+        }
+
+        return true;
+    }
+
+    public function fopen($path, $mode) {
+        $path = $this->normalizePath($path);
+
+        switch ($mode) {
+            case 'r':
+            case 'rb':
+                // Don't try to fetch empty files
+                $stat = $this->stat($path);
+                if (is_array($stat) && isset($stat['size']) && $stat['size'] === 0) {
+                    return fopen('php://memory', $mode);
+                }
+
+                try {
+                    return $this->readObject($path);
+                } catch (S3Exception $e) {
+                    \OC::$server->getLogger()->logException($e, ['app' => 'files_external']);
+                    return false;
+                }
+            case 'w':
+            case 'wb':
+                $tmpFile = \OC::$server->getTempManager()->getTemporaryFile();
+
+                $handle = fopen($tmpFile, 'w');
+                return CallbackWrapper::wrap($handle, null, null, function () use ($path, $tmpFile) {
+                    $this->writeBack($tmpFile, $path);
+                });
+            case 'a':
+            case 'ab':
+            case 'r+':
+            case 'w+':
+            case 'wb+':
+            case 'a+':
+            case 'x':
+            case 'x+':
+            case 'c':
+            case 'c+':
+                if (strrpos($path, '.') !== false) {
+                    $ext = substr($path, strrpos($path, '.'));
+                } else {
+                    $ext = '';
+                }
+                $tmpFile = \OC::$server->getTempManager()->getTemporaryFile($ext);
+                if ($this->file_exists($path)) {
+                    $source = $this->readObject($path);
+                    file_put_contents($tmpFile, $source);
+                }
+
+                $handle = fopen($tmpFile, $mode);
+                return CallbackWrapper::wrap($handle, null, null, function () use ($path, $tmpFile) {
+                    $this->writeBack($tmpFile, $path);
+                });
+        }
+        return false;
+    }
+
+    public function touch($path, $mtime = null) {
+        if (is_null($mtime)) {
+            $mtime = time();
+        }
+        $metadata = [
+            'lastmodified' => gmdate(\DateTime::RFC1123, $mtime)
+        ];
+
+        try {
+            if (!$this->file_exists($path)) {
+                $mimeType = $this->mimeDetector->detectPath($path);
+                $this->getConnection()->putObject([
+                    'Bucket' => $this->bucket,
+                    'Key' => $this->cleanKey($path),
+                    'Metadata' => $metadata,
+                    'Body' => '',
+                    'ContentType' => $mimeType,
+                    'MetadataDirective' => 'REPLACE',
+                ]);
+                $this->testTimeout();
+            }
+        } catch (S3Exception $e) {
+            \OC::$server->getLogger()->logException($e, ['app' => 'files_external']);
+            return false;
+        }
+
+        $this->invalidateCache($path);
+        return true;
+    }
+
+    public function copy($path1, $path2, $isFile = null) {
+        $path1 = $this->normalizePath($path1);
+        $path2 = $this->normalizePath($path2);
+
+        if ($isFile === true || $this->is_file($path1)) {
+            try {
+                $this->getConnection()->copyObject([
+                    'Bucket' => $this->bucket,
+                    'Key' => $this->cleanKey($path2),
+                    'CopySource' => S3Client::encodeKey($this->bucket . '/' . $path1)
+                ]);
+                $this->testTimeout();
+            } catch (S3Exception $e) {
+                \OC::$server->getLogger()->logException($e, ['app' => 'files_external']);
+                return false;
+            }
+        } else {
+            $this->remove($path2);
+
+            try {
+                $this->mkdir($path2);
+                $this->testTimeout();
+            } catch (S3Exception $e) {
+                \OC::$server->getLogger()->logException($e, ['app' => 'files_external']);
+                return false;
+            }
+
+            foreach ($this->getDirectoryContent($path1) as $item) {
+                $source = $path1 . '/' . $item['name'];
+                $target = $path2 . '/' . $item['name'];
+                $this->copy($source, $target, $item['mimetype'] !== FileInfo::MIMETYPE_FOLDER);
+            }
+        }
+
+        $this->invalidateCache($path2);
+
+        return true;
+    }
+
+    public function rename($path1, $path2) {
+        $path1 = $this->normalizePath($path1);
+        $path2 = $this->normalizePath($path2);
+
+        if ($this->is_file($path1)) {
+            if ($this->copy($path1, $path2) === false) {
+                return false;
+            }
+
+            if ($this->unlink($path1) === false) {
+                $this->unlink($path2);
+                return false;
+            }
+        } else {
+            if ($this->copy($path1, $path2) === false) {
+                return false;
+            }
+
+            if ($this->rmdir($path1) === false) {
+                $this->rmdir($path2);
+                return false;
+            }
+        }
+
+        return true;
+    }
+
+    public function test() {
+        $this->getConnection()->headBucket([
+            'Bucket' => $this->bucket
+        ]);
+        return true;
+    }
+
+    public function getId() {
+        return $this->id;
+    }
+
+    public function writeBack($tmpFile, $path) {
+        try {
+            $source = fopen($tmpFile, 'r');
+            $this->writeObject($path, $source, $this->mimeDetector->detectPath($path));
+            $this->invalidateCache($path);
+
+            unlink($tmpFile);
+            return true;
+        } catch (S3Exception $e) {
+            \OC::$server->getLogger()->logException($e, ['app' => 'files_external']);
+            return false;
+        }
+    }
+
+    /**
+     * check if curl is installed
+     */
+    public static function checkDependencies() {
+        return true;
+    }
+
+    public function getDirectoryContent($directory): \Traversable {
+        $path = $this->normalizePath($directory);
+
+        if ($this->isRoot($path)) {
+            $path = '';
+        } else {
+            $path .= '/';
+        }
+
+        $results = $this->getConnection()->getPaginator('ListObjectsV2', [
+            'Bucket' => $this->bucket,
+            'Delimiter' => '/',
+            'Prefix' => $path,
+        ]);
+
+        foreach ($results as $result) {
+            // sub folders
+            if (is_array($result['CommonPrefixes'])) {
+                foreach ($result['CommonPrefixes'] as $prefix) {
+                    $dir = $this->getDirectoryMetaData($prefix['Prefix']);
+                    if ($dir) {
+                        yield $dir;
+                    }
+                }
+            }
+            if (is_array($result['Contents'])) {
+                foreach ($result['Contents'] as $object) {
+                    $this->objectCache[$object['Key']] = $object;
+                    if ($object['Key'] !== $path) {
+                        yield $this->objectToMetaData($object);
+                    }
+                }
+            }
+        }
+    }
+
+    private function objectToMetaData(array $object): array {
+        return [
+            'name' => basename($object['Key']),
+            'mimetype' => $this->mimeDetector->detectPath($object['Key']),
+            'mtime' => strtotime($object['LastModified']),
+            'storage_mtime' => strtotime($object['LastModified']),
+            'etag' => $object['ETag'],
+            'permissions' => Constants::PERMISSION_ALL - Constants::PERMISSION_CREATE,
+            'size' => (int)($object['Size'] ?? $object['ContentLength']),
+        ];
+    }
+
+    private function getDirectoryMetaData(string $path): ?array {
+        $path = trim($path, '/');
+        // when versioning is enabled, delete markers are returned as part of CommonPrefixes
+        // resulting in "ghost" folders, verify that each folder actually exists
+        if ($this->versioningEnabled() && !$this->doesDirectoryExist($path)) {
+            return null;
+        }
+        $cacheEntry = $this->getCache()->get($path);
+        if ($cacheEntry instanceof CacheEntry) {
+            return $cacheEntry->getData();
+        } else {
+            return [
+                'name' => basename($path),
+                'mimetype' => FileInfo::MIMETYPE_FOLDER,
+                'mtime' => time(),
+                'storage_mtime' => time(),
+                'etag' => uniqid(),
+                'permissions' => Constants::PERMISSION_ALL,
+                'size' => -1,
+            ];
+        }
+    }
+
+    public function versioningEnabled(): bool {
+        if ($this->versioningEnabled === null) {
+            $cached = $this->memCache->get('versioning-enabled::' . $this->getBucket());
+            if ($cached === null) {
+                $this->versioningEnabled = $this->getVersioningStatusFromBucket();
+                $this->memCache->set('versioning-enabled::' . $this->getBucket(), $this->versioningEnabled, 60);
+            } else {
+                $this->versioningEnabled = $cached;
+            }
+        }
+        return $this->versioningEnabled;
+    }
+
+    protected function getVersioningStatusFromBucket(): bool {
+        try {
+            $result = $this->getConnection()->getBucketVersioning(['Bucket' => $this->getBucket()]);
+            return $result->get('Status') === 'Enabled';
+        } catch (S3Exception $s3Exception) {
+            // This is needed for compatibility with Storj gateway which does not support versioning yet
+            if ($s3Exception->getAwsErrorCode() === 'NotImplemented') {
+                return false;
+            }
+            throw $s3Exception;
+        }
+    }
+
+    public function hasUpdated($path, $time) {
+        // for files we can get the proper mtime
+        if ($path !== '' && $object = $this->headObject($path)) {
+            $stat = $this->objectToMetaData($object);
+            return $stat['mtime'] > $time;
+        } else {
+            // for directories, the only real option we have is to do a prefix listing and iterate over all objects
+            // however, since this is just as expensive as just re-scanning the directory, we can simply return true
+            // and have the scanner figure out if anything has actually changed
+            return true;
+        }
+    }
 }

Please login to merge, or discard this patch.

apps/files_external/lib/Lib/Storage/SMB.php 1 patch

Indentation +679 added lines, -679 removed lines patch added patch discarded remove patch

@@ -69,683 +69,683 @@
 block discarded – undo
 use OCP\ILogger;
 
 class SMB extends Common implements INotifyStorage {
-	/**
-	 * @var \Icewind\SMB\IServer
-	 */
-	protected $server;
-
-	/**
-	 * @var \Icewind\SMB\IShare
-	 */
-	protected $share;
-
-	/**
-	 * @var string
-	 */
-	protected $root;
-
-	/** @var CappedMemoryCache<IFileInfo> */
-	protected CappedMemoryCache $statCache;
-
-	/** @var ILogger */
-	protected $logger;
-
-	/** @var bool */
-	protected $showHidden;
-
-	/** @var bool */
-	protected $checkAcl;
-
-	public function __construct($params) {
-		if (!isset($params['host'])) {
-			throw new \Exception('Invalid configuration, no host provided');
-		}
-
-		if (isset($params['auth'])) {
-			$auth = $params['auth'];
-		} elseif (isset($params['user']) && isset($params['password']) && isset($params['share'])) {
-			[$workgroup, $user] = $this->splitUser($params['user']);
-			$auth = new BasicAuth($user, $workgroup, $params['password']);
-		} else {
-			throw new \Exception('Invalid configuration, no credentials provided');
-		}
-
-		if (isset($params['logger'])) {
-			$this->logger = $params['logger'];
-		} else {
-			$this->logger = \OC::$server->getLogger();
-		}
-
-		$options = new Options();
-		if (isset($params['timeout'])) {
-			$timeout = (int)$params['timeout'];
-			if ($timeout > 0) {
-				$options->setTimeout($timeout);
-			}
-		}
-		$serverFactory = new ServerFactory($options);
-		$this->server = $serverFactory->createServer($params['host'], $auth);
-		$this->share = $this->server->getShare(trim($params['share'], '/'));
-
-		$this->root = $params['root'] ?? '/';
-		$this->root = '/' . ltrim($this->root, '/');
-		$this->root = rtrim($this->root, '/') . '/';
-
-		$this->showHidden = isset($params['show_hidden']) && $params['show_hidden'];
-		$this->checkAcl = isset($params['check_acl']) && $params['check_acl'];
-
-		$this->statCache = new CappedMemoryCache();
-		parent::__construct($params);
-	}
-
-	private function splitUser($user) {
-		if (strpos($user, '/')) {
-			return explode('/', $user, 2);
-		} elseif (strpos($user, '\\')) {
-			return explode('\\', $user);
-		} else {
-			return [null, $user];
-		}
-	}
-
-	/**
-	 * @return string
-	 */
-	public function getId() {
-		// FIXME: double slash to keep compatible with the old storage ids,
-		// failure to do so will lead to creation of a new storage id and
-		// loss of shares from the storage
-		return 'smb::' . $this->server->getAuth()->getUsername() . '@' . $this->server->getHost() . '//' . $this->share->getName() . '/' . $this->root;
-	}
-
-	/**
-	 * @param string $path
-	 * @return string
-	 */
-	protected function buildPath($path) {
-		return Filesystem::normalizePath($this->root . '/' . $path, true, false, true);
-	}
-
-	protected function relativePath($fullPath) {
-		if ($fullPath === $this->root) {
-			return '';
-		} elseif (substr($fullPath, 0, strlen($this->root)) === $this->root) {
-			return substr($fullPath, strlen($this->root));
-		} else {
-			return null;
-		}
-	}
-
-	/**
-	 * @param string $path
-	 * @return IFileInfo
-	 * @throws StorageAuthException
-	 */
-	protected function getFileInfo($path) {
-		try {
-			$path = $this->buildPath($path);
-			$cached = $this->statCache[$path] ?? null;
-			if ($cached instanceof IFileInfo) {
-				return $cached;
-			} else {
-				$stat = $this->share->stat($path);
-				$this->statCache[$path] = $stat;
-				return $stat;
-			}
-		} catch (ConnectException $e) {
-			$this->throwUnavailable($e);
-		} catch (ForbiddenException $e) {
-			// with php-smbclient, this exception is thrown when the provided password is invalid.
-			// Possible is also ForbiddenException with a different error code, so we check it.
-			if ($e->getCode() === 1) {
-				$this->throwUnavailable($e);
-			}
-			throw $e;
-		}
-	}
-
-	/**
-	 * @param \Exception $e
-	 * @return never
-	 * @throws StorageAuthException
-	 */
-	protected function throwUnavailable(\Exception $e) {
-		$this->logger->logException($e, ['message' => 'Error while getting file info']);
-		throw new StorageAuthException($e->getMessage(), $e);
-	}
-
-	/**
-	 * get the acl from fileinfo that is relevant for the configured user
-	 *
-	 * @param IFileInfo $file
-	 * @return ACL|null
-	 */
-	private function getACL(IFileInfo $file): ?ACL {
-		$acls = $file->getAcls();
-		foreach ($acls as $user => $acl) {
-			[, $user] = $this->splitUser($user); // strip domain
-			if ($user === $this->server->getAuth()->getUsername()) {
-				return $acl;
-			}
-		}
-
-		return null;
-	}
-
-	/**
-	 * @param string $path
-	 * @return \Generator<IFileInfo>
-	 * @throws StorageNotAvailableException
-	 */
-	protected function getFolderContents($path): iterable {
-		try {
-			$path = ltrim($this->buildPath($path), '/');
-			try {
-				$files = $this->share->dir($path);
-			} catch (ForbiddenException $e) {
-				$this->logger->critical($e->getMessage(), ['exception' => $e]);
-				throw new NotPermittedException();
-			} catch (InvalidTypeException $e) {
-				return;
-			}
-			foreach ($files as $file) {
-				$this->statCache[$path . '/' . $file->getName()] = $file;
-			}
-
-			foreach ($files as $file) {
-				try {
-					// the isHidden check is done before checking the config boolean to ensure that the metadata is always fetch
-					// so we trigger the below exceptions where applicable
-					$hide = $file->isHidden() && !$this->showHidden;
-
-					if ($this->checkAcl && $acl = $this->getACL($file)) {
-						// if there is no explicit deny, we assume it's allowed
-						// this doesn't take inheritance fully into account but if read permissions is denied for a parent we wouldn't be in this folder
-						// additionally, it's better to have false negatives here then false positives
-						if ($acl->denies(ACL::MASK_READ) || $acl->denies(ACL::MASK_EXECUTE)) {
-							$this->logger->debug('Hiding non readable entry ' . $file->getName());
-							continue;
-						}
-					}
-
-					if ($hide) {
-						$this->logger->debug('hiding hidden file ' . $file->getName());
-					}
-					if (!$hide) {
-						yield $file;
-					}
-				} catch (ForbiddenException $e) {
-					$this->logger->logException($e, ['level' => ILogger::DEBUG, 'message' => 'Hiding forbidden entry ' . $file->getName()]);
-				} catch (NotFoundException $e) {
-					$this->logger->logException($e, ['level' => ILogger::DEBUG, 'message' => 'Hiding not found entry ' . $file->getName()]);
-				}
-			}
-		} catch (ConnectException $e) {
-			$this->logger->logException($e, ['message' => 'Error while getting folder content']);
-			throw new StorageNotAvailableException($e->getMessage(), $e->getCode(), $e);
-		}
-	}
-
-	/**
-	 * @param IFileInfo $info
-	 * @return array
-	 */
-	protected function formatInfo($info) {
-		$result = [
-			'size' => $info->getSize(),
-			'mtime' => $info->getMTime(),
-		];
-		if ($info->isDirectory()) {
-			$result['type'] = 'dir';
-		} else {
-			$result['type'] = 'file';
-		}
-		return $result;
-	}
-
-	/**
-	 * Rename the files. If the source or the target is the root, the rename won't happen.
-	 *
-	 * @param string $source the old name of the path
-	 * @param string $target the new name of the path
-	 * @return bool true if the rename is successful, false otherwise
-	 */
-	public function rename($source, $target, $retry = true) {
-		if ($this->isRootDir($source) || $this->isRootDir($target)) {
-			return false;
-		}
-
-		$absoluteSource = $this->buildPath($source);
-		$absoluteTarget = $this->buildPath($target);
-		try {
-			$result = $this->share->rename($absoluteSource, $absoluteTarget);
-		} catch (AlreadyExistsException $e) {
-			if ($retry) {
-				$this->remove($target);
-				$result = $this->share->rename($absoluteSource, $absoluteTarget, false);
-			} else {
-				$this->logger->logException($e, ['level' => ILogger::WARN]);
-				return false;
-			}
-		} catch (InvalidArgumentException $e) {
-			if ($retry) {
-				$this->remove($target);
-				$result = $this->share->rename($absoluteSource, $absoluteTarget, false);
-			} else {
-				$this->logger->logException($e, ['level' => ILogger::WARN]);
-				return false;
-			}
-		} catch (\Exception $e) {
-			$this->logger->logException($e, ['level' => ILogger::WARN]);
-			return false;
-		}
-		unset($this->statCache[$absoluteSource], $this->statCache[$absoluteTarget]);
-		return $result;
-	}
-
-	public function stat($path, $retry = true) {
-		try {
-			$result = $this->formatInfo($this->getFileInfo($path));
-		} catch (ForbiddenException $e) {
-			return false;
-		} catch (NotFoundException $e) {
-			return false;
-		} catch (TimedOutException $e) {
-			if ($retry) {
-				return $this->stat($path, false);
-			} else {
-				throw $e;
-			}
-		}
-		if ($this->remoteIsShare() && $this->isRootDir($path)) {
-			$result['mtime'] = $this->shareMTime();
-		}
-		return $result;
-	}
-
-	/**
-	 * get the best guess for the modification time of the share
-	 *
-	 * @return int
-	 */
-	private function shareMTime() {
-		$highestMTime = 0;
-		$files = $this->share->dir($this->root);
-		foreach ($files as $fileInfo) {
-			try {
-				if ($fileInfo->getMTime() > $highestMTime) {
-					$highestMTime = $fileInfo->getMTime();
-				}
-			} catch (NotFoundException $e) {
-				// Ignore this, can happen on unavailable DFS shares
-			} catch (ForbiddenException $e) {
-				// Ignore this too - it's a symlink
-			}
-		}
-		return $highestMTime;
-	}
-
-	/**
-	 * Check if the path is our root dir (not the smb one)
-	 *
-	 * @param string $path the path
-	 * @return bool
-	 */
-	private function isRootDir($path) {
-		return $path === '' || $path === '/' || $path === '.';
-	}
-
-	/**
-	 * Check if our root points to a smb share
-	 *
-	 * @return bool true if our root points to a share false otherwise
-	 */
-	private function remoteIsShare() {
-		return $this->share->getName() && (!$this->root || $this->root === '/');
-	}
-
-	/**
-	 * @param string $path
-	 * @return bool
-	 */
-	public function unlink($path) {
-		if ($this->isRootDir($path)) {
-			return false;
-		}
-
-		try {
-			if ($this->is_dir($path)) {
-				return $this->rmdir($path);
-			} else {
-				$path = $this->buildPath($path);
-				unset($this->statCache[$path]);
-				$this->share->del($path);
-				return true;
-			}
-		} catch (NotFoundException $e) {
-			return false;
-		} catch (ForbiddenException $e) {
-			return false;
-		} catch (ConnectException $e) {
-			$this->logger->logException($e, ['message' => 'Error while deleting file']);
-			throw new StorageNotAvailableException($e->getMessage(), $e->getCode(), $e);
-		}
-	}
-
-	/**
-	 * check if a file or folder has been updated since $time
-	 *
-	 * @param string $path
-	 * @param int $time
-	 * @return bool
-	 */
-	public function hasUpdated($path, $time) {
-		if (!$path and $this->root === '/') {
-			// mtime doesn't work for shares, but giving the nature of the backend,
-			// doing a full update is still just fast enough
-			return true;
-		} else {
-			$actualTime = $this->filemtime($path);
-			return $actualTime > $time;
-		}
-	}
-
-	/**
-	 * @param string $path
-	 * @param string $mode
-	 * @return resource|bool
-	 */
-	public function fopen($path, $mode) {
-		$fullPath = $this->buildPath($path);
-		try {
-			switch ($mode) {
-				case 'r':
-				case 'rb':
-					if (!$this->file_exists($path)) {
-						return false;
-					}
-					return $this->share->read($fullPath);
-				case 'w':
-				case 'wb':
-					$source = $this->share->write($fullPath);
-					return CallBackWrapper::wrap($source, null, null, function () use ($fullPath) {
-						unset($this->statCache[$fullPath]);
-					});
-				case 'a':
-				case 'ab':
-				case 'r+':
-				case 'w+':
-				case 'wb+':
-				case 'a+':
-				case 'x':
-				case 'x+':
-				case 'c':
-				case 'c+':
-					//emulate these
-					if (strrpos($path, '.') !== false) {
-						$ext = substr($path, strrpos($path, '.'));
-					} else {
-						$ext = '';
-					}
-					if ($this->file_exists($path)) {
-						if (!$this->isUpdatable($path)) {
-							return false;
-						}
-						$tmpFile = $this->getCachedFile($path);
-					} else {
-						if (!$this->isCreatable(dirname($path))) {
-							return false;
-						}
-						$tmpFile = \OC::$server->getTempManager()->getTemporaryFile($ext);
-					}
-					$source = fopen($tmpFile, $mode);
-					$share = $this->share;
-					return CallbackWrapper::wrap($source, null, null, function () use ($tmpFile, $fullPath, $share) {
-						unset($this->statCache[$fullPath]);
-						$share->put($tmpFile, $fullPath);
-						unlink($tmpFile);
-					});
-			}
-			return false;
-		} catch (NotFoundException $e) {
-			return false;
-		} catch (ForbiddenException $e) {
-			return false;
-		} catch (OutOfSpaceException $e) {
-			throw new EntityTooLargeException("not enough available space to create file", 0, $e);
-		} catch (ConnectException $e) {
-			$this->logger->logException($e, ['message' => 'Error while opening file']);
-			throw new StorageNotAvailableException($e->getMessage(), $e->getCode(), $e);
-		}
-	}
-
-	public function rmdir($path) {
-		if ($this->isRootDir($path)) {
-			return false;
-		}
-
-		try {
-			$this->statCache = new CappedMemoryCache();
-			$content = $this->share->dir($this->buildPath($path));
-			foreach ($content as $file) {
-				if ($file->isDirectory()) {
-					$this->rmdir($path . '/' . $file->getName());
-				} else {
-					$this->share->del($file->getPath());
-				}
-			}
-			$this->share->rmdir($this->buildPath($path));
-			return true;
-		} catch (NotFoundException $e) {
-			return false;
-		} catch (ForbiddenException $e) {
-			return false;
-		} catch (ConnectException $e) {
-			$this->logger->logException($e, ['message' => 'Error while removing folder']);
-			throw new StorageNotAvailableException($e->getMessage(), $e->getCode(), $e);
-		}
-	}
-
-	public function touch($path, $mtime = null) {
-		try {
-			if (!$this->file_exists($path)) {
-				$fh = $this->share->write($this->buildPath($path));
-				fclose($fh);
-				return true;
-			}
-			return false;
-		} catch (OutOfSpaceException $e) {
-			throw new EntityTooLargeException("not enough available space to create file", 0, $e);
-		} catch (ConnectException $e) {
-			$this->logger->logException($e, ['message' => 'Error while creating file']);
-			throw new StorageNotAvailableException($e->getMessage(), $e->getCode(), $e);
-		}
-	}
-
-	public function getMetaData($path) {
-		try {
-			$fileInfo = $this->getFileInfo($path);
-		} catch (NotFoundException $e) {
-			return null;
-		} catch (ForbiddenException $e) {
-			return null;
-		}
-		if (!$fileInfo) {
-			return null;
-		}
-
-		return $this->getMetaDataFromFileInfo($fileInfo);
-	}
-
-	private function getMetaDataFromFileInfo(IFileInfo $fileInfo) {
-		$permissions = Constants::PERMISSION_READ + Constants::PERMISSION_SHARE;
-
-		if (
-			!$fileInfo->isReadOnly() || $fileInfo->isDirectory()
-		) {
-			$permissions += Constants::PERMISSION_DELETE;
-			$permissions += Constants::PERMISSION_UPDATE;
-			if ($fileInfo->isDirectory()) {
-				$permissions += Constants::PERMISSION_CREATE;
-			}
-		}
-
-		$data = [];
-		if ($fileInfo->isDirectory()) {
-			$data['mimetype'] = 'httpd/unix-directory';
-		} else {
-			$data['mimetype'] = \OC::$server->getMimeTypeDetector()->detectPath($fileInfo->getPath());
-		}
-		$data['mtime'] = $fileInfo->getMTime();
-		if ($fileInfo->isDirectory()) {
-			$data['size'] = -1; //unknown
-		} else {
-			$data['size'] = $fileInfo->getSize();
-		}
-		$data['etag'] = $this->getETag($fileInfo->getPath());
-		$data['storage_mtime'] = $data['mtime'];
-		$data['permissions'] = $permissions;
-		$data['name'] = $fileInfo->getName();
-
-		return $data;
-	}
-
-	public function opendir($path) {
-		try {
-			$files = $this->getFolderContents($path);
-		} catch (NotFoundException $e) {
-			return false;
-		} catch (NotPermittedException $e) {
-			return false;
-		}
-		$names = array_map(function ($info) {
-			/** @var IFileInfo $info */
-			return $info->getName();
-		}, iterator_to_array($files));
-		return IteratorDirectory::wrap($names);
-	}
-
-	public function getDirectoryContent($directory): \Traversable {
-		try {
-			$files = $this->getFolderContents($directory);
-			foreach ($files as $file) {
-				yield $this->getMetaDataFromFileInfo($file);
-			}
-		} catch (NotFoundException $e) {
-			return;
-		} catch (NotPermittedException $e) {
-			return;
-		}
-	}
-
-	public function filetype($path) {
-		try {
-			return $this->getFileInfo($path)->isDirectory() ? 'dir' : 'file';
-		} catch (NotFoundException $e) {
-			return false;
-		} catch (ForbiddenException $e) {
-			return false;
-		}
-	}
-
-	public function mkdir($path) {
-		$path = $this->buildPath($path);
-		try {
-			$this->share->mkdir($path);
-			return true;
-		} catch (ConnectException $e) {
-			$this->logger->logException($e, ['message' => 'Error while creating folder']);
-			throw new StorageNotAvailableException($e->getMessage(), $e->getCode(), $e);
-		} catch (Exception $e) {
-			return false;
-		}
-	}
-
-	public function file_exists($path) {
-		try {
-			$this->getFileInfo($path);
-			return true;
-		} catch (NotFoundException $e) {
-			return false;
-		} catch (ForbiddenException $e) {
-			return false;
-		} catch (ConnectException $e) {
-			throw new StorageNotAvailableException($e->getMessage(), $e->getCode(), $e);
-		}
-	}
-
-	public function isReadable($path) {
-		try {
-			$info = $this->getFileInfo($path);
-			return $this->showHidden || !$info->isHidden();
-		} catch (NotFoundException $e) {
-			return false;
-		} catch (ForbiddenException $e) {
-			return false;
-		}
-	}
-
-	public function isUpdatable($path) {
-		try {
-			$info = $this->getFileInfo($path);
-			// following windows behaviour for read-only folders: they can be written into
-			// (https://support.microsoft.com/en-us/kb/326549 - "cause" section)
-			return ($this->showHidden || !$info->isHidden()) && (!$info->isReadOnly() || $info->isDirectory());
-		} catch (NotFoundException $e) {
-			return false;
-		} catch (ForbiddenException $e) {
-			return false;
-		}
-	}
-
-	public function isDeletable($path) {
-		try {
-			$info = $this->getFileInfo($path);
-			return ($this->showHidden || !$info->isHidden()) && !$info->isReadOnly();
-		} catch (NotFoundException $e) {
-			return false;
-		} catch (ForbiddenException $e) {
-			return false;
-		}
-	}
-
-	/**
-	 * check if smbclient is installed
-	 */
-	public static function checkDependencies() {
-		return (
-			(bool)\OC_Helper::findBinaryPath('smbclient')
-			|| NativeServer::available(new System())
-		) ? true : ['smbclient'];
-	}
-
-	/**
-	 * Test a storage for availability
-	 *
-	 * @return bool
-	 */
-	public function test() {
-		try {
-			return parent::test();
-		} catch (Exception $e) {
-			$this->logger->logException($e);
-			return false;
-		}
-	}
-
-	public function listen($path, callable $callback) {
-		$this->notify($path)->listen(function (IChange $change) use ($callback) {
-			if ($change instanceof IRenameChange) {
-				return $callback($change->getType(), $change->getPath(), $change->getTargetPath());
-			} else {
-				return $callback($change->getType(), $change->getPath());
-			}
-		});
-	}
-
-	public function notify($path) {
-		$path = '/' . ltrim($path, '/');
-		$shareNotifyHandler = $this->share->notify($this->buildPath($path));
-		return new SMBNotifyHandler($shareNotifyHandler, $this->root);
-	}
+    /**
+     * @var \Icewind\SMB\IServer
+     */
+    protected $server;
+
+    /**
+     * @var \Icewind\SMB\IShare
+     */
+    protected $share;
+
+    /**
+     * @var string
+     */
+    protected $root;
+
+    /** @var CappedMemoryCache<IFileInfo> */
+    protected CappedMemoryCache $statCache;
+
+    /** @var ILogger */
+    protected $logger;
+
+    /** @var bool */
+    protected $showHidden;
+
+    /** @var bool */
+    protected $checkAcl;
+
+    public function __construct($params) {
+        if (!isset($params['host'])) {
+            throw new \Exception('Invalid configuration, no host provided');
+        }
+
+        if (isset($params['auth'])) {
+            $auth = $params['auth'];
+        } elseif (isset($params['user']) && isset($params['password']) && isset($params['share'])) {
+            [$workgroup, $user] = $this->splitUser($params['user']);
+            $auth = new BasicAuth($user, $workgroup, $params['password']);
+        } else {
+            throw new \Exception('Invalid configuration, no credentials provided');
+        }
+
+        if (isset($params['logger'])) {
+            $this->logger = $params['logger'];
+        } else {
+            $this->logger = \OC::$server->getLogger();
+        }
+
+        $options = new Options();
+        if (isset($params['timeout'])) {
+            $timeout = (int)$params['timeout'];
+            if ($timeout > 0) {
+                $options->setTimeout($timeout);
+            }
+        }
+        $serverFactory = new ServerFactory($options);
+        $this->server = $serverFactory->createServer($params['host'], $auth);
+        $this->share = $this->server->getShare(trim($params['share'], '/'));
+
+        $this->root = $params['root'] ?? '/';
+        $this->root = '/' . ltrim($this->root, '/');
+        $this->root = rtrim($this->root, '/') . '/';
+
+        $this->showHidden = isset($params['show_hidden']) && $params['show_hidden'];
+        $this->checkAcl = isset($params['check_acl']) && $params['check_acl'];
+
+        $this->statCache = new CappedMemoryCache();
+        parent::__construct($params);
+    }
+
+    private function splitUser($user) {
+        if (strpos($user, '/')) {
+            return explode('/', $user, 2);
+        } elseif (strpos($user, '\\')) {
+            return explode('\\', $user);
+        } else {
+            return [null, $user];
+        }
+    }
+
+    /**
+     * @return string
+     */
+    public function getId() {
+        // FIXME: double slash to keep compatible with the old storage ids,
+        // failure to do so will lead to creation of a new storage id and
+        // loss of shares from the storage
+        return 'smb::' . $this->server->getAuth()->getUsername() . '@' . $this->server->getHost() . '//' . $this->share->getName() . '/' . $this->root;
+    }
+
+    /**
+     * @param string $path
+     * @return string
+     */
+    protected function buildPath($path) {
+        return Filesystem::normalizePath($this->root . '/' . $path, true, false, true);
+    }
+
+    protected function relativePath($fullPath) {
+        if ($fullPath === $this->root) {
+            return '';
+        } elseif (substr($fullPath, 0, strlen($this->root)) === $this->root) {
+            return substr($fullPath, strlen($this->root));
+        } else {
+            return null;
+        }
+    }
+
+    /**
+     * @param string $path
+     * @return IFileInfo
+     * @throws StorageAuthException
+     */
+    protected function getFileInfo($path) {
+        try {
+            $path = $this->buildPath($path);
+            $cached = $this->statCache[$path] ?? null;
+            if ($cached instanceof IFileInfo) {
+                return $cached;
+            } else {
+                $stat = $this->share->stat($path);
+                $this->statCache[$path] = $stat;
+                return $stat;
+            }
+        } catch (ConnectException $e) {
+            $this->throwUnavailable($e);
+        } catch (ForbiddenException $e) {
+            // with php-smbclient, this exception is thrown when the provided password is invalid.
+            // Possible is also ForbiddenException with a different error code, so we check it.
+            if ($e->getCode() === 1) {
+                $this->throwUnavailable($e);
+            }
+            throw $e;
+        }
+    }
+
+    /**
+     * @param \Exception $e
+     * @return never
+     * @throws StorageAuthException
+     */
+    protected function throwUnavailable(\Exception $e) {
+        $this->logger->logException($e, ['message' => 'Error while getting file info']);
+        throw new StorageAuthException($e->getMessage(), $e);
+    }
+
+    /**
+     * get the acl from fileinfo that is relevant for the configured user
+     *
+     * @param IFileInfo $file
+     * @return ACL|null
+     */
+    private function getACL(IFileInfo $file): ?ACL {
+        $acls = $file->getAcls();
+        foreach ($acls as $user => $acl) {
+            [, $user] = $this->splitUser($user); // strip domain
+            if ($user === $this->server->getAuth()->getUsername()) {
+                return $acl;
+            }
+        }
+
+        return null;
+    }
+
+    /**
+     * @param string $path
+     * @return \Generator<IFileInfo>
+     * @throws StorageNotAvailableException
+     */
+    protected function getFolderContents($path): iterable {
+        try {
+            $path = ltrim($this->buildPath($path), '/');
+            try {
+                $files = $this->share->dir($path);
+            } catch (ForbiddenException $e) {
+                $this->logger->critical($e->getMessage(), ['exception' => $e]);
+                throw new NotPermittedException();
+            } catch (InvalidTypeException $e) {
+                return;
+            }
+            foreach ($files as $file) {
+                $this->statCache[$path . '/' . $file->getName()] = $file;
+            }
+
+            foreach ($files as $file) {
+                try {
+                    // the isHidden check is done before checking the config boolean to ensure that the metadata is always fetch
+                    // so we trigger the below exceptions where applicable
+                    $hide = $file->isHidden() && !$this->showHidden;
+
+                    if ($this->checkAcl && $acl = $this->getACL($file)) {
+                        // if there is no explicit deny, we assume it's allowed
+                        // this doesn't take inheritance fully into account but if read permissions is denied for a parent we wouldn't be in this folder
+                        // additionally, it's better to have false negatives here then false positives
+                        if ($acl->denies(ACL::MASK_READ) || $acl->denies(ACL::MASK_EXECUTE)) {
+                            $this->logger->debug('Hiding non readable entry ' . $file->getName());
+                            continue;
+                        }
+                    }
+
+                    if ($hide) {
+                        $this->logger->debug('hiding hidden file ' . $file->getName());
+                    }
+                    if (!$hide) {
+                        yield $file;
+                    }
+                } catch (ForbiddenException $e) {
+                    $this->logger->logException($e, ['level' => ILogger::DEBUG, 'message' => 'Hiding forbidden entry ' . $file->getName()]);
+                } catch (NotFoundException $e) {
+                    $this->logger->logException($e, ['level' => ILogger::DEBUG, 'message' => 'Hiding not found entry ' . $file->getName()]);
+                }
+            }
+        } catch (ConnectException $e) {
+            $this->logger->logException($e, ['message' => 'Error while getting folder content']);
+            throw new StorageNotAvailableException($e->getMessage(), $e->getCode(), $e);
+        }
+    }
+
+    /**
+     * @param IFileInfo $info
+     * @return array
+     */
+    protected function formatInfo($info) {
+        $result = [
+            'size' => $info->getSize(),
+            'mtime' => $info->getMTime(),
+        ];
+        if ($info->isDirectory()) {
+            $result['type'] = 'dir';
+        } else {
+            $result['type'] = 'file';
+        }
+        return $result;
+    }
+
+    /**
+     * Rename the files. If the source or the target is the root, the rename won't happen.
+     *
+     * @param string $source the old name of the path
+     * @param string $target the new name of the path
+     * @return bool true if the rename is successful, false otherwise
+     */
+    public function rename($source, $target, $retry = true) {
+        if ($this->isRootDir($source) || $this->isRootDir($target)) {
+            return false;
+        }
+
+        $absoluteSource = $this->buildPath($source);
+        $absoluteTarget = $this->buildPath($target);
+        try {
+            $result = $this->share->rename($absoluteSource, $absoluteTarget);
+        } catch (AlreadyExistsException $e) {
+            if ($retry) {
+                $this->remove($target);
+                $result = $this->share->rename($absoluteSource, $absoluteTarget, false);
+            } else {
+                $this->logger->logException($e, ['level' => ILogger::WARN]);
+                return false;
+            }
+        } catch (InvalidArgumentException $e) {
+            if ($retry) {
+                $this->remove($target);
+                $result = $this->share->rename($absoluteSource, $absoluteTarget, false);
+            } else {
+                $this->logger->logException($e, ['level' => ILogger::WARN]);
+                return false;
+            }
+        } catch (\Exception $e) {
+            $this->logger->logException($e, ['level' => ILogger::WARN]);
+            return false;
+        }
+        unset($this->statCache[$absoluteSource], $this->statCache[$absoluteTarget]);
+        return $result;
+    }
+
+    public function stat($path, $retry = true) {
+        try {
+            $result = $this->formatInfo($this->getFileInfo($path));
+        } catch (ForbiddenException $e) {
+            return false;
+        } catch (NotFoundException $e) {
+            return false;
+        } catch (TimedOutException $e) {
+            if ($retry) {
+                return $this->stat($path, false);
+            } else {
+                throw $e;
+            }
+        }
+        if ($this->remoteIsShare() && $this->isRootDir($path)) {
+            $result['mtime'] = $this->shareMTime();
+        }
+        return $result;
+    }
+
+    /**
+     * get the best guess for the modification time of the share
+     *
+     * @return int
+     */
+    private function shareMTime() {
+        $highestMTime = 0;
+        $files = $this->share->dir($this->root);
+        foreach ($files as $fileInfo) {
+            try {
+                if ($fileInfo->getMTime() > $highestMTime) {
+                    $highestMTime = $fileInfo->getMTime();
+                }
+            } catch (NotFoundException $e) {
+                // Ignore this, can happen on unavailable DFS shares
+            } catch (ForbiddenException $e) {
+                // Ignore this too - it's a symlink
+            }
+        }
+        return $highestMTime;
+    }
+
+    /**
+     * Check if the path is our root dir (not the smb one)
+     *
+     * @param string $path the path
+     * @return bool
+     */
+    private function isRootDir($path) {
+        return $path === '' || $path === '/' || $path === '.';
+    }
+
+    /**
+     * Check if our root points to a smb share
+     *
+     * @return bool true if our root points to a share false otherwise
+     */
+    private function remoteIsShare() {
+        return $this->share->getName() && (!$this->root || $this->root === '/');
+    }
+
+    /**
+     * @param string $path
+     * @return bool
+     */
+    public function unlink($path) {
+        if ($this->isRootDir($path)) {
+            return false;
+        }
+
+        try {
+            if ($this->is_dir($path)) {
+                return $this->rmdir($path);
+            } else {
+                $path = $this->buildPath($path);
+                unset($this->statCache[$path]);
+                $this->share->del($path);
+                return true;
+            }
+        } catch (NotFoundException $e) {
+            return false;
+        } catch (ForbiddenException $e) {
+            return false;
+        } catch (ConnectException $e) {
+            $this->logger->logException($e, ['message' => 'Error while deleting file']);
+            throw new StorageNotAvailableException($e->getMessage(), $e->getCode(), $e);
+        }
+    }
+
+    /**
+     * check if a file or folder has been updated since $time
+     *
+     * @param string $path
+     * @param int $time
+     * @return bool
+     */
+    public function hasUpdated($path, $time) {
+        if (!$path and $this->root === '/') {
+            // mtime doesn't work for shares, but giving the nature of the backend,
+            // doing a full update is still just fast enough
+            return true;
+        } else {
+            $actualTime = $this->filemtime($path);
+            return $actualTime > $time;
+        }
+    }
+
+    /**
+     * @param string $path
+     * @param string $mode
+     * @return resource|bool
+     */
+    public function fopen($path, $mode) {
+        $fullPath = $this->buildPath($path);
+        try {
+            switch ($mode) {
+                case 'r':
+                case 'rb':
+                    if (!$this->file_exists($path)) {
+                        return false;
+                    }
+                    return $this->share->read($fullPath);
+                case 'w':
+                case 'wb':
+                    $source = $this->share->write($fullPath);
+                    return CallBackWrapper::wrap($source, null, null, function () use ($fullPath) {
+                        unset($this->statCache[$fullPath]);
+                    });
+                case 'a':
+                case 'ab':
+                case 'r+':
+                case 'w+':
+                case 'wb+':
+                case 'a+':
+                case 'x':
+                case 'x+':
+                case 'c':
+                case 'c+':
+                    //emulate these
+                    if (strrpos($path, '.') !== false) {
+                        $ext = substr($path, strrpos($path, '.'));
+                    } else {
+                        $ext = '';
+                    }
+                    if ($this->file_exists($path)) {
+                        if (!$this->isUpdatable($path)) {
+                            return false;
+                        }
+                        $tmpFile = $this->getCachedFile($path);
+                    } else {
+                        if (!$this->isCreatable(dirname($path))) {
+                            return false;
+                        }
+                        $tmpFile = \OC::$server->getTempManager()->getTemporaryFile($ext);
+                    }
+                    $source = fopen($tmpFile, $mode);
+                    $share = $this->share;
+                    return CallbackWrapper::wrap($source, null, null, function () use ($tmpFile, $fullPath, $share) {
+                        unset($this->statCache[$fullPath]);
+                        $share->put($tmpFile, $fullPath);
+                        unlink($tmpFile);
+                    });
+            }
+            return false;
+        } catch (NotFoundException $e) {
+            return false;
+        } catch (ForbiddenException $e) {
+            return false;
+        } catch (OutOfSpaceException $e) {
+            throw new EntityTooLargeException("not enough available space to create file", 0, $e);
+        } catch (ConnectException $e) {
+            $this->logger->logException($e, ['message' => 'Error while opening file']);
+            throw new StorageNotAvailableException($e->getMessage(), $e->getCode(), $e);
+        }
+    }
+
+    public function rmdir($path) {
+        if ($this->isRootDir($path)) {
+            return false;
+        }
+
+        try {
+            $this->statCache = new CappedMemoryCache();
+            $content = $this->share->dir($this->buildPath($path));
+            foreach ($content as $file) {
+                if ($file->isDirectory()) {
+                    $this->rmdir($path . '/' . $file->getName());
+                } else {
+                    $this->share->del($file->getPath());
+                }
+            }
+            $this->share->rmdir($this->buildPath($path));
+            return true;
+        } catch (NotFoundException $e) {
+            return false;
+        } catch (ForbiddenException $e) {
+            return false;
+        } catch (ConnectException $e) {
+            $this->logger->logException($e, ['message' => 'Error while removing folder']);
+            throw new StorageNotAvailableException($e->getMessage(), $e->getCode(), $e);
+        }
+    }
+
+    public function touch($path, $mtime = null) {
+        try {
+            if (!$this->file_exists($path)) {
+                $fh = $this->share->write($this->buildPath($path));
+                fclose($fh);
+                return true;
+            }
+            return false;
+        } catch (OutOfSpaceException $e) {
+            throw new EntityTooLargeException("not enough available space to create file", 0, $e);
+        } catch (ConnectException $e) {
+            $this->logger->logException($e, ['message' => 'Error while creating file']);
+            throw new StorageNotAvailableException($e->getMessage(), $e->getCode(), $e);
+        }
+    }
+
+    public function getMetaData($path) {
+        try {
+            $fileInfo = $this->getFileInfo($path);
+        } catch (NotFoundException $e) {
+            return null;
+        } catch (ForbiddenException $e) {
+            return null;
+        }
+        if (!$fileInfo) {
+            return null;
+        }
+
+        return $this->getMetaDataFromFileInfo($fileInfo);
+    }
+
+    private function getMetaDataFromFileInfo(IFileInfo $fileInfo) {
+        $permissions = Constants::PERMISSION_READ + Constants::PERMISSION_SHARE;
+
+        if (
+            !$fileInfo->isReadOnly() || $fileInfo->isDirectory()
+        ) {
+            $permissions += Constants::PERMISSION_DELETE;
+            $permissions += Constants::PERMISSION_UPDATE;
+            if ($fileInfo->isDirectory()) {
+                $permissions += Constants::PERMISSION_CREATE;
+            }
+        }
+
+        $data = [];
+        if ($fileInfo->isDirectory()) {
+            $data['mimetype'] = 'httpd/unix-directory';
+        } else {
+            $data['mimetype'] = \OC::$server->getMimeTypeDetector()->detectPath($fileInfo->getPath());
+        }
+        $data['mtime'] = $fileInfo->getMTime();
+        if ($fileInfo->isDirectory()) {
+            $data['size'] = -1; //unknown
+        } else {
+            $data['size'] = $fileInfo->getSize();
+        }
+        $data['etag'] = $this->getETag($fileInfo->getPath());
+        $data['storage_mtime'] = $data['mtime'];
+        $data['permissions'] = $permissions;
+        $data['name'] = $fileInfo->getName();
+
+        return $data;
+    }
+
+    public function opendir($path) {
+        try {
+            $files = $this->getFolderContents($path);
+        } catch (NotFoundException $e) {
+            return false;
+        } catch (NotPermittedException $e) {
+            return false;
+        }
+        $names = array_map(function ($info) {
+            /** @var IFileInfo $info */
+            return $info->getName();
+        }, iterator_to_array($files));
+        return IteratorDirectory::wrap($names);
+    }
+
+    public function getDirectoryContent($directory): \Traversable {
+        try {
+            $files = $this->getFolderContents($directory);
+            foreach ($files as $file) {
+                yield $this->getMetaDataFromFileInfo($file);
+            }
+        } catch (NotFoundException $e) {
+            return;
+        } catch (NotPermittedException $e) {
+            return;
+        }
+    }
+
+    public function filetype($path) {
+        try {
+            return $this->getFileInfo($path)->isDirectory() ? 'dir' : 'file';
+        } catch (NotFoundException $e) {
+            return false;
+        } catch (ForbiddenException $e) {
+            return false;
+        }
+    }
+
+    public function mkdir($path) {
+        $path = $this->buildPath($path);
+        try {
+            $this->share->mkdir($path);
+            return true;
+        } catch (ConnectException $e) {
+            $this->logger->logException($e, ['message' => 'Error while creating folder']);
+            throw new StorageNotAvailableException($e->getMessage(), $e->getCode(), $e);
+        } catch (Exception $e) {
+            return false;
+        }
+    }
+
+    public function file_exists($path) {
+        try {
+            $this->getFileInfo($path);
+            return true;
+        } catch (NotFoundException $e) {
+            return false;
+        } catch (ForbiddenException $e) {
+            return false;
+        } catch (ConnectException $e) {
+            throw new StorageNotAvailableException($e->getMessage(), $e->getCode(), $e);
+        }
+    }
+
+    public function isReadable($path) {
+        try {
+            $info = $this->getFileInfo($path);
+            return $this->showHidden || !$info->isHidden();
+        } catch (NotFoundException $e) {
+            return false;
+        } catch (ForbiddenException $e) {
+            return false;
+        }
+    }
+
+    public function isUpdatable($path) {
+        try {
+            $info = $this->getFileInfo($path);
+            // following windows behaviour for read-only folders: they can be written into
+            // (https://support.microsoft.com/en-us/kb/326549 - "cause" section)
+            return ($this->showHidden || !$info->isHidden()) && (!$info->isReadOnly() || $info->isDirectory());
+        } catch (NotFoundException $e) {
+            return false;
+        } catch (ForbiddenException $e) {
+            return false;
+        }
+    }
+
+    public function isDeletable($path) {
+        try {
+            $info = $this->getFileInfo($path);
+            return ($this->showHidden || !$info->isHidden()) && !$info->isReadOnly();
+        } catch (NotFoundException $e) {
+            return false;
+        } catch (ForbiddenException $e) {
+            return false;
+        }
+    }
+
+    /**
+     * check if smbclient is installed
+     */
+    public static function checkDependencies() {
+        return (
+            (bool)\OC_Helper::findBinaryPath('smbclient')
+            || NativeServer::available(new System())
+        ) ? true : ['smbclient'];
+    }
+
+    /**
+     * Test a storage for availability
+     *
+     * @return bool
+     */
+    public function test() {
+        try {
+            return parent::test();
+        } catch (Exception $e) {
+            $this->logger->logException($e);
+            return false;
+        }
+    }
+
+    public function listen($path, callable $callback) {
+        $this->notify($path)->listen(function (IChange $change) use ($callback) {
+            if ($change instanceof IRenameChange) {
+                return $callback($change->getType(), $change->getPath(), $change->getTargetPath());
+            } else {
+                return $callback($change->getType(), $change->getPath());
+            }
+        });
+    }
+
+    public function notify($path) {
+        $path = '/' . ltrim($path, '/');
+        $shareNotifyHandler = $this->share->notify($this->buildPath($path));
+        return new SMBNotifyHandler($shareNotifyHandler, $this->root);
+    }
 }

Please login to merge, or discard this patch.

		@@ -47,205 +47,205 @@
		block discarded – undo
47	47	* cache
48	48	*/
49	49	class Manager {
50		- protected ?Access $access = null;
51		- protected IConfig $ocConfig;
52		- protected IDBConnection $db;
53		- protected IUserManager $userManager;
54		- protected INotificationManager $notificationManager;
55		- protected FilesystemHelper $ocFilesystem;
56		- protected LoggerInterface $logger;
57		- protected Image $image;
58		- protected IAvatarManager $avatarManager;
59		- /** @var CappedMemoryCache<User> $usersByDN */
60		- protected CappedMemoryCache $usersByDN;
61		- /** @var CappedMemoryCache<User> $usersByUid */
62		- protected CappedMemoryCache $usersByUid;
63		- private IManager $shareManager;
64		-
65		- public function __construct(
66		- IConfig $ocConfig,
67		- FilesystemHelper $ocFilesystem,
68		- LoggerInterface $logger,
69		- IAvatarManager $avatarManager,
70		- Image $image,
71		- IUserManager $userManager,
72		- INotificationManager $notificationManager,
73		- IManager $shareManager
74		- ) {
75		- $this->ocConfig = $ocConfig;
76		- $this->ocFilesystem = $ocFilesystem;
77		- $this->logger = $logger;
78		- $this->avatarManager = $avatarManager;
79		- $this->image = $image;
80		- $this->userManager = $userManager;
81		- $this->notificationManager = $notificationManager;
82		- $this->usersByDN = new CappedMemoryCache();
83		- $this->usersByUid = new CappedMemoryCache();
84		- $this->shareManager = $shareManager;
85		- }
86		-
87		- /**
88		- * Binds manager to an instance of Access.
89		- * It needs to be assigned first before the manager can be used.
90		- * @param Access
91		- */
92		- public function setLdapAccess(Access $access) {
93		- $this->access = $access;
94		- }
95		-
96		- /**
97		- * @brief creates an instance of User and caches (just runtime) it in the
98		- * property array
99		- * @param string $dn the DN of the user
100		- * @param string $uid the internal (owncloud) username
101		- * @return \OCA\User_LDAP\User\User
102		- */
103		- private function createAndCache($dn, $uid) {
104		- $this->checkAccess();
105		- $user = new User($uid, $dn, $this->access, $this->ocConfig,
106		- $this->ocFilesystem, clone $this->image, $this->logger,
107		- $this->avatarManager, $this->userManager,
108		- $this->notificationManager);
109		- $this->usersByDN[$dn] = $user;
110		- $this->usersByUid[$uid] = $user;
111		- return $user;
112		- }
113		-
114		- /**
115		- * removes a user entry from the cache
116		- * @param $uid
117		- */
118		- public function invalidate($uid) {
119		- if (!isset($this->usersByUid[$uid])) {
120		- return;
121		- }
122		- $dn = $this->usersByUid[$uid]->getDN();
123		- unset($this->usersByUid[$uid]);
124		- unset($this->usersByDN[$dn]);
125		- }
126		-
127		- /**
128		- * @brief checks whether the Access instance has been set
129		- * @throws \Exception if Access has not been set
130		- * @return null
131		- */
132		- private function checkAccess() {
133		- if (is_null($this->access)) {
134		- throw new \Exception('LDAP Access instance must be set first');
135		- }
136		- }
137		-
138		- /**
139		- * returns a list of attributes that will be processed further, e.g. quota,
140		- * email, displayname, or others.
141		- *
142		- * @param bool $minimal - optional, set to true to skip attributes with big
143		- * payload
144		- * @return string[]
145		- */
146		- public function getAttributes($minimal = false) {
147		- $baseAttributes = array_merge(Access::UUID_ATTRIBUTES, ['dn', 'uid', 'samaccountname', 'memberof']);
148		- $attributes = [
149		- $this->access->getConnection()->ldapExpertUUIDUserAttr,
150		- $this->access->getConnection()->ldapQuotaAttribute,
151		- $this->access->getConnection()->ldapEmailAttribute,
152		- $this->access->getConnection()->ldapUserDisplayName,
153		- $this->access->getConnection()->ldapUserDisplayName2,
154		- $this->access->getConnection()->ldapExtStorageHomeAttribute,
155		- ];
156		-
157		- $homeRule = (string)$this->access->getConnection()->homeFolderNamingRule;
158		- if (strpos($homeRule, 'attr:') === 0) {
159		- $attributes[] = substr($homeRule, strlen('attr:'));
160		- }
161		-
162		- if (!$minimal) {
163		- // attributes that are not really important but may come with big
164		- // payload.
165		- $attributes = array_merge(
166		- $attributes,
167		- $this->access->getConnection()->resolveRule('avatar')
168		- );
169		- }
170		-
171		- $attributes = array_reduce($attributes,
172		- function ($list, $attribute) {
173		- $attribute = strtolower(trim((string)$attribute));
174		- if (!empty($attribute) && !in_array($attribute, $list)) {
175		- $list[] = $attribute;
176		- }
177		-
178		- return $list;
179		- },
180		- $baseAttributes // hard-coded, lower-case, non-empty attributes
181		- );
182		-
183		- return $attributes;
184		- }
185		-
186		- /**
187		- * Checks whether the specified user is marked as deleted
188		- * @param string $id the Nextcloud user name
189		- * @return bool
190		- */
191		- public function isDeletedUser($id) {
192		- $isDeleted = $this->ocConfig->getUserValue(
193		- $id, 'user_ldap', 'isDeleted', 0);
194		- return (int)$isDeleted === 1;
195		- }
196		-
197		- /**
198		- * creates and returns an instance of OfflineUser for the specified user
199		- * @param string $id
200		- * @return \OCA\User_LDAP\User\OfflineUser
201		- */
202		- public function getDeletedUser($id) {
203		- return new OfflineUser(
204		- $id,
205		- $this->ocConfig,
206		- $this->access->getUserMapper(),
207		- $this->shareManager
208		- );
209		- }
210		-
211		- /**
212		- * @brief returns a User object by it's Nextcloud username
213		- * @param string $id the DN or username of the user
214		- * @return \OCA\User_LDAP\User\User\|\OCA\User_LDAP\User\OfflineUser\|null
215		- */
216		- protected function createInstancyByUserName($id) {
217		- //most likely a uid. Check whether it is a deleted user
218		- if ($this->isDeletedUser($id)) {
219		- return $this->getDeletedUser($id);
220		- }
221		- $dn = $this->access->username2dn($id);
222		- if ($dn !== false) {
223		- return $this->createAndCache($dn, $id);
224		- }
225		- return null;
226		- }
227		-
228		- /**
229		- * @brief returns a User object by it's DN or Nextcloud username
230		- * @param string $id the DN or username of the user
231		- * @return \OCA\User_LDAP\User\User\|\OCA\User_LDAP\User\OfflineUser\|null
232		- * @throws \Exception when connection could not be established
233		- */
234		- public function get($id) {
235		- $this->checkAccess();
236		- if (isset($this->usersByDN[$id])) {
237		- return $this->usersByDN[$id];
238		- } elseif (isset($this->usersByUid[$id])) {
239		- return $this->usersByUid[$id];
240		- }
241		-
242		- if ($this->access->stringResemblesDN($id)) {
243		- $uid = $this->access->dn2username($id);
244		- if ($uid !== false) {
245		- return $this->createAndCache($id, $uid);
246		- }
247		- }
248		-
249		- return $this->createInstancyByUserName($id);
250		- }
	50	+ protected ?Access $access = null;
	51	+ protected IConfig $ocConfig;
	52	+ protected IDBConnection $db;
	53	+ protected IUserManager $userManager;
	54	+ protected INotificationManager $notificationManager;
	55	+ protected FilesystemHelper $ocFilesystem;
	56	+ protected LoggerInterface $logger;
	57	+ protected Image $image;
	58	+ protected IAvatarManager $avatarManager;
	59	+ /** @var CappedMemoryCache<User> $usersByDN */
	60	+ protected CappedMemoryCache $usersByDN;
	61	+ /** @var CappedMemoryCache<User> $usersByUid */
	62	+ protected CappedMemoryCache $usersByUid;
	63	+ private IManager $shareManager;
	64	+
	65	+ public function __construct(
	66	+ IConfig $ocConfig,
	67	+ FilesystemHelper $ocFilesystem,
	68	+ LoggerInterface $logger,
	69	+ IAvatarManager $avatarManager,
	70	+ Image $image,
	71	+ IUserManager $userManager,
	72	+ INotificationManager $notificationManager,
	73	+ IManager $shareManager
	74	+ ) {
	75	+ $this->ocConfig = $ocConfig;
	76	+ $this->ocFilesystem = $ocFilesystem;
	77	+ $this->logger = $logger;
	78	+ $this->avatarManager = $avatarManager;
	79	+ $this->image = $image;
	80	+ $this->userManager = $userManager;
	81	+ $this->notificationManager = $notificationManager;
	82	+ $this->usersByDN = new CappedMemoryCache();
	83	+ $this->usersByUid = new CappedMemoryCache();
	84	+ $this->shareManager = $shareManager;
	85	+ }
	86	+
	87	+ /**
	88	+ * Binds manager to an instance of Access.
	89	+ * It needs to be assigned first before the manager can be used.
	90	+ * @param Access
	91	+ */
	92	+ public function setLdapAccess(Access $access) {
	93	+ $this->access = $access;
	94	+ }
	95	+
	96	+ /**
	97	+ * @brief creates an instance of User and caches (just runtime) it in the
	98	+ * property array
	99	+ * @param string $dn the DN of the user
	100	+ * @param string $uid the internal (owncloud) username
	101	+ * @return \OCA\User_LDAP\User\User
	102	+ */
	103	+ private function createAndCache($dn, $uid) {
	104	+ $this->checkAccess();
	105	+ $user = new User($uid, $dn, $this->access, $this->ocConfig,
	106	+ $this->ocFilesystem, clone $this->image, $this->logger,
	107	+ $this->avatarManager, $this->userManager,
	108	+ $this->notificationManager);
	109	+ $this->usersByDN[$dn] = $user;
	110	+ $this->usersByUid[$uid] = $user;
	111	+ return $user;
	112	+ }
	113	+
	114	+ /**
	115	+ * removes a user entry from the cache
	116	+ * @param $uid
	117	+ */
	118	+ public function invalidate($uid) {
	119	+ if (!isset($this->usersByUid[$uid])) {
	120	+ return;
	121	+ }
	122	+ $dn = $this->usersByUid[$uid]->getDN();
	123	+ unset($this->usersByUid[$uid]);
	124	+ unset($this->usersByDN[$dn]);
	125	+ }
	126	+
	127	+ /**
	128	+ * @brief checks whether the Access instance has been set
	129	+ * @throws \Exception if Access has not been set
	130	+ * @return null
	131	+ */
	132	+ private function checkAccess() {
	133	+ if (is_null($this->access)) {
	134	+ throw new \Exception('LDAP Access instance must be set first');
	135	+ }
	136	+ }
	137	+
	138	+ /**
	139	+ * returns a list of attributes that will be processed further, e.g. quota,
	140	+ * email, displayname, or others.
	141	+ *
	142	+ * @param bool $minimal - optional, set to true to skip attributes with big
	143	+ * payload
	144	+ * @return string[]
	145	+ */
	146	+ public function getAttributes($minimal = false) {
	147	+ $baseAttributes = array_merge(Access::UUID_ATTRIBUTES, ['dn', 'uid', 'samaccountname', 'memberof']);
	148	+ $attributes = [
	149	+ $this->access->getConnection()->ldapExpertUUIDUserAttr,
	150	+ $this->access->getConnection()->ldapQuotaAttribute,
	151	+ $this->access->getConnection()->ldapEmailAttribute,
	152	+ $this->access->getConnection()->ldapUserDisplayName,
	153	+ $this->access->getConnection()->ldapUserDisplayName2,
	154	+ $this->access->getConnection()->ldapExtStorageHomeAttribute,
	155	+ ];
	156	+
	157	+ $homeRule = (string)$this->access->getConnection()->homeFolderNamingRule;
	158	+ if (strpos($homeRule, 'attr:') === 0) {
	159	+ $attributes[] = substr($homeRule, strlen('attr:'));
	160	+ }
	161	+
	162	+ if (!$minimal) {
	163	+ // attributes that are not really important but may come with big
	164	+ // payload.
	165	+ $attributes = array_merge(
	166	+ $attributes,
	167	+ $this->access->getConnection()->resolveRule('avatar')
	168	+ );
	169	+ }
	170	+
	171	+ $attributes = array_reduce($attributes,
	172	+ function ($list, $attribute) {
	173	+ $attribute = strtolower(trim((string)$attribute));
	174	+ if (!empty($attribute) && !in_array($attribute, $list)) {
	175	+ $list[] = $attribute;
	176	+ }
	177	+
	178	+ return $list;
	179	+ },
	180	+ $baseAttributes // hard-coded, lower-case, non-empty attributes
	181	+ );
	182	+
	183	+ return $attributes;
	184	+ }
	185	+
	186	+ /**
	187	+ * Checks whether the specified user is marked as deleted
	188	+ * @param string $id the Nextcloud user name
	189	+ * @return bool
	190	+ */
	191	+ public function isDeletedUser($id) {
	192	+ $isDeleted = $this->ocConfig->getUserValue(
	193	+ $id, 'user_ldap', 'isDeleted', 0);
	194	+ return (int)$isDeleted === 1;
	195	+ }
	196	+
	197	+ /**
	198	+ * creates and returns an instance of OfflineUser for the specified user
	199	+ * @param string $id
	200	+ * @return \OCA\User_LDAP\User\OfflineUser
	201	+ */
	202	+ public function getDeletedUser($id) {
	203	+ return new OfflineUser(
	204	+ $id,
	205	+ $this->ocConfig,
	206	+ $this->access->getUserMapper(),
	207	+ $this->shareManager
	208	+ );
	209	+ }
	210	+
	211	+ /**
	212	+ * @brief returns a User object by it's Nextcloud username
	213	+ * @param string $id the DN or username of the user
	214	+ * @return \OCA\User_LDAP\User\User\|\OCA\User_LDAP\User\OfflineUser\|null
	215	+ */
	216	+ protected function createInstancyByUserName($id) {
	217	+ //most likely a uid. Check whether it is a deleted user
	218	+ if ($this->isDeletedUser($id)) {
	219	+ return $this->getDeletedUser($id);
	220	+ }
	221	+ $dn = $this->access->username2dn($id);
	222	+ if ($dn !== false) {
	223	+ return $this->createAndCache($dn, $id);
	224	+ }
	225	+ return null;
	226	+ }
	227	+
	228	+ /**
	229	+ * @brief returns a User object by it's DN or Nextcloud username
	230	+ * @param string $id the DN or username of the user
	231	+ * @return \OCA\User_LDAP\User\User\|\OCA\User_LDAP\User\OfflineUser\|null
	232	+ * @throws \Exception when connection could not be established
	233	+ */
	234	+ public function get($id) {
	235	+ $this->checkAccess();
	236	+ if (isset($this->usersByDN[$id])) {
	237	+ return $this->usersByDN[$id];
	238	+ } elseif (isset($this->usersByUid[$id])) {
	239	+ return $this->usersByUid[$id];
	240	+ }
	241	+
	242	+ if ($this->access->stringResemblesDN($id)) {
	243	+ $uid = $this->access->dn2username($id);
	244	+ if ($uid !== false) {
	245	+ return $this->createAndCache($id, $uid);
	246	+ }
	247	+ }
	248	+
	249	+ return $this->createInstancyByUserName($id);
	250	+ }
251	251	}

		@@ -35,253 +35,253 @@
		block discarded – undo
35	35	use OCP\IDBConnection;
36	36
37	37	class Helper {
38		- private IConfig $config;
39		- private IDBConnection $connection;
40		- /** @var CappedMemoryCache<string> */
41		- protected CappedMemoryCache $sanitizeDnCache;
42		-
43		- public function __construct(IConfig $config,
44		- IDBConnection $connection) {
45		- $this->config = $config;
46		- $this->connection = $connection;
47		- $this->sanitizeDnCache = new CappedMemoryCache(10000);
48		- }
49		-
50		- /**
51		- * returns prefixes for each saved LDAP/AD server configuration.
52		- *
53		- * @param bool $activeConfigurations optional, whether only active configuration shall be
54		- * retrieved, defaults to false
55		- * @return array with a list of the available prefixes
56		- *
57		- * Configuration prefixes are used to set up configurations for n LDAP or
58		- * AD servers. Since configuration is stored in the database, table
59		- * appconfig under appid user_ldap, the common identifiers in column
60		- * 'configkey' have a prefix. The prefix for the very first server
61		- * configuration is empty.
62		- * Configkey Examples:
63		- * Server 1: ldap_login_filter
64		- * Server 2: s1_ldap_login_filter
65		- * Server 3: s2_ldap_login_filter
66		- *
67		- * The prefix needs to be passed to the constructor of Connection class,
68		- * except the default (first) server shall be connected to.
69		- *
70		- */
71		- public function getServerConfigurationPrefixes($activeConfigurations = false): array {
72		- $referenceConfigkey = 'ldap_configuration_active';
73		-
74		- $keys = $this->getServersConfig($referenceConfigkey);
75		-
76		- $prefixes = [];
77		- foreach ($keys as $key) {
78		- if ($activeConfigurations && $this->config->getAppValue('user_ldap', $key, '0') !== '1') {
79		- continue;
80		- }
81		-
82		- $len = strlen($key) - strlen($referenceConfigkey);
83		- $prefixes[] = substr($key, 0, $len);
84		- }
85		- asort($prefixes);
86		-
87		- return $prefixes;
88		- }
89		-
90		- /**
91		- *
92		- * determines the host for every configured connection
93		- *
94		- * @return array an array with configprefix as keys
95		- *
96		- */
97		- public function getServerConfigurationHosts() {
98		- $referenceConfigkey = 'ldap_host';
99		-
100		- $keys = $this->getServersConfig($referenceConfigkey);
101		-
102		- $result = [];
103		- foreach ($keys as $key) {
104		- $len = strlen($key) - strlen($referenceConfigkey);
105		- $prefix = substr($key, 0, $len);
106		- $result[$prefix] = $this->config->getAppValue('user_ldap', $key);
107		- }
108		-
109		- return $result;
110		- }
111		-
112		- /**
113		- * return the next available configuration prefix
114		- *
115		- * @return string
116		- */
117		- public function getNextServerConfigurationPrefix() {
118		- $serverConnections = $this->getServerConfigurationPrefixes();
119		-
120		- if (count($serverConnections) === 0) {
121		- return 's01';
122		- }
123		-
124		- sort($serverConnections);
125		- $lastKey = array_pop($serverConnections);
126		- $lastNumber = (int)str_replace('s', '', $lastKey);
127		- return 's' . str_pad((string)($lastNumber + 1), 2, '0', STR_PAD_LEFT);
128		- }
129		-
130		- private function getServersConfig(string $value): array {
131		- $regex = '/' . $value . '$/S';
132		-
133		- $keys = $this->config->getAppKeys('user_ldap');
134		- $result = [];
135		- foreach ($keys as $key) {
136		- if (preg_match($regex, $key) === 1) {
137		- $result[] = $key;
138		- }
139		- }
140		-
141		- return $result;
142		- }
143		-
144		- /**
145		- * deletes a given saved LDAP/AD server configuration.
146		- *
147		- * @param string $prefix the configuration prefix of the config to delete
148		- * @return bool true on success, false otherwise
149		- */
150		- public function deleteServerConfiguration($prefix) {
151		- if (!in_array($prefix, self::getServerConfigurationPrefixes())) {
152		- return false;
153		- }
154		-
155		- $query = $this->connection->getQueryBuilder();
156		- $query->delete('appconfig')
157		- ->where($query->expr()->eq('appid', $query->createNamedParameter('user_ldap')))
158		- ->andWhere($query->expr()->like('configkey', $query->createNamedParameter((string)$prefix . '%')))
159		- ->andWhere($query->expr()->notIn('configkey', $query->createNamedParameter([
160		- 'enabled',
161		- 'installed_version',
162		- 'types',
163		- 'bgjUpdateGroupsLastRun',
164		- ], IQueryBuilder::PARAM_STR_ARRAY)));
165		-
166		- if (empty($prefix)) {
167		- $query->andWhere($query->expr()->notLike('configkey', $query->createNamedParameter('s%')));
168		- }
169		-
170		- $deletedRows = $query->execute();
171		- return $deletedRows !== 0;
172		- }
173		-
174		- /**
175		- * checks whether there is one or more disabled LDAP configurations
176		- */
177		- public function haveDisabledConfigurations(): bool {
178		- $all = $this->getServerConfigurationPrefixes(false);
179		- $active = $this->getServerConfigurationPrefixes(true);
180		-
181		- return count($all) !== count($active) \|\| count($all) === 0;
182		- }
183		-
184		- /**
185		- * extracts the domain from a given URL
186		- *
187		- * @param string $url the URL
188		- * @return string\|false domain as string on success, false otherwise
189		- */
190		- public function getDomainFromURL($url) {
191		- $uinfo = parse_url($url);
192		- if (!is_array($uinfo)) {
193		- return false;
194		- }
195		-
196		- $domain = false;
197		- if (isset($uinfo['host'])) {
198		- $domain = $uinfo['host'];
199		- } elseif (isset($uinfo['path'])) {
200		- $domain = $uinfo['path'];
201		- }
202		-
203		- return $domain;
204		- }
205		-
206		- /**
207		- * sanitizes a DN received from the LDAP server
208		- *
209		- * @param array\|string $dn the DN in question
210		- * @return array\|string the sanitized DN
211		- */
212		- public function sanitizeDN($dn) {
213		- //treating multiple base DNs
214		- if (is_array($dn)) {
215		- $result = [];
216		- foreach ($dn as $singleDN) {
217		- $result[] = $this->sanitizeDN($singleDN);
218		- }
219		- return $result;
220		- }
221		-
222		- if (!is_string($dn)) {
223		- throw new \LogicException('String expected ' . \gettype($dn) . ' given');
224		- }
225		-
226		- if (($sanitizedDn = $this->sanitizeDnCache->get($dn)) !== null) {
227		- return $sanitizedDn;
228		- }
229		-
230		- //OID sometimes gives back DNs with whitespace after the comma
231		- // a la "uid=foo, cn=bar, dn=..." We need to tackle this!
232		- $sanitizedDn = preg_replace('/([^\\\]),(\s+)/u', '\1,', $dn);
233		-
234		- //make comparisons and everything work
235		- $sanitizedDn = mb_strtolower($sanitizedDn, 'UTF-8');
236		-
237		- //escape DN values according to RFC 2253 – this is already done by ldap_explode_dn
238		- //to use the DN in search filters, \ needs to be escaped to \5c additionally
239		- //to use them in bases, we convert them back to simple backslashes in readAttribute()
240		- $replacements = [
241		- '\,' => '\5c2C',
242		- '\=' => '\5c3D',
243		- '\+' => '\5c2B',
244		- '\<' => '\5c3C',
245		- '\>' => '\5c3E',
246		- '\;' => '\5c3B',
247		- '\"' => '\5c22',
248		- '\#' => '\5c23',
249		- '(' => '\28',
250		- ')' => '\29',
251		- '*' => '\2A',
252		- ];
253		- $sanitizedDn = str_replace(array_keys($replacements), array_values($replacements), $sanitizedDn);
254		- $this->sanitizeDnCache->set($dn, $sanitizedDn);
255		-
256		- return $sanitizedDn;
257		- }
258		-
259		- /**
260		- * converts a stored DN so it can be used as base parameter for LDAP queries, internally we store them for usage in LDAP filters
261		- *
262		- * @param string $dn the DN
263		- * @return string
264		- */
265		- public function DNasBaseParameter($dn) {
266		- return str_ireplace('\\5c', '\\', $dn);
267		- }
268		-
269		- /**
270		- * listens to a hook thrown by server2server sharing and replaces the given
271		- * login name by a username, if it matches an LDAP user.
272		- *
273		- * @param array $param contains a reference to a $uid var under 'uid' key
274		- * @throws \Exception
275		- */
276		- public static function loginName2UserName($param): void {
277		- if (!isset($param['uid'])) {
278		- throw new \Exception('key uid is expected to be set in $param');
279		- }
280		-
281		- $userBackend = \OC::$server->get(User_Proxy::class);
282		- $uid = $userBackend->loginName2UserName($param['uid']);
283		- if ($uid !== false) {
284		- $param['uid'] = $uid;
285		- }
286		- }
	38	+ private IConfig $config;
	39	+ private IDBConnection $connection;
	40	+ /** @var CappedMemoryCache<string> */
	41	+ protected CappedMemoryCache $sanitizeDnCache;
	42	+
	43	+ public function __construct(IConfig $config,
	44	+ IDBConnection $connection) {
	45	+ $this->config = $config;
	46	+ $this->connection = $connection;
	47	+ $this->sanitizeDnCache = new CappedMemoryCache(10000);
	48	+ }
	49	+
	50	+ /**
	51	+ * returns prefixes for each saved LDAP/AD server configuration.
	52	+ *
	53	+ * @param bool $activeConfigurations optional, whether only active configuration shall be
	54	+ * retrieved, defaults to false
	55	+ * @return array with a list of the available prefixes
	56	+ *
	57	+ * Configuration prefixes are used to set up configurations for n LDAP or
	58	+ * AD servers. Since configuration is stored in the database, table
	59	+ * appconfig under appid user_ldap, the common identifiers in column
	60	+ * 'configkey' have a prefix. The prefix for the very first server
	61	+ * configuration is empty.
	62	+ * Configkey Examples:
	63	+ * Server 1: ldap_login_filter
	64	+ * Server 2: s1_ldap_login_filter
	65	+ * Server 3: s2_ldap_login_filter
	66	+ *
	67	+ * The prefix needs to be passed to the constructor of Connection class,
	68	+ * except the default (first) server shall be connected to.
	69	+ *
	70	+ */
	71	+ public function getServerConfigurationPrefixes($activeConfigurations = false): array {
	72	+ $referenceConfigkey = 'ldap_configuration_active';
	73	+
	74	+ $keys = $this->getServersConfig($referenceConfigkey);
	75	+
	76	+ $prefixes = [];
	77	+ foreach ($keys as $key) {
	78	+ if ($activeConfigurations && $this->config->getAppValue('user_ldap', $key, '0') !== '1') {
	79	+ continue;
	80	+ }
	81	+
	82	+ $len = strlen($key) - strlen($referenceConfigkey);
	83	+ $prefixes[] = substr($key, 0, $len);
	84	+ }
	85	+ asort($prefixes);
	86	+
	87	+ return $prefixes;
	88	+ }
	89	+
	90	+ /**
	91	+ *
	92	+ * determines the host for every configured connection
	93	+ *
	94	+ * @return array an array with configprefix as keys
	95	+ *
	96	+ */
	97	+ public function getServerConfigurationHosts() {
	98	+ $referenceConfigkey = 'ldap_host';
	99	+
	100	+ $keys = $this->getServersConfig($referenceConfigkey);
	101	+
	102	+ $result = [];
	103	+ foreach ($keys as $key) {
	104	+ $len = strlen($key) - strlen($referenceConfigkey);
	105	+ $prefix = substr($key, 0, $len);
	106	+ $result[$prefix] = $this->config->getAppValue('user_ldap', $key);
	107	+ }
	108	+
	109	+ return $result;
	110	+ }
	111	+
	112	+ /**
	113	+ * return the next available configuration prefix
	114	+ *
	115	+ * @return string
	116	+ */
	117	+ public function getNextServerConfigurationPrefix() {
	118	+ $serverConnections = $this->getServerConfigurationPrefixes();
	119	+
	120	+ if (count($serverConnections) === 0) {
	121	+ return 's01';
	122	+ }
	123	+
	124	+ sort($serverConnections);
	125	+ $lastKey = array_pop($serverConnections);
	126	+ $lastNumber = (int)str_replace('s', '', $lastKey);
	127	+ return 's' . str_pad((string)($lastNumber + 1), 2, '0', STR_PAD_LEFT);
	128	+ }
	129	+
	130	+ private function getServersConfig(string $value): array {
	131	+ $regex = '/' . $value . '$/S';
	132	+
	133	+ $keys = $this->config->getAppKeys('user_ldap');
	134	+ $result = [];
	135	+ foreach ($keys as $key) {
	136	+ if (preg_match($regex, $key) === 1) {
	137	+ $result[] = $key;
	138	+ }
	139	+ }
	140	+
	141	+ return $result;
	142	+ }
	143	+
	144	+ /**
	145	+ * deletes a given saved LDAP/AD server configuration.
	146	+ *
	147	+ * @param string $prefix the configuration prefix of the config to delete
	148	+ * @return bool true on success, false otherwise
	149	+ */
	150	+ public function deleteServerConfiguration($prefix) {
	151	+ if (!in_array($prefix, self::getServerConfigurationPrefixes())) {
	152	+ return false;
	153	+ }
	154	+
	155	+ $query = $this->connection->getQueryBuilder();
	156	+ $query->delete('appconfig')
	157	+ ->where($query->expr()->eq('appid', $query->createNamedParameter('user_ldap')))
	158	+ ->andWhere($query->expr()->like('configkey', $query->createNamedParameter((string)$prefix . '%')))
	159	+ ->andWhere($query->expr()->notIn('configkey', $query->createNamedParameter([
	160	+ 'enabled',
	161	+ 'installed_version',
	162	+ 'types',
	163	+ 'bgjUpdateGroupsLastRun',
	164	+ ], IQueryBuilder::PARAM_STR_ARRAY)));
	165	+
	166	+ if (empty($prefix)) {
	167	+ $query->andWhere($query->expr()->notLike('configkey', $query->createNamedParameter('s%')));
	168	+ }
	169	+
	170	+ $deletedRows = $query->execute();
	171	+ return $deletedRows !== 0;
	172	+ }
	173	+
	174	+ /**
	175	+ * checks whether there is one or more disabled LDAP configurations
	176	+ */
	177	+ public function haveDisabledConfigurations(): bool {
	178	+ $all = $this->getServerConfigurationPrefixes(false);
	179	+ $active = $this->getServerConfigurationPrefixes(true);
	180	+
	181	+ return count($all) !== count($active) \|\| count($all) === 0;
	182	+ }
	183	+
	184	+ /**
	185	+ * extracts the domain from a given URL
	186	+ *
	187	+ * @param string $url the URL
	188	+ * @return string\|false domain as string on success, false otherwise
	189	+ */
	190	+ public function getDomainFromURL($url) {
	191	+ $uinfo = parse_url($url);
	192	+ if (!is_array($uinfo)) {
	193	+ return false;
	194	+ }
	195	+
	196	+ $domain = false;
	197	+ if (isset($uinfo['host'])) {
	198	+ $domain = $uinfo['host'];
	199	+ } elseif (isset($uinfo['path'])) {
	200	+ $domain = $uinfo['path'];
	201	+ }
	202	+
	203	+ return $domain;
	204	+ }
	205	+
	206	+ /**
	207	+ * sanitizes a DN received from the LDAP server
	208	+ *
	209	+ * @param array\|string $dn the DN in question
	210	+ * @return array\|string the sanitized DN
	211	+ */
	212	+ public function sanitizeDN($dn) {
	213	+ //treating multiple base DNs
	214	+ if (is_array($dn)) {
	215	+ $result = [];
	216	+ foreach ($dn as $singleDN) {
	217	+ $result[] = $this->sanitizeDN($singleDN);
	218	+ }
	219	+ return $result;
	220	+ }
	221	+
	222	+ if (!is_string($dn)) {
	223	+ throw new \LogicException('String expected ' . \gettype($dn) . ' given');
	224	+ }
	225	+
	226	+ if (($sanitizedDn = $this->sanitizeDnCache->get($dn)) !== null) {
	227	+ return $sanitizedDn;
	228	+ }
	229	+
	230	+ //OID sometimes gives back DNs with whitespace after the comma
	231	+ // a la "uid=foo, cn=bar, dn=..." We need to tackle this!
	232	+ $sanitizedDn = preg_replace('/([^\\\]),(\s+)/u', '\1,', $dn);
	233	+
	234	+ //make comparisons and everything work
	235	+ $sanitizedDn = mb_strtolower($sanitizedDn, 'UTF-8');
	236	+
	237	+ //escape DN values according to RFC 2253 – this is already done by ldap_explode_dn
	238	+ //to use the DN in search filters, \ needs to be escaped to \5c additionally
	239	+ //to use them in bases, we convert them back to simple backslashes in readAttribute()
	240	+ $replacements = [
	241	+ '\,' => '\5c2C',
	242	+ '\=' => '\5c3D',
	243	+ '\+' => '\5c2B',
	244	+ '\<' => '\5c3C',
	245	+ '\>' => '\5c3E',
	246	+ '\;' => '\5c3B',
	247	+ '\"' => '\5c22',
	248	+ '\#' => '\5c23',
	249	+ '(' => '\28',
	250	+ ')' => '\29',
	251	+ '*' => '\2A',
	252	+ ];
	253	+ $sanitizedDn = str_replace(array_keys($replacements), array_values($replacements), $sanitizedDn);
	254	+ $this->sanitizeDnCache->set($dn, $sanitizedDn);
	255	+
	256	+ return $sanitizedDn;
	257	+ }
	258	+
	259	+ /**
	260	+ * converts a stored DN so it can be used as base parameter for LDAP queries, internally we store them for usage in LDAP filters
	261	+ *
	262	+ * @param string $dn the DN
	263	+ * @return string
	264	+ */
	265	+ public function DNasBaseParameter($dn) {
	266	+ return str_ireplace('\\5c', '\\', $dn);
	267	+ }
	268	+
	269	+ /**
	270	+ * listens to a hook thrown by server2server sharing and replaces the given
	271	+ * login name by a username, if it matches an LDAP user.
	272	+ *
	273	+ * @param array $param contains a reference to a $uid var under 'uid' key
	274	+ * @throws \Exception
	275	+ */
	276	+ public static function loginName2UserName($param): void {
	277	+ if (!isset($param['uid'])) {
	278	+ throw new \Exception('key uid is expected to be set in $param');
	279	+ }
	280	+
	281	+ $userBackend = \OC::$server->get(User_Proxy::class);
	282	+ $uid = $userBackend->loginName2UserName($param['uid']);
	283	+ if ($uid !== false) {
	284	+ $param['uid'] = $uid;
	285	+ }
	286	+ }
287	287	}

nextcloud / server

Push — master ( 48bb54...fe33e9 )

Status

Category

Indentation +201 added lines, -201 removed lines patch added patch discarded remove patch

Indentation +249 added lines, -249 removed lines patch added patch discarded remove patch

Indentation +706 added lines, -706 removed lines patch added patch discarded remove patch

Indentation +679 added lines, -679 removed lines patch added patch discarded remove patch