nextcloud /
server
@@ -64,620 +64,620 @@ |
||
| 64 | 64 | * @property string homeFolderNamingRule |
| 65 | 65 | */ |
| 66 | 66 | class Connection extends LDAPUtility { |
| 67 | - private $ldapConnectionRes = null; |
|
| 68 | - private $configPrefix; |
|
| 69 | - private $configID; |
|
| 70 | - private $configured = false; |
|
| 71 | - //whether connection should be kept on __destruct |
|
| 72 | - private $dontDestruct = false; |
|
| 73 | - |
|
| 74 | - /** |
|
| 75 | - * @var bool runtime flag that indicates whether supported primary groups are available |
|
| 76 | - */ |
|
| 77 | - public $hasPrimaryGroups = true; |
|
| 78 | - |
|
| 79 | - /** |
|
| 80 | - * @var bool runtime flag that indicates whether supported POSIX gidNumber are available |
|
| 81 | - */ |
|
| 82 | - public $hasGidNumber = true; |
|
| 83 | - |
|
| 84 | - //cache handler |
|
| 85 | - protected $cache; |
|
| 86 | - |
|
| 87 | - /** @var Configuration settings handler **/ |
|
| 88 | - protected $configuration; |
|
| 89 | - |
|
| 90 | - protected $doNotValidate = false; |
|
| 91 | - |
|
| 92 | - protected $ignoreValidation = false; |
|
| 93 | - |
|
| 94 | - protected $bindResult = []; |
|
| 95 | - |
|
| 96 | - /** |
|
| 97 | - * Constructor |
|
| 98 | - * @param ILDAPWrapper $ldap |
|
| 99 | - * @param string $configPrefix a string with the prefix for the configkey column (appconfig table) |
|
| 100 | - * @param string|null $configID a string with the value for the appid column (appconfig table) or null for on-the-fly connections |
|
| 101 | - */ |
|
| 102 | - public function __construct(ILDAPWrapper $ldap, $configPrefix = '', $configID = 'user_ldap') { |
|
| 103 | - parent::__construct($ldap); |
|
| 104 | - $this->configPrefix = $configPrefix; |
|
| 105 | - $this->configID = $configID; |
|
| 106 | - $this->configuration = new Configuration($configPrefix, |
|
| 107 | - !is_null($configID)); |
|
| 108 | - $memcache = \OC::$server->getMemCacheFactory(); |
|
| 109 | - if($memcache->isAvailable()) { |
|
| 110 | - $this->cache = $memcache->createDistributed(); |
|
| 111 | - } |
|
| 112 | - $helper = new Helper(\OC::$server->getConfig()); |
|
| 113 | - $this->doNotValidate = !in_array($this->configPrefix, |
|
| 114 | - $helper->getServerConfigurationPrefixes()); |
|
| 115 | - } |
|
| 116 | - |
|
| 117 | - public function __destruct() { |
|
| 118 | - if(!$this->dontDestruct && $this->ldap->isResource($this->ldapConnectionRes)) { |
|
| 119 | - @$this->ldap->unbind($this->ldapConnectionRes); |
|
| 120 | - $this->bindResult = []; |
|
| 121 | - } |
|
| 122 | - } |
|
| 123 | - |
|
| 124 | - /** |
|
| 125 | - * defines behaviour when the instance is cloned |
|
| 126 | - */ |
|
| 127 | - public function __clone() { |
|
| 128 | - $this->configuration = new Configuration($this->configPrefix, |
|
| 129 | - !is_null($this->configID)); |
|
| 130 | - if(count($this->bindResult) !== 0 && $this->bindResult['result'] === true) { |
|
| 131 | - $this->bindResult = []; |
|
| 132 | - } |
|
| 133 | - $this->ldapConnectionRes = null; |
|
| 134 | - $this->dontDestruct = true; |
|
| 135 | - } |
|
| 136 | - |
|
| 137 | - /** |
|
| 138 | - * @param string $name |
|
| 139 | - * @return bool|mixed |
|
| 140 | - */ |
|
| 141 | - public function __get($name) { |
|
| 142 | - if(!$this->configured) { |
|
| 143 | - $this->readConfiguration(); |
|
| 144 | - } |
|
| 145 | - |
|
| 146 | - return $this->configuration->$name; |
|
| 147 | - } |
|
| 148 | - |
|
| 149 | - /** |
|
| 150 | - * @param string $name |
|
| 151 | - * @param mixed $value |
|
| 152 | - */ |
|
| 153 | - public function __set($name, $value) { |
|
| 154 | - $this->doNotValidate = false; |
|
| 155 | - $before = $this->configuration->$name; |
|
| 156 | - $this->configuration->$name = $value; |
|
| 157 | - $after = $this->configuration->$name; |
|
| 158 | - if($before !== $after) { |
|
| 159 | - if ($this->configID !== '' && $this->configID !== null) { |
|
| 160 | - $this->configuration->saveConfiguration(); |
|
| 161 | - } |
|
| 162 | - $this->validateConfiguration(); |
|
| 163 | - } |
|
| 164 | - } |
|
| 165 | - |
|
| 166 | - /** |
|
| 167 | - * @param string $rule |
|
| 168 | - * @return array |
|
| 169 | - * @throws \RuntimeException |
|
| 170 | - */ |
|
| 171 | - public function resolveRule($rule) { |
|
| 172 | - return $this->configuration->resolveRule($rule); |
|
| 173 | - } |
|
| 174 | - |
|
| 175 | - /** |
|
| 176 | - * sets whether the result of the configuration validation shall |
|
| 177 | - * be ignored when establishing the connection. Used by the Wizard |
|
| 178 | - * in early configuration state. |
|
| 179 | - * @param bool $state |
|
| 180 | - */ |
|
| 181 | - public function setIgnoreValidation($state) { |
|
| 182 | - $this->ignoreValidation = (bool)$state; |
|
| 183 | - } |
|
| 184 | - |
|
| 185 | - /** |
|
| 186 | - * initializes the LDAP backend |
|
| 187 | - * @param bool $force read the config settings no matter what |
|
| 188 | - */ |
|
| 189 | - public function init($force = false) { |
|
| 190 | - $this->readConfiguration($force); |
|
| 191 | - $this->establishConnection(); |
|
| 192 | - } |
|
| 193 | - |
|
| 194 | - /** |
|
| 195 | - * Returns the LDAP handler |
|
| 196 | - */ |
|
| 197 | - public function getConnectionResource() { |
|
| 198 | - if(!$this->ldapConnectionRes) { |
|
| 199 | - $this->init(); |
|
| 200 | - } else if(!$this->ldap->isResource($this->ldapConnectionRes)) { |
|
| 201 | - $this->ldapConnectionRes = null; |
|
| 202 | - $this->establishConnection(); |
|
| 203 | - } |
|
| 204 | - if(is_null($this->ldapConnectionRes)) { |
|
| 205 | - \OCP\Util::writeLog('user_ldap', 'No LDAP Connection to server ' . $this->configuration->ldapHost, ILogger::ERROR); |
|
| 206 | - throw new ServerNotAvailableException('Connection to LDAP server could not be established'); |
|
| 207 | - } |
|
| 208 | - return $this->ldapConnectionRes; |
|
| 209 | - } |
|
| 210 | - |
|
| 211 | - /** |
|
| 212 | - * resets the connection resource |
|
| 213 | - */ |
|
| 214 | - public function resetConnectionResource() { |
|
| 215 | - if(!is_null($this->ldapConnectionRes)) { |
|
| 216 | - @$this->ldap->unbind($this->ldapConnectionRes); |
|
| 217 | - $this->ldapConnectionRes = null; |
|
| 218 | - $this->bindResult = []; |
|
| 219 | - } |
|
| 220 | - } |
|
| 221 | - |
|
| 222 | - /** |
|
| 223 | - * @param string|null $key |
|
| 224 | - * @return string |
|
| 225 | - */ |
|
| 226 | - private function getCacheKey($key) { |
|
| 227 | - $prefix = 'LDAP-'.$this->configID.'-'.$this->configPrefix.'-'; |
|
| 228 | - if(is_null($key)) { |
|
| 229 | - return $prefix; |
|
| 230 | - } |
|
| 231 | - return $prefix.hash('sha256', $key); |
|
| 232 | - } |
|
| 233 | - |
|
| 234 | - /** |
|
| 235 | - * @param string $key |
|
| 236 | - * @return mixed|null |
|
| 237 | - */ |
|
| 238 | - public function getFromCache($key) { |
|
| 239 | - if(!$this->configured) { |
|
| 240 | - $this->readConfiguration(); |
|
| 241 | - } |
|
| 242 | - if(is_null($this->cache) || !$this->configuration->ldapCacheTTL) { |
|
| 243 | - return null; |
|
| 244 | - } |
|
| 245 | - $key = $this->getCacheKey($key); |
|
| 246 | - |
|
| 247 | - return json_decode(base64_decode($this->cache->get($key)), true); |
|
| 248 | - } |
|
| 249 | - |
|
| 250 | - /** |
|
| 251 | - * @param string $key |
|
| 252 | - * @param mixed $value |
|
| 253 | - * |
|
| 254 | - * @return string |
|
| 255 | - */ |
|
| 256 | - public function writeToCache($key, $value) { |
|
| 257 | - if(!$this->configured) { |
|
| 258 | - $this->readConfiguration(); |
|
| 259 | - } |
|
| 260 | - if(is_null($this->cache) |
|
| 261 | - || !$this->configuration->ldapCacheTTL |
|
| 262 | - || !$this->configuration->ldapConfigurationActive) { |
|
| 263 | - return null; |
|
| 264 | - } |
|
| 265 | - $key = $this->getCacheKey($key); |
|
| 266 | - $value = base64_encode(json_encode($value)); |
|
| 267 | - $this->cache->set($key, $value, $this->configuration->ldapCacheTTL); |
|
| 268 | - } |
|
| 269 | - |
|
| 270 | - public function clearCache() { |
|
| 271 | - if(!is_null($this->cache)) { |
|
| 272 | - $this->cache->clear($this->getCacheKey(null)); |
|
| 273 | - } |
|
| 274 | - } |
|
| 275 | - |
|
| 276 | - /** |
|
| 277 | - * Caches the general LDAP configuration. |
|
| 278 | - * @param bool $force optional. true, if the re-read should be forced. defaults |
|
| 279 | - * to false. |
|
| 280 | - * @return null |
|
| 281 | - */ |
|
| 282 | - private function readConfiguration($force = false) { |
|
| 283 | - if((!$this->configured || $force) && !is_null($this->configID)) { |
|
| 284 | - $this->configuration->readConfiguration(); |
|
| 285 | - $this->configured = $this->validateConfiguration(); |
|
| 286 | - } |
|
| 287 | - } |
|
| 288 | - |
|
| 289 | - /** |
|
| 290 | - * set LDAP configuration with values delivered by an array, not read from configuration |
|
| 291 | - * @param array $config array that holds the config parameters in an associated array |
|
| 292 | - * @param array &$setParameters optional; array where the set fields will be given to |
|
| 293 | - * @return boolean true if config validates, false otherwise. Check with $setParameters for detailed success on single parameters |
|
| 294 | - */ |
|
| 295 | - public function setConfiguration($config, &$setParameters = null) { |
|
| 296 | - if(is_null($setParameters)) { |
|
| 297 | - $setParameters = array(); |
|
| 298 | - } |
|
| 299 | - $this->doNotValidate = false; |
|
| 300 | - $this->configuration->setConfiguration($config, $setParameters); |
|
| 301 | - if(count($setParameters) > 0) { |
|
| 302 | - $this->configured = $this->validateConfiguration(); |
|
| 303 | - } |
|
| 304 | - |
|
| 305 | - |
|
| 306 | - return $this->configured; |
|
| 307 | - } |
|
| 308 | - |
|
| 309 | - /** |
|
| 310 | - * saves the current Configuration in the database and empties the |
|
| 311 | - * cache |
|
| 312 | - * @return null |
|
| 313 | - */ |
|
| 314 | - public function saveConfiguration() { |
|
| 315 | - $this->configuration->saveConfiguration(); |
|
| 316 | - $this->clearCache(); |
|
| 317 | - } |
|
| 318 | - |
|
| 319 | - /** |
|
| 320 | - * get the current LDAP configuration |
|
| 321 | - * @return array |
|
| 322 | - */ |
|
| 323 | - public function getConfiguration() { |
|
| 324 | - $this->readConfiguration(); |
|
| 325 | - $config = $this->configuration->getConfiguration(); |
|
| 326 | - $cta = $this->configuration->getConfigTranslationArray(); |
|
| 327 | - $result = array(); |
|
| 328 | - foreach($cta as $dbkey => $configkey) { |
|
| 329 | - switch($configkey) { |
|
| 330 | - case 'homeFolderNamingRule': |
|
| 331 | - if(strpos($config[$configkey], 'attr:') === 0) { |
|
| 332 | - $result[$dbkey] = substr($config[$configkey], 5); |
|
| 333 | - } else { |
|
| 334 | - $result[$dbkey] = ''; |
|
| 335 | - } |
|
| 336 | - break; |
|
| 337 | - case 'ldapBase': |
|
| 338 | - case 'ldapBaseUsers': |
|
| 339 | - case 'ldapBaseGroups': |
|
| 340 | - case 'ldapAttributesForUserSearch': |
|
| 341 | - case 'ldapAttributesForGroupSearch': |
|
| 342 | - if(is_array($config[$configkey])) { |
|
| 343 | - $result[$dbkey] = implode("\n", $config[$configkey]); |
|
| 344 | - break; |
|
| 345 | - } //else follows default |
|
| 346 | - default: |
|
| 347 | - $result[$dbkey] = $config[$configkey]; |
|
| 348 | - } |
|
| 349 | - } |
|
| 350 | - return $result; |
|
| 351 | - } |
|
| 352 | - |
|
| 353 | - private function doSoftValidation() { |
|
| 354 | - //if User or Group Base are not set, take over Base DN setting |
|
| 355 | - foreach(array('ldapBaseUsers', 'ldapBaseGroups') as $keyBase) { |
|
| 356 | - $val = $this->configuration->$keyBase; |
|
| 357 | - if(empty($val)) { |
|
| 358 | - $this->configuration->$keyBase = $this->configuration->ldapBase; |
|
| 359 | - } |
|
| 360 | - } |
|
| 361 | - |
|
| 362 | - foreach(array('ldapExpertUUIDUserAttr' => 'ldapUuidUserAttribute', |
|
| 363 | - 'ldapExpertUUIDGroupAttr' => 'ldapUuidGroupAttribute') |
|
| 364 | - as $expertSetting => $effectiveSetting) { |
|
| 365 | - $uuidOverride = $this->configuration->$expertSetting; |
|
| 366 | - if(!empty($uuidOverride)) { |
|
| 367 | - $this->configuration->$effectiveSetting = $uuidOverride; |
|
| 368 | - } else { |
|
| 369 | - $uuidAttributes = Access::UUID_ATTRIBUTES; |
|
| 370 | - array_unshift($uuidAttributes, 'auto'); |
|
| 371 | - if(!in_array($this->configuration->$effectiveSetting, |
|
| 372 | - $uuidAttributes) |
|
| 373 | - && (!is_null($this->configID))) { |
|
| 374 | - $this->configuration->$effectiveSetting = 'auto'; |
|
| 375 | - $this->configuration->saveConfiguration(); |
|
| 376 | - \OCP\Util::writeLog('user_ldap', |
|
| 377 | - 'Illegal value for the '. |
|
| 378 | - $effectiveSetting.', '.'reset to '. |
|
| 379 | - 'autodetect.', ILogger::INFO); |
|
| 380 | - } |
|
| 381 | - |
|
| 382 | - } |
|
| 383 | - } |
|
| 384 | - |
|
| 385 | - $backupPort = (int)$this->configuration->ldapBackupPort; |
|
| 386 | - if ($backupPort <= 0) { |
|
| 387 | - $this->configuration->backupPort = $this->configuration->ldapPort; |
|
| 388 | - } |
|
| 389 | - |
|
| 390 | - //make sure empty search attributes are saved as simple, empty array |
|
| 391 | - $saKeys = array('ldapAttributesForUserSearch', |
|
| 392 | - 'ldapAttributesForGroupSearch'); |
|
| 393 | - foreach($saKeys as $key) { |
|
| 394 | - $val = $this->configuration->$key; |
|
| 395 | - if(is_array($val) && count($val) === 1 && empty($val[0])) { |
|
| 396 | - $this->configuration->$key = array(); |
|
| 397 | - } |
|
| 398 | - } |
|
| 399 | - |
|
| 400 | - if((stripos($this->configuration->ldapHost, 'ldaps://') === 0) |
|
| 401 | - && $this->configuration->ldapTLS) { |
|
| 402 | - $this->configuration->ldapTLS = false; |
|
| 403 | - \OCP\Util::writeLog( |
|
| 404 | - 'user_ldap', |
|
| 405 | - 'LDAPS (already using secure connection) and TLS do not work together. Switched off TLS.', |
|
| 406 | - ILogger::INFO |
|
| 407 | - ); |
|
| 408 | - } |
|
| 409 | - } |
|
| 410 | - |
|
| 411 | - /** |
|
| 412 | - * @return bool |
|
| 413 | - */ |
|
| 414 | - private function doCriticalValidation() { |
|
| 415 | - $configurationOK = true; |
|
| 416 | - $errorStr = 'Configuration Error (prefix '. |
|
| 417 | - (string)$this->configPrefix .'): '; |
|
| 418 | - |
|
| 419 | - //options that shall not be empty |
|
| 420 | - $options = array('ldapHost', 'ldapPort', 'ldapUserDisplayName', |
|
| 421 | - 'ldapGroupDisplayName', 'ldapLoginFilter'); |
|
| 422 | - foreach($options as $key) { |
|
| 423 | - $val = $this->configuration->$key; |
|
| 424 | - if(empty($val)) { |
|
| 425 | - switch($key) { |
|
| 426 | - case 'ldapHost': |
|
| 427 | - $subj = 'LDAP Host'; |
|
| 428 | - break; |
|
| 429 | - case 'ldapPort': |
|
| 430 | - $subj = 'LDAP Port'; |
|
| 431 | - break; |
|
| 432 | - case 'ldapUserDisplayName': |
|
| 433 | - $subj = 'LDAP User Display Name'; |
|
| 434 | - break; |
|
| 435 | - case 'ldapGroupDisplayName': |
|
| 436 | - $subj = 'LDAP Group Display Name'; |
|
| 437 | - break; |
|
| 438 | - case 'ldapLoginFilter': |
|
| 439 | - $subj = 'LDAP Login Filter'; |
|
| 440 | - break; |
|
| 441 | - default: |
|
| 442 | - $subj = $key; |
|
| 443 | - break; |
|
| 444 | - } |
|
| 445 | - $configurationOK = false; |
|
| 446 | - \OCP\Util::writeLog( |
|
| 447 | - 'user_ldap', |
|
| 448 | - $errorStr.'No '.$subj.' given!', |
|
| 449 | - ILogger::WARN |
|
| 450 | - ); |
|
| 451 | - } |
|
| 452 | - } |
|
| 453 | - |
|
| 454 | - //combinations |
|
| 455 | - $agent = $this->configuration->ldapAgentName; |
|
| 456 | - $pwd = $this->configuration->ldapAgentPassword; |
|
| 457 | - if ( |
|
| 458 | - ($agent === '' && $pwd !== '') |
|
| 459 | - || ($agent !== '' && $pwd === '') |
|
| 460 | - ) { |
|
| 461 | - \OCP\Util::writeLog( |
|
| 462 | - 'user_ldap', |
|
| 463 | - $errorStr.'either no password is given for the user ' . |
|
| 464 | - 'agent or a password is given, but not an LDAP agent.', |
|
| 465 | - ILogger::WARN); |
|
| 466 | - $configurationOK = false; |
|
| 467 | - } |
|
| 468 | - |
|
| 469 | - $base = $this->configuration->ldapBase; |
|
| 470 | - $baseUsers = $this->configuration->ldapBaseUsers; |
|
| 471 | - $baseGroups = $this->configuration->ldapBaseGroups; |
|
| 472 | - |
|
| 473 | - if(empty($base) && empty($baseUsers) && empty($baseGroups)) { |
|
| 474 | - \OCP\Util::writeLog( |
|
| 475 | - 'user_ldap', |
|
| 476 | - $errorStr.'Not a single Base DN given.', |
|
| 477 | - ILogger::WARN |
|
| 478 | - ); |
|
| 479 | - $configurationOK = false; |
|
| 480 | - } |
|
| 481 | - |
|
| 482 | - if(mb_strpos($this->configuration->ldapLoginFilter, '%uid', 0, 'UTF-8') |
|
| 483 | - === false) { |
|
| 484 | - \OCP\Util::writeLog( |
|
| 485 | - 'user_ldap', |
|
| 486 | - $errorStr.'login filter does not contain %uid place holder.', |
|
| 487 | - ILogger::WARN |
|
| 488 | - ); |
|
| 489 | - $configurationOK = false; |
|
| 490 | - } |
|
| 491 | - |
|
| 492 | - return $configurationOK; |
|
| 493 | - } |
|
| 494 | - |
|
| 495 | - /** |
|
| 496 | - * Validates the user specified configuration |
|
| 497 | - * @return bool true if configuration seems OK, false otherwise |
|
| 498 | - */ |
|
| 499 | - private function validateConfiguration() { |
|
| 500 | - |
|
| 501 | - if($this->doNotValidate) { |
|
| 502 | - //don't do a validation if it is a new configuration with pure |
|
| 503 | - //default values. Will be allowed on changes via __set or |
|
| 504 | - //setConfiguration |
|
| 505 | - return false; |
|
| 506 | - } |
|
| 507 | - |
|
| 508 | - // first step: "soft" checks: settings that are not really |
|
| 509 | - // necessary, but advisable. If left empty, give an info message |
|
| 510 | - $this->doSoftValidation(); |
|
| 511 | - |
|
| 512 | - //second step: critical checks. If left empty or filled wrong, mark as |
|
| 513 | - //not configured and give a warning. |
|
| 514 | - return $this->doCriticalValidation(); |
|
| 515 | - } |
|
| 516 | - |
|
| 517 | - |
|
| 518 | - /** |
|
| 519 | - * Connects and Binds to LDAP |
|
| 520 | - * |
|
| 521 | - * @throws ServerNotAvailableException |
|
| 522 | - */ |
|
| 523 | - private function establishConnection() { |
|
| 524 | - if(!$this->configuration->ldapConfigurationActive) { |
|
| 525 | - return null; |
|
| 526 | - } |
|
| 527 | - static $phpLDAPinstalled = true; |
|
| 528 | - if(!$phpLDAPinstalled) { |
|
| 529 | - return false; |
|
| 530 | - } |
|
| 531 | - if(!$this->ignoreValidation && !$this->configured) { |
|
| 532 | - \OCP\Util::writeLog( |
|
| 533 | - 'user_ldap', |
|
| 534 | - 'Configuration is invalid, cannot connect', |
|
| 535 | - ILogger::WARN |
|
| 536 | - ); |
|
| 537 | - return false; |
|
| 538 | - } |
|
| 539 | - if(!$this->ldapConnectionRes) { |
|
| 540 | - if(!$this->ldap->areLDAPFunctionsAvailable()) { |
|
| 541 | - $phpLDAPinstalled = false; |
|
| 542 | - \OCP\Util::writeLog( |
|
| 543 | - 'user_ldap', |
|
| 544 | - 'function ldap_connect is not available. Make sure that the PHP ldap module is installed.', |
|
| 545 | - ILogger::ERROR |
|
| 546 | - ); |
|
| 547 | - |
|
| 548 | - return false; |
|
| 549 | - } |
|
| 550 | - if($this->configuration->turnOffCertCheck) { |
|
| 551 | - if(putenv('LDAPTLS_REQCERT=never')) { |
|
| 552 | - \OCP\Util::writeLog('user_ldap', |
|
| 553 | - 'Turned off SSL certificate validation successfully.', |
|
| 554 | - ILogger::DEBUG); |
|
| 555 | - } else { |
|
| 556 | - \OCP\Util::writeLog( |
|
| 557 | - 'user_ldap', |
|
| 558 | - 'Could not turn off SSL certificate validation.', |
|
| 559 | - ILogger::WARN |
|
| 560 | - ); |
|
| 561 | - } |
|
| 562 | - } |
|
| 563 | - |
|
| 564 | - $isOverrideMainServer = ($this->configuration->ldapOverrideMainServer |
|
| 565 | - || $this->getFromCache('overrideMainServer')); |
|
| 566 | - $isBackupHost = (trim($this->configuration->ldapBackupHost) !== ""); |
|
| 567 | - $bindStatus = false; |
|
| 568 | - try { |
|
| 569 | - if (!$isOverrideMainServer) { |
|
| 570 | - $this->doConnect($this->configuration->ldapHost, |
|
| 571 | - $this->configuration->ldapPort); |
|
| 572 | - return $this->bind(); |
|
| 573 | - } |
|
| 574 | - } catch (ServerNotAvailableException $e) { |
|
| 575 | - if(!$isBackupHost) { |
|
| 576 | - throw $e; |
|
| 577 | - } |
|
| 578 | - } |
|
| 579 | - |
|
| 580 | - //if LDAP server is not reachable, try the Backup (Replica!) Server |
|
| 581 | - if($isBackupHost || $isOverrideMainServer) { |
|
| 582 | - $this->doConnect($this->configuration->ldapBackupHost, |
|
| 583 | - $this->configuration->ldapBackupPort); |
|
| 584 | - $this->bindResult = []; |
|
| 585 | - $bindStatus = $this->bind(); |
|
| 586 | - $error = $this->ldap->isResource($this->ldapConnectionRes) ? |
|
| 587 | - $this->ldap->errno($this->ldapConnectionRes) : -1; |
|
| 588 | - if($bindStatus && $error === 0 && !$this->getFromCache('overrideMainServer')) { |
|
| 589 | - //when bind to backup server succeeded and failed to main server, |
|
| 590 | - //skip contacting him until next cache refresh |
|
| 591 | - $this->writeToCache('overrideMainServer', true); |
|
| 592 | - } |
|
| 593 | - } |
|
| 594 | - |
|
| 595 | - return $bindStatus; |
|
| 596 | - } |
|
| 597 | - return null; |
|
| 598 | - } |
|
| 599 | - |
|
| 600 | - /** |
|
| 601 | - * @param string $host |
|
| 602 | - * @param string $port |
|
| 603 | - * @return bool |
|
| 604 | - * @throws \OC\ServerNotAvailableException |
|
| 605 | - */ |
|
| 606 | - private function doConnect($host, $port) { |
|
| 607 | - if ($host === '') { |
|
| 608 | - return false; |
|
| 609 | - } |
|
| 610 | - |
|
| 611 | - $this->ldapConnectionRes = $this->ldap->connect($host, $port); |
|
| 612 | - |
|
| 613 | - if(!$this->ldap->setOption($this->ldapConnectionRes, LDAP_OPT_PROTOCOL_VERSION, 3)) { |
|
| 614 | - throw new ServerNotAvailableException('Could not set required LDAP Protocol version.'); |
|
| 615 | - } |
|
| 616 | - |
|
| 617 | - if(!$this->ldap->setOption($this->ldapConnectionRes, LDAP_OPT_REFERRALS, 0)) { |
|
| 618 | - throw new ServerNotAvailableException('Could not disable LDAP referrals.'); |
|
| 619 | - } |
|
| 620 | - |
|
| 621 | - if($this->configuration->ldapTLS) { |
|
| 622 | - if(!$this->ldap->startTls($this->ldapConnectionRes)) { |
|
| 623 | - throw new ServerNotAvailableException('Start TLS failed, when connecting to LDAP host ' . $host . '.'); |
|
| 624 | - } |
|
| 625 | - } |
|
| 626 | - |
|
| 627 | - return true; |
|
| 628 | - } |
|
| 629 | - |
|
| 630 | - /** |
|
| 631 | - * Binds to LDAP |
|
| 632 | - */ |
|
| 633 | - public function bind() { |
|
| 634 | - if(!$this->configuration->ldapConfigurationActive) { |
|
| 635 | - return false; |
|
| 636 | - } |
|
| 637 | - $cr = $this->ldapConnectionRes; |
|
| 638 | - if(!$this->ldap->isResource($cr)) { |
|
| 639 | - $cr = $this->getConnectionResource(); |
|
| 640 | - } |
|
| 641 | - |
|
| 642 | - if( |
|
| 643 | - count($this->bindResult) !== 0 |
|
| 644 | - && $this->bindResult['dn'] === $this->configuration->ldapAgentName |
|
| 645 | - && \OC::$server->getHasher()->verify( |
|
| 646 | - $this->configPrefix . $this->configuration->ldapAgentPassword, |
|
| 647 | - $this->bindResult['hash'] |
|
| 648 | - ) |
|
| 649 | - ) { |
|
| 650 | - // don't attempt to bind again with the same data as before |
|
| 651 | - // bind might have been invoked via getConnectionResource(), |
|
| 652 | - // but we need results specifically for e.g. user login |
|
| 653 | - return $this->bindResult['result']; |
|
| 654 | - } |
|
| 655 | - |
|
| 656 | - $ldapLogin = @$this->ldap->bind($cr, |
|
| 657 | - $this->configuration->ldapAgentName, |
|
| 658 | - $this->configuration->ldapAgentPassword); |
|
| 659 | - |
|
| 660 | - $this->bindResult = [ |
|
| 661 | - 'dn' => $this->configuration->ldapAgentName, |
|
| 662 | - 'hash' => \OC::$server->getHasher()->hash($this->configPrefix . $this->configuration->ldapAgentPassword), |
|
| 663 | - 'result' => $ldapLogin, |
|
| 664 | - ]; |
|
| 665 | - |
|
| 666 | - if(!$ldapLogin) { |
|
| 667 | - $errno = $this->ldap->errno($cr); |
|
| 668 | - |
|
| 669 | - \OCP\Util::writeLog('user_ldap', |
|
| 670 | - 'Bind failed: ' . $errno . ': ' . $this->ldap->error($cr), |
|
| 671 | - ILogger::WARN); |
|
| 672 | - |
|
| 673 | - // Set to failure mode, if LDAP error code is not LDAP_SUCCESS or LDAP_INVALID_CREDENTIALS |
|
| 674 | - if($errno !== 0x00 && $errno !== 0x31) { |
|
| 675 | - $this->ldapConnectionRes = null; |
|
| 676 | - } |
|
| 677 | - |
|
| 678 | - return false; |
|
| 679 | - } |
|
| 680 | - return true; |
|
| 681 | - } |
|
| 67 | + private $ldapConnectionRes = null; |
|
| 68 | + private $configPrefix; |
|
| 69 | + private $configID; |
|
| 70 | + private $configured = false; |
|
| 71 | + //whether connection should be kept on __destruct |
|
| 72 | + private $dontDestruct = false; |
|
| 73 | + |
|
| 74 | + /** |
|
| 75 | + * @var bool runtime flag that indicates whether supported primary groups are available |
|
| 76 | + */ |
|
| 77 | + public $hasPrimaryGroups = true; |
|
| 78 | + |
|
| 79 | + /** |
|
| 80 | + * @var bool runtime flag that indicates whether supported POSIX gidNumber are available |
|
| 81 | + */ |
|
| 82 | + public $hasGidNumber = true; |
|
| 83 | + |
|
| 84 | + //cache handler |
|
| 85 | + protected $cache; |
|
| 86 | + |
|
| 87 | + /** @var Configuration settings handler **/ |
|
| 88 | + protected $configuration; |
|
| 89 | + |
|
| 90 | + protected $doNotValidate = false; |
|
| 91 | + |
|
| 92 | + protected $ignoreValidation = false; |
|
| 93 | + |
|
| 94 | + protected $bindResult = []; |
|
| 95 | + |
|
| 96 | + /** |
|
| 97 | + * Constructor |
|
| 98 | + * @param ILDAPWrapper $ldap |
|
| 99 | + * @param string $configPrefix a string with the prefix for the configkey column (appconfig table) |
|
| 100 | + * @param string|null $configID a string with the value for the appid column (appconfig table) or null for on-the-fly connections |
|
| 101 | + */ |
|
| 102 | + public function __construct(ILDAPWrapper $ldap, $configPrefix = '', $configID = 'user_ldap') { |
|
| 103 | + parent::__construct($ldap); |
|
| 104 | + $this->configPrefix = $configPrefix; |
|
| 105 | + $this->configID = $configID; |
|
| 106 | + $this->configuration = new Configuration($configPrefix, |
|
| 107 | + !is_null($configID)); |
|
| 108 | + $memcache = \OC::$server->getMemCacheFactory(); |
|
| 109 | + if($memcache->isAvailable()) { |
|
| 110 | + $this->cache = $memcache->createDistributed(); |
|
| 111 | + } |
|
| 112 | + $helper = new Helper(\OC::$server->getConfig()); |
|
| 113 | + $this->doNotValidate = !in_array($this->configPrefix, |
|
| 114 | + $helper->getServerConfigurationPrefixes()); |
|
| 115 | + } |
|
| 116 | + |
|
| 117 | + public function __destruct() { |
|
| 118 | + if(!$this->dontDestruct && $this->ldap->isResource($this->ldapConnectionRes)) { |
|
| 119 | + @$this->ldap->unbind($this->ldapConnectionRes); |
|
| 120 | + $this->bindResult = []; |
|
| 121 | + } |
|
| 122 | + } |
|
| 123 | + |
|
| 124 | + /** |
|
| 125 | + * defines behaviour when the instance is cloned |
|
| 126 | + */ |
|
| 127 | + public function __clone() { |
|
| 128 | + $this->configuration = new Configuration($this->configPrefix, |
|
| 129 | + !is_null($this->configID)); |
|
| 130 | + if(count($this->bindResult) !== 0 && $this->bindResult['result'] === true) { |
|
| 131 | + $this->bindResult = []; |
|
| 132 | + } |
|
| 133 | + $this->ldapConnectionRes = null; |
|
| 134 | + $this->dontDestruct = true; |
|
| 135 | + } |
|
| 136 | + |
|
| 137 | + /** |
|
| 138 | + * @param string $name |
|
| 139 | + * @return bool|mixed |
|
| 140 | + */ |
|
| 141 | + public function __get($name) { |
|
| 142 | + if(!$this->configured) { |
|
| 143 | + $this->readConfiguration(); |
|
| 144 | + } |
|
| 145 | + |
|
| 146 | + return $this->configuration->$name; |
|
| 147 | + } |
|
| 148 | + |
|
| 149 | + /** |
|
| 150 | + * @param string $name |
|
| 151 | + * @param mixed $value |
|
| 152 | + */ |
|
| 153 | + public function __set($name, $value) { |
|
| 154 | + $this->doNotValidate = false; |
|
| 155 | + $before = $this->configuration->$name; |
|
| 156 | + $this->configuration->$name = $value; |
|
| 157 | + $after = $this->configuration->$name; |
|
| 158 | + if($before !== $after) { |
|
| 159 | + if ($this->configID !== '' && $this->configID !== null) { |
|
| 160 | + $this->configuration->saveConfiguration(); |
|
| 161 | + } |
|
| 162 | + $this->validateConfiguration(); |
|
| 163 | + } |
|
| 164 | + } |
|
| 165 | + |
|
| 166 | + /** |
|
| 167 | + * @param string $rule |
|
| 168 | + * @return array |
|
| 169 | + * @throws \RuntimeException |
|
| 170 | + */ |
|
| 171 | + public function resolveRule($rule) { |
|
| 172 | + return $this->configuration->resolveRule($rule); |
|
| 173 | + } |
|
| 174 | + |
|
| 175 | + /** |
|
| 176 | + * sets whether the result of the configuration validation shall |
|
| 177 | + * be ignored when establishing the connection. Used by the Wizard |
|
| 178 | + * in early configuration state. |
|
| 179 | + * @param bool $state |
|
| 180 | + */ |
|
| 181 | + public function setIgnoreValidation($state) { |
|
| 182 | + $this->ignoreValidation = (bool)$state; |
|
| 183 | + } |
|
| 184 | + |
|
| 185 | + /** |
|
| 186 | + * initializes the LDAP backend |
|
| 187 | + * @param bool $force read the config settings no matter what |
|
| 188 | + */ |
|
| 189 | + public function init($force = false) { |
|
| 190 | + $this->readConfiguration($force); |
|
| 191 | + $this->establishConnection(); |
|
| 192 | + } |
|
| 193 | + |
|
| 194 | + /** |
|
| 195 | + * Returns the LDAP handler |
|
| 196 | + */ |
|
| 197 | + public function getConnectionResource() { |
|
| 198 | + if(!$this->ldapConnectionRes) { |
|
| 199 | + $this->init(); |
|
| 200 | + } else if(!$this->ldap->isResource($this->ldapConnectionRes)) { |
|
| 201 | + $this->ldapConnectionRes = null; |
|
| 202 | + $this->establishConnection(); |
|
| 203 | + } |
|
| 204 | + if(is_null($this->ldapConnectionRes)) { |
|
| 205 | + \OCP\Util::writeLog('user_ldap', 'No LDAP Connection to server ' . $this->configuration->ldapHost, ILogger::ERROR); |
|
| 206 | + throw new ServerNotAvailableException('Connection to LDAP server could not be established'); |
|
| 207 | + } |
|
| 208 | + return $this->ldapConnectionRes; |
|
| 209 | + } |
|
| 210 | + |
|
| 211 | + /** |
|
| 212 | + * resets the connection resource |
|
| 213 | + */ |
|
| 214 | + public function resetConnectionResource() { |
|
| 215 | + if(!is_null($this->ldapConnectionRes)) { |
|
| 216 | + @$this->ldap->unbind($this->ldapConnectionRes); |
|
| 217 | + $this->ldapConnectionRes = null; |
|
| 218 | + $this->bindResult = []; |
|
| 219 | + } |
|
| 220 | + } |
|
| 221 | + |
|
| 222 | + /** |
|
| 223 | + * @param string|null $key |
|
| 224 | + * @return string |
|
| 225 | + */ |
|
| 226 | + private function getCacheKey($key) { |
|
| 227 | + $prefix = 'LDAP-'.$this->configID.'-'.$this->configPrefix.'-'; |
|
| 228 | + if(is_null($key)) { |
|
| 229 | + return $prefix; |
|
| 230 | + } |
|
| 231 | + return $prefix.hash('sha256', $key); |
|
| 232 | + } |
|
| 233 | + |
|
| 234 | + /** |
|
| 235 | + * @param string $key |
|
| 236 | + * @return mixed|null |
|
| 237 | + */ |
|
| 238 | + public function getFromCache($key) { |
|
| 239 | + if(!$this->configured) { |
|
| 240 | + $this->readConfiguration(); |
|
| 241 | + } |
|
| 242 | + if(is_null($this->cache) || !$this->configuration->ldapCacheTTL) { |
|
| 243 | + return null; |
|
| 244 | + } |
|
| 245 | + $key = $this->getCacheKey($key); |
|
| 246 | + |
|
| 247 | + return json_decode(base64_decode($this->cache->get($key)), true); |
|
| 248 | + } |
|
| 249 | + |
|
| 250 | + /** |
|
| 251 | + * @param string $key |
|
| 252 | + * @param mixed $value |
|
| 253 | + * |
|
| 254 | + * @return string |
|
| 255 | + */ |
|
| 256 | + public function writeToCache($key, $value) { |
|
| 257 | + if(!$this->configured) { |
|
| 258 | + $this->readConfiguration(); |
|
| 259 | + } |
|
| 260 | + if(is_null($this->cache) |
|
| 261 | + || !$this->configuration->ldapCacheTTL |
|
| 262 | + || !$this->configuration->ldapConfigurationActive) { |
|
| 263 | + return null; |
|
| 264 | + } |
|
| 265 | + $key = $this->getCacheKey($key); |
|
| 266 | + $value = base64_encode(json_encode($value)); |
|
| 267 | + $this->cache->set($key, $value, $this->configuration->ldapCacheTTL); |
|
| 268 | + } |
|
| 269 | + |
|
| 270 | + public function clearCache() { |
|
| 271 | + if(!is_null($this->cache)) { |
|
| 272 | + $this->cache->clear($this->getCacheKey(null)); |
|
| 273 | + } |
|
| 274 | + } |
|
| 275 | + |
|
| 276 | + /** |
|
| 277 | + * Caches the general LDAP configuration. |
|
| 278 | + * @param bool $force optional. true, if the re-read should be forced. defaults |
|
| 279 | + * to false. |
|
| 280 | + * @return null |
|
| 281 | + */ |
|
| 282 | + private function readConfiguration($force = false) { |
|
| 283 | + if((!$this->configured || $force) && !is_null($this->configID)) { |
|
| 284 | + $this->configuration->readConfiguration(); |
|
| 285 | + $this->configured = $this->validateConfiguration(); |
|
| 286 | + } |
|
| 287 | + } |
|
| 288 | + |
|
| 289 | + /** |
|
| 290 | + * set LDAP configuration with values delivered by an array, not read from configuration |
|
| 291 | + * @param array $config array that holds the config parameters in an associated array |
|
| 292 | + * @param array &$setParameters optional; array where the set fields will be given to |
|
| 293 | + * @return boolean true if config validates, false otherwise. Check with $setParameters for detailed success on single parameters |
|
| 294 | + */ |
|
| 295 | + public function setConfiguration($config, &$setParameters = null) { |
|
| 296 | + if(is_null($setParameters)) { |
|
| 297 | + $setParameters = array(); |
|
| 298 | + } |
|
| 299 | + $this->doNotValidate = false; |
|
| 300 | + $this->configuration->setConfiguration($config, $setParameters); |
|
| 301 | + if(count($setParameters) > 0) { |
|
| 302 | + $this->configured = $this->validateConfiguration(); |
|
| 303 | + } |
|
| 304 | + |
|
| 305 | + |
|
| 306 | + return $this->configured; |
|
| 307 | + } |
|
| 308 | + |
|
| 309 | + /** |
|
| 310 | + * saves the current Configuration in the database and empties the |
|
| 311 | + * cache |
|
| 312 | + * @return null |
|
| 313 | + */ |
|
| 314 | + public function saveConfiguration() { |
|
| 315 | + $this->configuration->saveConfiguration(); |
|
| 316 | + $this->clearCache(); |
|
| 317 | + } |
|
| 318 | + |
|
| 319 | + /** |
|
| 320 | + * get the current LDAP configuration |
|
| 321 | + * @return array |
|
| 322 | + */ |
|
| 323 | + public function getConfiguration() { |
|
| 324 | + $this->readConfiguration(); |
|
| 325 | + $config = $this->configuration->getConfiguration(); |
|
| 326 | + $cta = $this->configuration->getConfigTranslationArray(); |
|
| 327 | + $result = array(); |
|
| 328 | + foreach($cta as $dbkey => $configkey) { |
|
| 329 | + switch($configkey) { |
|
| 330 | + case 'homeFolderNamingRule': |
|
| 331 | + if(strpos($config[$configkey], 'attr:') === 0) { |
|
| 332 | + $result[$dbkey] = substr($config[$configkey], 5); |
|
| 333 | + } else { |
|
| 334 | + $result[$dbkey] = ''; |
|
| 335 | + } |
|
| 336 | + break; |
|
| 337 | + case 'ldapBase': |
|
| 338 | + case 'ldapBaseUsers': |
|
| 339 | + case 'ldapBaseGroups': |
|
| 340 | + case 'ldapAttributesForUserSearch': |
|
| 341 | + case 'ldapAttributesForGroupSearch': |
|
| 342 | + if(is_array($config[$configkey])) { |
|
| 343 | + $result[$dbkey] = implode("\n", $config[$configkey]); |
|
| 344 | + break; |
|
| 345 | + } //else follows default |
|
| 346 | + default: |
|
| 347 | + $result[$dbkey] = $config[$configkey]; |
|
| 348 | + } |
|
| 349 | + } |
|
| 350 | + return $result; |
|
| 351 | + } |
|
| 352 | + |
|
| 353 | + private function doSoftValidation() { |
|
| 354 | + //if User or Group Base are not set, take over Base DN setting |
|
| 355 | + foreach(array('ldapBaseUsers', 'ldapBaseGroups') as $keyBase) { |
|
| 356 | + $val = $this->configuration->$keyBase; |
|
| 357 | + if(empty($val)) { |
|
| 358 | + $this->configuration->$keyBase = $this->configuration->ldapBase; |
|
| 359 | + } |
|
| 360 | + } |
|
| 361 | + |
|
| 362 | + foreach(array('ldapExpertUUIDUserAttr' => 'ldapUuidUserAttribute', |
|
| 363 | + 'ldapExpertUUIDGroupAttr' => 'ldapUuidGroupAttribute') |
|
| 364 | + as $expertSetting => $effectiveSetting) { |
|
| 365 | + $uuidOverride = $this->configuration->$expertSetting; |
|
| 366 | + if(!empty($uuidOverride)) { |
|
| 367 | + $this->configuration->$effectiveSetting = $uuidOverride; |
|
| 368 | + } else { |
|
| 369 | + $uuidAttributes = Access::UUID_ATTRIBUTES; |
|
| 370 | + array_unshift($uuidAttributes, 'auto'); |
|
| 371 | + if(!in_array($this->configuration->$effectiveSetting, |
|
| 372 | + $uuidAttributes) |
|
| 373 | + && (!is_null($this->configID))) { |
|
| 374 | + $this->configuration->$effectiveSetting = 'auto'; |
|
| 375 | + $this->configuration->saveConfiguration(); |
|
| 376 | + \OCP\Util::writeLog('user_ldap', |
|
| 377 | + 'Illegal value for the '. |
|
| 378 | + $effectiveSetting.', '.'reset to '. |
|
| 379 | + 'autodetect.', ILogger::INFO); |
|
| 380 | + } |
|
| 381 | + |
|
| 382 | + } |
|
| 383 | + } |
|
| 384 | + |
|
| 385 | + $backupPort = (int)$this->configuration->ldapBackupPort; |
|
| 386 | + if ($backupPort <= 0) { |
|
| 387 | + $this->configuration->backupPort = $this->configuration->ldapPort; |
|
| 388 | + } |
|
| 389 | + |
|
| 390 | + //make sure empty search attributes are saved as simple, empty array |
|
| 391 | + $saKeys = array('ldapAttributesForUserSearch', |
|
| 392 | + 'ldapAttributesForGroupSearch'); |
|
| 393 | + foreach($saKeys as $key) { |
|
| 394 | + $val = $this->configuration->$key; |
|
| 395 | + if(is_array($val) && count($val) === 1 && empty($val[0])) { |
|
| 396 | + $this->configuration->$key = array(); |
|
| 397 | + } |
|
| 398 | + } |
|
| 399 | + |
|
| 400 | + if((stripos($this->configuration->ldapHost, 'ldaps://') === 0) |
|
| 401 | + && $this->configuration->ldapTLS) { |
|
| 402 | + $this->configuration->ldapTLS = false; |
|
| 403 | + \OCP\Util::writeLog( |
|
| 404 | + 'user_ldap', |
|
| 405 | + 'LDAPS (already using secure connection) and TLS do not work together. Switched off TLS.', |
|
| 406 | + ILogger::INFO |
|
| 407 | + ); |
|
| 408 | + } |
|
| 409 | + } |
|
| 410 | + |
|
| 411 | + /** |
|
| 412 | + * @return bool |
|
| 413 | + */ |
|
| 414 | + private function doCriticalValidation() { |
|
| 415 | + $configurationOK = true; |
|
| 416 | + $errorStr = 'Configuration Error (prefix '. |
|
| 417 | + (string)$this->configPrefix .'): '; |
|
| 418 | + |
|
| 419 | + //options that shall not be empty |
|
| 420 | + $options = array('ldapHost', 'ldapPort', 'ldapUserDisplayName', |
|
| 421 | + 'ldapGroupDisplayName', 'ldapLoginFilter'); |
|
| 422 | + foreach($options as $key) { |
|
| 423 | + $val = $this->configuration->$key; |
|
| 424 | + if(empty($val)) { |
|
| 425 | + switch($key) { |
|
| 426 | + case 'ldapHost': |
|
| 427 | + $subj = 'LDAP Host'; |
|
| 428 | + break; |
|
| 429 | + case 'ldapPort': |
|
| 430 | + $subj = 'LDAP Port'; |
|
| 431 | + break; |
|
| 432 | + case 'ldapUserDisplayName': |
|
| 433 | + $subj = 'LDAP User Display Name'; |
|
| 434 | + break; |
|
| 435 | + case 'ldapGroupDisplayName': |
|
| 436 | + $subj = 'LDAP Group Display Name'; |
|
| 437 | + break; |
|
| 438 | + case 'ldapLoginFilter': |
|
| 439 | + $subj = 'LDAP Login Filter'; |
|
| 440 | + break; |
|
| 441 | + default: |
|
| 442 | + $subj = $key; |
|
| 443 | + break; |
|
| 444 | + } |
|
| 445 | + $configurationOK = false; |
|
| 446 | + \OCP\Util::writeLog( |
|
| 447 | + 'user_ldap', |
|
| 448 | + $errorStr.'No '.$subj.' given!', |
|
| 449 | + ILogger::WARN |
|
| 450 | + ); |
|
| 451 | + } |
|
| 452 | + } |
|
| 453 | + |
|
| 454 | + //combinations |
|
| 455 | + $agent = $this->configuration->ldapAgentName; |
|
| 456 | + $pwd = $this->configuration->ldapAgentPassword; |
|
| 457 | + if ( |
|
| 458 | + ($agent === '' && $pwd !== '') |
|
| 459 | + || ($agent !== '' && $pwd === '') |
|
| 460 | + ) { |
|
| 461 | + \OCP\Util::writeLog( |
|
| 462 | + 'user_ldap', |
|
| 463 | + $errorStr.'either no password is given for the user ' . |
|
| 464 | + 'agent or a password is given, but not an LDAP agent.', |
|
| 465 | + ILogger::WARN); |
|
| 466 | + $configurationOK = false; |
|
| 467 | + } |
|
| 468 | + |
|
| 469 | + $base = $this->configuration->ldapBase; |
|
| 470 | + $baseUsers = $this->configuration->ldapBaseUsers; |
|
| 471 | + $baseGroups = $this->configuration->ldapBaseGroups; |
|
| 472 | + |
|
| 473 | + if(empty($base) && empty($baseUsers) && empty($baseGroups)) { |
|
| 474 | + \OCP\Util::writeLog( |
|
| 475 | + 'user_ldap', |
|
| 476 | + $errorStr.'Not a single Base DN given.', |
|
| 477 | + ILogger::WARN |
|
| 478 | + ); |
|
| 479 | + $configurationOK = false; |
|
| 480 | + } |
|
| 481 | + |
|
| 482 | + if(mb_strpos($this->configuration->ldapLoginFilter, '%uid', 0, 'UTF-8') |
|
| 483 | + === false) { |
|
| 484 | + \OCP\Util::writeLog( |
|
| 485 | + 'user_ldap', |
|
| 486 | + $errorStr.'login filter does not contain %uid place holder.', |
|
| 487 | + ILogger::WARN |
|
| 488 | + ); |
|
| 489 | + $configurationOK = false; |
|
| 490 | + } |
|
| 491 | + |
|
| 492 | + return $configurationOK; |
|
| 493 | + } |
|
| 494 | + |
|
| 495 | + /** |
|
| 496 | + * Validates the user specified configuration |
|
| 497 | + * @return bool true if configuration seems OK, false otherwise |
|
| 498 | + */ |
|
| 499 | + private function validateConfiguration() { |
|
| 500 | + |
|
| 501 | + if($this->doNotValidate) { |
|
| 502 | + //don't do a validation if it is a new configuration with pure |
|
| 503 | + //default values. Will be allowed on changes via __set or |
|
| 504 | + //setConfiguration |
|
| 505 | + return false; |
|
| 506 | + } |
|
| 507 | + |
|
| 508 | + // first step: "soft" checks: settings that are not really |
|
| 509 | + // necessary, but advisable. If left empty, give an info message |
|
| 510 | + $this->doSoftValidation(); |
|
| 511 | + |
|
| 512 | + //second step: critical checks. If left empty or filled wrong, mark as |
|
| 513 | + //not configured and give a warning. |
|
| 514 | + return $this->doCriticalValidation(); |
|
| 515 | + } |
|
| 516 | + |
|
| 517 | + |
|
| 518 | + /** |
|
| 519 | + * Connects and Binds to LDAP |
|
| 520 | + * |
|
| 521 | + * @throws ServerNotAvailableException |
|
| 522 | + */ |
|
| 523 | + private function establishConnection() { |
|
| 524 | + if(!$this->configuration->ldapConfigurationActive) { |
|
| 525 | + return null; |
|
| 526 | + } |
|
| 527 | + static $phpLDAPinstalled = true; |
|
| 528 | + if(!$phpLDAPinstalled) { |
|
| 529 | + return false; |
|
| 530 | + } |
|
| 531 | + if(!$this->ignoreValidation && !$this->configured) { |
|
| 532 | + \OCP\Util::writeLog( |
|
| 533 | + 'user_ldap', |
|
| 534 | + 'Configuration is invalid, cannot connect', |
|
| 535 | + ILogger::WARN |
|
| 536 | + ); |
|
| 537 | + return false; |
|
| 538 | + } |
|
| 539 | + if(!$this->ldapConnectionRes) { |
|
| 540 | + if(!$this->ldap->areLDAPFunctionsAvailable()) { |
|
| 541 | + $phpLDAPinstalled = false; |
|
| 542 | + \OCP\Util::writeLog( |
|
| 543 | + 'user_ldap', |
|
| 544 | + 'function ldap_connect is not available. Make sure that the PHP ldap module is installed.', |
|
| 545 | + ILogger::ERROR |
|
| 546 | + ); |
|
| 547 | + |
|
| 548 | + return false; |
|
| 549 | + } |
|
| 550 | + if($this->configuration->turnOffCertCheck) { |
|
| 551 | + if(putenv('LDAPTLS_REQCERT=never')) { |
|
| 552 | + \OCP\Util::writeLog('user_ldap', |
|
| 553 | + 'Turned off SSL certificate validation successfully.', |
|
| 554 | + ILogger::DEBUG); |
|
| 555 | + } else { |
|
| 556 | + \OCP\Util::writeLog( |
|
| 557 | + 'user_ldap', |
|
| 558 | + 'Could not turn off SSL certificate validation.', |
|
| 559 | + ILogger::WARN |
|
| 560 | + ); |
|
| 561 | + } |
|
| 562 | + } |
|
| 563 | + |
|
| 564 | + $isOverrideMainServer = ($this->configuration->ldapOverrideMainServer |
|
| 565 | + || $this->getFromCache('overrideMainServer')); |
|
| 566 | + $isBackupHost = (trim($this->configuration->ldapBackupHost) !== ""); |
|
| 567 | + $bindStatus = false; |
|
| 568 | + try { |
|
| 569 | + if (!$isOverrideMainServer) { |
|
| 570 | + $this->doConnect($this->configuration->ldapHost, |
|
| 571 | + $this->configuration->ldapPort); |
|
| 572 | + return $this->bind(); |
|
| 573 | + } |
|
| 574 | + } catch (ServerNotAvailableException $e) { |
|
| 575 | + if(!$isBackupHost) { |
|
| 576 | + throw $e; |
|
| 577 | + } |
|
| 578 | + } |
|
| 579 | + |
|
| 580 | + //if LDAP server is not reachable, try the Backup (Replica!) Server |
|
| 581 | + if($isBackupHost || $isOverrideMainServer) { |
|
| 582 | + $this->doConnect($this->configuration->ldapBackupHost, |
|
| 583 | + $this->configuration->ldapBackupPort); |
|
| 584 | + $this->bindResult = []; |
|
| 585 | + $bindStatus = $this->bind(); |
|
| 586 | + $error = $this->ldap->isResource($this->ldapConnectionRes) ? |
|
| 587 | + $this->ldap->errno($this->ldapConnectionRes) : -1; |
|
| 588 | + if($bindStatus && $error === 0 && !$this->getFromCache('overrideMainServer')) { |
|
| 589 | + //when bind to backup server succeeded and failed to main server, |
|
| 590 | + //skip contacting him until next cache refresh |
|
| 591 | + $this->writeToCache('overrideMainServer', true); |
|
| 592 | + } |
|
| 593 | + } |
|
| 594 | + |
|
| 595 | + return $bindStatus; |
|
| 596 | + } |
|
| 597 | + return null; |
|
| 598 | + } |
|
| 599 | + |
|
| 600 | + /** |
|
| 601 | + * @param string $host |
|
| 602 | + * @param string $port |
|
| 603 | + * @return bool |
|
| 604 | + * @throws \OC\ServerNotAvailableException |
|
| 605 | + */ |
|
| 606 | + private function doConnect($host, $port) { |
|
| 607 | + if ($host === '') { |
|
| 608 | + return false; |
|
| 609 | + } |
|
| 610 | + |
|
| 611 | + $this->ldapConnectionRes = $this->ldap->connect($host, $port); |
|
| 612 | + |
|
| 613 | + if(!$this->ldap->setOption($this->ldapConnectionRes, LDAP_OPT_PROTOCOL_VERSION, 3)) { |
|
| 614 | + throw new ServerNotAvailableException('Could not set required LDAP Protocol version.'); |
|
| 615 | + } |
|
| 616 | + |
|
| 617 | + if(!$this->ldap->setOption($this->ldapConnectionRes, LDAP_OPT_REFERRALS, 0)) { |
|
| 618 | + throw new ServerNotAvailableException('Could not disable LDAP referrals.'); |
|
| 619 | + } |
|
| 620 | + |
|
| 621 | + if($this->configuration->ldapTLS) { |
|
| 622 | + if(!$this->ldap->startTls($this->ldapConnectionRes)) { |
|
| 623 | + throw new ServerNotAvailableException('Start TLS failed, when connecting to LDAP host ' . $host . '.'); |
|
| 624 | + } |
|
| 625 | + } |
|
| 626 | + |
|
| 627 | + return true; |
|
| 628 | + } |
|
| 629 | + |
|
| 630 | + /** |
|
| 631 | + * Binds to LDAP |
|
| 632 | + */ |
|
| 633 | + public function bind() { |
|
| 634 | + if(!$this->configuration->ldapConfigurationActive) { |
|
| 635 | + return false; |
|
| 636 | + } |
|
| 637 | + $cr = $this->ldapConnectionRes; |
|
| 638 | + if(!$this->ldap->isResource($cr)) { |
|
| 639 | + $cr = $this->getConnectionResource(); |
|
| 640 | + } |
|
| 641 | + |
|
| 642 | + if( |
|
| 643 | + count($this->bindResult) !== 0 |
|
| 644 | + && $this->bindResult['dn'] === $this->configuration->ldapAgentName |
|
| 645 | + && \OC::$server->getHasher()->verify( |
|
| 646 | + $this->configPrefix . $this->configuration->ldapAgentPassword, |
|
| 647 | + $this->bindResult['hash'] |
|
| 648 | + ) |
|
| 649 | + ) { |
|
| 650 | + // don't attempt to bind again with the same data as before |
|
| 651 | + // bind might have been invoked via getConnectionResource(), |
|
| 652 | + // but we need results specifically for e.g. user login |
|
| 653 | + return $this->bindResult['result']; |
|
| 654 | + } |
|
| 655 | + |
|
| 656 | + $ldapLogin = @$this->ldap->bind($cr, |
|
| 657 | + $this->configuration->ldapAgentName, |
|
| 658 | + $this->configuration->ldapAgentPassword); |
|
| 659 | + |
|
| 660 | + $this->bindResult = [ |
|
| 661 | + 'dn' => $this->configuration->ldapAgentName, |
|
| 662 | + 'hash' => \OC::$server->getHasher()->hash($this->configPrefix . $this->configuration->ldapAgentPassword), |
|
| 663 | + 'result' => $ldapLogin, |
|
| 664 | + ]; |
|
| 665 | + |
|
| 666 | + if(!$ldapLogin) { |
|
| 667 | + $errno = $this->ldap->errno($cr); |
|
| 668 | + |
|
| 669 | + \OCP\Util::writeLog('user_ldap', |
|
| 670 | + 'Bind failed: ' . $errno . ': ' . $this->ldap->error($cr), |
|
| 671 | + ILogger::WARN); |
|
| 672 | + |
|
| 673 | + // Set to failure mode, if LDAP error code is not LDAP_SUCCESS or LDAP_INVALID_CREDENTIALS |
|
| 674 | + if($errno !== 0x00 && $errno !== 0x31) { |
|
| 675 | + $this->ldapConnectionRes = null; |
|
| 676 | + } |
|
| 677 | + |
|
| 678 | + return false; |
|
| 679 | + } |
|
| 680 | + return true; |
|
| 681 | + } |
|
| 682 | 682 | |
| 683 | 683 | } |
@@ -29,46 +29,46 @@ |
||
| 29 | 29 | use OCP\IUserSession; |
| 30 | 30 | |
| 31 | 31 | class ExtStorageConfigHandler implements IConfigHandler { |
| 32 | - use SimpleSubstitutionTrait; |
|
| 32 | + use SimpleSubstitutionTrait; |
|
| 33 | 33 | |
| 34 | - /** @var IUserSession */ |
|
| 35 | - private $session; |
|
| 34 | + /** @var IUserSession */ |
|
| 35 | + private $session; |
|
| 36 | 36 | |
| 37 | - public function __construct(IUserSession $session) { |
|
| 38 | - $this->placeholder = 'home'; |
|
| 39 | - $this->session = $session; |
|
| 40 | - } |
|
| 37 | + public function __construct(IUserSession $session) { |
|
| 38 | + $this->placeholder = 'home'; |
|
| 39 | + $this->session = $session; |
|
| 40 | + } |
|
| 41 | 41 | |
| 42 | - /** |
|
| 43 | - * @param mixed $optionValue |
|
| 44 | - * @return mixed the same type as $optionValue |
|
| 45 | - * @since 16.0.0 |
|
| 46 | - * @throws \Exception |
|
| 47 | - */ |
|
| 48 | - public function handle($optionValue) { |
|
| 49 | - $user = $this->session->getUser(); |
|
| 50 | - if($user === null) { |
|
| 51 | - return $optionValue; |
|
| 52 | - } |
|
| 42 | + /** |
|
| 43 | + * @param mixed $optionValue |
|
| 44 | + * @return mixed the same type as $optionValue |
|
| 45 | + * @since 16.0.0 |
|
| 46 | + * @throws \Exception |
|
| 47 | + */ |
|
| 48 | + public function handle($optionValue) { |
|
| 49 | + $user = $this->session->getUser(); |
|
| 50 | + if($user === null) { |
|
| 51 | + return $optionValue; |
|
| 52 | + } |
|
| 53 | 53 | |
| 54 | - $backend = $user->getBackend(); |
|
| 55 | - if(!$backend instanceof User_Proxy) { |
|
| 56 | - return $optionValue; |
|
| 57 | - } |
|
| 54 | + $backend = $user->getBackend(); |
|
| 55 | + if(!$backend instanceof User_Proxy) { |
|
| 56 | + return $optionValue; |
|
| 57 | + } |
|
| 58 | 58 | |
| 59 | - $access = $backend->getLDAPAccess($user->getUID()); |
|
| 60 | - if(!$access) { |
|
| 61 | - return $optionValue; |
|
| 62 | - } |
|
| 59 | + $access = $backend->getLDAPAccess($user->getUID()); |
|
| 60 | + if(!$access) { |
|
| 61 | + return $optionValue; |
|
| 62 | + } |
|
| 63 | 63 | |
| 64 | - $attribute = $access->connection->ldapExtStorageHomeAttribute; |
|
| 65 | - if(empty($attribute)) { |
|
| 66 | - return $optionValue; |
|
| 67 | - } |
|
| 64 | + $attribute = $access->connection->ldapExtStorageHomeAttribute; |
|
| 65 | + if(empty($attribute)) { |
|
| 66 | + return $optionValue; |
|
| 67 | + } |
|
| 68 | 68 | |
| 69 | - $ldapUser = $access->userManager->get($user->getUID()); |
|
| 70 | - $extHome = $ldapUser->getExtStorageHome(); |
|
| 69 | + $ldapUser = $access->userManager->get($user->getUID()); |
|
| 70 | + $extHome = $ldapUser->getExtStorageHome(); |
|
| 71 | 71 | |
| 72 | - return $this->processInput($optionValue, $extHome); |
|
| 73 | - } |
|
| 72 | + return $this->processInput($optionValue, $extHome); |
|
| 73 | + } |
|
| 74 | 74 | } |
@@ -47,22 +47,22 @@ |
||
| 47 | 47 | */ |
| 48 | 48 | public function handle($optionValue) { |
| 49 | 49 | $user = $this->session->getUser(); |
| 50 | - if($user === null) { |
|
| 50 | + if ($user === null) { |
|
| 51 | 51 | return $optionValue; |
| 52 | 52 | } |
| 53 | 53 | |
| 54 | 54 | $backend = $user->getBackend(); |
| 55 | - if(!$backend instanceof User_Proxy) { |
|
| 55 | + if (!$backend instanceof User_Proxy) { |
|
| 56 | 56 | return $optionValue; |
| 57 | 57 | } |
| 58 | 58 | |
| 59 | 59 | $access = $backend->getLDAPAccess($user->getUID()); |
| 60 | - if(!$access) { |
|
| 60 | + if (!$access) { |
|
| 61 | 61 | return $optionValue; |
| 62 | 62 | } |
| 63 | 63 | |
| 64 | 64 | $attribute = $access->connection->ldapExtStorageHomeAttribute; |
| 65 | - if(empty($attribute)) { |
|
| 65 | + if (empty($attribute)) { |
|
| 66 | 66 | return $optionValue; |
| 67 | 67 | } |
| 68 | 68 | |
@@ -33,44 +33,44 @@ |
||
| 33 | 33 | use OCP\IL10N; |
| 34 | 34 | |
| 35 | 35 | class Application extends App { |
| 36 | - public function __construct () { |
|
| 37 | - parent::__construct('user_ldap'); |
|
| 38 | - $container = $this->getContainer(); |
|
| 36 | + public function __construct () { |
|
| 37 | + parent::__construct('user_ldap'); |
|
| 38 | + $container = $this->getContainer(); |
|
| 39 | 39 | |
| 40 | - /** |
|
| 41 | - * Controller |
|
| 42 | - */ |
|
| 43 | - $container->registerService('RenewPasswordController', function(IAppContainer $c) { |
|
| 44 | - /** @var \OC\Server $server */ |
|
| 45 | - $server = $c->query('ServerContainer'); |
|
| 40 | + /** |
|
| 41 | + * Controller |
|
| 42 | + */ |
|
| 43 | + $container->registerService('RenewPasswordController', function(IAppContainer $c) { |
|
| 44 | + /** @var \OC\Server $server */ |
|
| 45 | + $server = $c->query('ServerContainer'); |
|
| 46 | 46 | |
| 47 | - return new RenewPasswordController( |
|
| 48 | - $c->getAppName(), |
|
| 49 | - $server->getRequest(), |
|
| 50 | - $c->query('UserManager'), |
|
| 51 | - $server->getConfig(), |
|
| 52 | - $c->query(IL10N::class), |
|
| 53 | - $c->query('Session'), |
|
| 54 | - $server->getURLGenerator() |
|
| 55 | - ); |
|
| 56 | - }); |
|
| 47 | + return new RenewPasswordController( |
|
| 48 | + $c->getAppName(), |
|
| 49 | + $server->getRequest(), |
|
| 50 | + $c->query('UserManager'), |
|
| 51 | + $server->getConfig(), |
|
| 52 | + $c->query(IL10N::class), |
|
| 53 | + $c->query('Session'), |
|
| 54 | + $server->getURLGenerator() |
|
| 55 | + ); |
|
| 56 | + }); |
|
| 57 | 57 | |
| 58 | - $container->registerService(ILDAPWrapper::class, function () { |
|
| 59 | - return new LDAP(); |
|
| 60 | - }); |
|
| 61 | - } |
|
| 58 | + $container->registerService(ILDAPWrapper::class, function () { |
|
| 59 | + return new LDAP(); |
|
| 60 | + }); |
|
| 61 | + } |
|
| 62 | 62 | |
| 63 | - public function registerBackendDependents() { |
|
| 64 | - $container = $this->getContainer(); |
|
| 63 | + public function registerBackendDependents() { |
|
| 64 | + $container = $this->getContainer(); |
|
| 65 | 65 | |
| 66 | - $container->getServer()->getEventDispatcher()->addListener( |
|
| 67 | - 'OCA\\Files_External::loadAdditionalBackends', |
|
| 68 | - function() use ($container) { |
|
| 69 | - $storagesBackendService = $container->query(BackendService::class); |
|
| 70 | - $storagesBackendService->registerConfigHandler('home', function () use ($container) { |
|
| 71 | - return $container->query(ExtStorageConfigHandler::class); |
|
| 72 | - }); |
|
| 73 | - } |
|
| 74 | - ); |
|
| 75 | - } |
|
| 66 | + $container->getServer()->getEventDispatcher()->addListener( |
|
| 67 | + 'OCA\\Files_External::loadAdditionalBackends', |
|
| 68 | + function() use ($container) { |
|
| 69 | + $storagesBackendService = $container->query(BackendService::class); |
|
| 70 | + $storagesBackendService->registerConfigHandler('home', function () use ($container) { |
|
| 71 | + return $container->query(ExtStorageConfigHandler::class); |
|
| 72 | + }); |
|
| 73 | + } |
|
| 74 | + ); |
|
| 75 | + } |
|
| 76 | 76 | } |
@@ -33,7 +33,7 @@ discard block |
||
| 33 | 33 | use OCP\IL10N; |
| 34 | 34 | |
| 35 | 35 | class Application extends App { |
| 36 | - public function __construct () { |
|
| 36 | + public function __construct() { |
|
| 37 | 37 | parent::__construct('user_ldap'); |
| 38 | 38 | $container = $this->getContainer(); |
| 39 | 39 | |
@@ -55,7 +55,7 @@ discard block |
||
| 55 | 55 | ); |
| 56 | 56 | }); |
| 57 | 57 | |
| 58 | - $container->registerService(ILDAPWrapper::class, function () { |
|
| 58 | + $container->registerService(ILDAPWrapper::class, function() { |
|
| 59 | 59 | return new LDAP(); |
| 60 | 60 | }); |
| 61 | 61 | } |
@@ -67,7 +67,7 @@ discard block |
||
| 67 | 67 | 'OCA\\Files_External::loadAdditionalBackends', |
| 68 | 68 | function() use ($container) { |
| 69 | 69 | $storagesBackendService = $container->query(BackendService::class); |
| 70 | - $storagesBackendService->registerConfigHandler('home', function () use ($container) { |
|
| 70 | + $storagesBackendService->registerConfigHandler('home', function() use ($container) { |
|
| 71 | 71 | return $container->query(ExtStorageConfigHandler::class); |
| 72 | 72 | }); |
| 73 | 73 | } |
@@ -38,543 +38,543 @@ |
||
| 38 | 38 | * @property string ldapUserAvatarRule |
| 39 | 39 | */ |
| 40 | 40 | class Configuration { |
| 41 | - const AVATAR_PREFIX_DEFAULT = 'default'; |
|
| 42 | - const AVATAR_PREFIX_NONE = 'none'; |
|
| 43 | - const AVATAR_PREFIX_DATA_ATTRIBUTE = 'data:'; |
|
| 41 | + const AVATAR_PREFIX_DEFAULT = 'default'; |
|
| 42 | + const AVATAR_PREFIX_NONE = 'none'; |
|
| 43 | + const AVATAR_PREFIX_DATA_ATTRIBUTE = 'data:'; |
|
| 44 | 44 | |
| 45 | - protected $configPrefix = null; |
|
| 46 | - protected $configRead = false; |
|
| 47 | - /** |
|
| 48 | - * @var string[] pre-filled with one reference key so that at least one entry is written on save request and |
|
| 49 | - * the config ID is registered |
|
| 50 | - */ |
|
| 51 | - protected $unsavedChanges = ['ldapConfigurationActive' => 'ldapConfigurationActive']; |
|
| 45 | + protected $configPrefix = null; |
|
| 46 | + protected $configRead = false; |
|
| 47 | + /** |
|
| 48 | + * @var string[] pre-filled with one reference key so that at least one entry is written on save request and |
|
| 49 | + * the config ID is registered |
|
| 50 | + */ |
|
| 51 | + protected $unsavedChanges = ['ldapConfigurationActive' => 'ldapConfigurationActive']; |
|
| 52 | 52 | |
| 53 | - //settings |
|
| 54 | - protected $config = array( |
|
| 55 | - 'ldapHost' => null, |
|
| 56 | - 'ldapPort' => null, |
|
| 57 | - 'ldapBackupHost' => null, |
|
| 58 | - 'ldapBackupPort' => null, |
|
| 59 | - 'ldapBase' => null, |
|
| 60 | - 'ldapBaseUsers' => null, |
|
| 61 | - 'ldapBaseGroups' => null, |
|
| 62 | - 'ldapAgentName' => null, |
|
| 63 | - 'ldapAgentPassword' => null, |
|
| 64 | - 'ldapTLS' => null, |
|
| 65 | - 'turnOffCertCheck' => null, |
|
| 66 | - 'ldapIgnoreNamingRules' => null, |
|
| 67 | - 'ldapUserDisplayName' => null, |
|
| 68 | - 'ldapUserDisplayName2' => null, |
|
| 69 | - 'ldapUserAvatarRule' => null, |
|
| 70 | - 'ldapGidNumber' => null, |
|
| 71 | - 'ldapUserFilterObjectclass' => null, |
|
| 72 | - 'ldapUserFilterGroups' => null, |
|
| 73 | - 'ldapUserFilter' => null, |
|
| 74 | - 'ldapUserFilterMode' => null, |
|
| 75 | - 'ldapGroupFilter' => null, |
|
| 76 | - 'ldapGroupFilterMode' => null, |
|
| 77 | - 'ldapGroupFilterObjectclass' => null, |
|
| 78 | - 'ldapGroupFilterGroups' => null, |
|
| 79 | - 'ldapGroupDisplayName' => null, |
|
| 80 | - 'ldapGroupMemberAssocAttr' => null, |
|
| 81 | - 'ldapLoginFilter' => null, |
|
| 82 | - 'ldapLoginFilterMode' => null, |
|
| 83 | - 'ldapLoginFilterEmail' => null, |
|
| 84 | - 'ldapLoginFilterUsername' => null, |
|
| 85 | - 'ldapLoginFilterAttributes' => null, |
|
| 86 | - 'ldapQuotaAttribute' => null, |
|
| 87 | - 'ldapQuotaDefault' => null, |
|
| 88 | - 'ldapEmailAttribute' => null, |
|
| 89 | - 'ldapCacheTTL' => null, |
|
| 90 | - 'ldapUuidUserAttribute' => 'auto', |
|
| 91 | - 'ldapUuidGroupAttribute' => 'auto', |
|
| 92 | - 'ldapOverrideMainServer' => false, |
|
| 93 | - 'ldapConfigurationActive' => false, |
|
| 94 | - 'ldapAttributesForUserSearch' => null, |
|
| 95 | - 'ldapAttributesForGroupSearch' => null, |
|
| 96 | - 'ldapExperiencedAdmin' => false, |
|
| 97 | - 'homeFolderNamingRule' => null, |
|
| 98 | - 'hasMemberOfFilterSupport' => false, |
|
| 99 | - 'useMemberOfToDetectMembership' => true, |
|
| 100 | - 'ldapExpertUsernameAttr' => null, |
|
| 101 | - 'ldapExpertUUIDUserAttr' => null, |
|
| 102 | - 'ldapExpertUUIDGroupAttr' => null, |
|
| 103 | - 'lastJpegPhotoLookup' => null, |
|
| 104 | - 'ldapNestedGroups' => false, |
|
| 105 | - 'ldapPagingSize' => null, |
|
| 106 | - 'turnOnPasswordChange' => false, |
|
| 107 | - 'ldapDynamicGroupMemberURL' => null, |
|
| 108 | - 'ldapDefaultPPolicyDN' => null, |
|
| 109 | - 'ldapExtStorageHomeAttribute' => null, |
|
| 110 | - ); |
|
| 53 | + //settings |
|
| 54 | + protected $config = array( |
|
| 55 | + 'ldapHost' => null, |
|
| 56 | + 'ldapPort' => null, |
|
| 57 | + 'ldapBackupHost' => null, |
|
| 58 | + 'ldapBackupPort' => null, |
|
| 59 | + 'ldapBase' => null, |
|
| 60 | + 'ldapBaseUsers' => null, |
|
| 61 | + 'ldapBaseGroups' => null, |
|
| 62 | + 'ldapAgentName' => null, |
|
| 63 | + 'ldapAgentPassword' => null, |
|
| 64 | + 'ldapTLS' => null, |
|
| 65 | + 'turnOffCertCheck' => null, |
|
| 66 | + 'ldapIgnoreNamingRules' => null, |
|
| 67 | + 'ldapUserDisplayName' => null, |
|
| 68 | + 'ldapUserDisplayName2' => null, |
|
| 69 | + 'ldapUserAvatarRule' => null, |
|
| 70 | + 'ldapGidNumber' => null, |
|
| 71 | + 'ldapUserFilterObjectclass' => null, |
|
| 72 | + 'ldapUserFilterGroups' => null, |
|
| 73 | + 'ldapUserFilter' => null, |
|
| 74 | + 'ldapUserFilterMode' => null, |
|
| 75 | + 'ldapGroupFilter' => null, |
|
| 76 | + 'ldapGroupFilterMode' => null, |
|
| 77 | + 'ldapGroupFilterObjectclass' => null, |
|
| 78 | + 'ldapGroupFilterGroups' => null, |
|
| 79 | + 'ldapGroupDisplayName' => null, |
|
| 80 | + 'ldapGroupMemberAssocAttr' => null, |
|
| 81 | + 'ldapLoginFilter' => null, |
|
| 82 | + 'ldapLoginFilterMode' => null, |
|
| 83 | + 'ldapLoginFilterEmail' => null, |
|
| 84 | + 'ldapLoginFilterUsername' => null, |
|
| 85 | + 'ldapLoginFilterAttributes' => null, |
|
| 86 | + 'ldapQuotaAttribute' => null, |
|
| 87 | + 'ldapQuotaDefault' => null, |
|
| 88 | + 'ldapEmailAttribute' => null, |
|
| 89 | + 'ldapCacheTTL' => null, |
|
| 90 | + 'ldapUuidUserAttribute' => 'auto', |
|
| 91 | + 'ldapUuidGroupAttribute' => 'auto', |
|
| 92 | + 'ldapOverrideMainServer' => false, |
|
| 93 | + 'ldapConfigurationActive' => false, |
|
| 94 | + 'ldapAttributesForUserSearch' => null, |
|
| 95 | + 'ldapAttributesForGroupSearch' => null, |
|
| 96 | + 'ldapExperiencedAdmin' => false, |
|
| 97 | + 'homeFolderNamingRule' => null, |
|
| 98 | + 'hasMemberOfFilterSupport' => false, |
|
| 99 | + 'useMemberOfToDetectMembership' => true, |
|
| 100 | + 'ldapExpertUsernameAttr' => null, |
|
| 101 | + 'ldapExpertUUIDUserAttr' => null, |
|
| 102 | + 'ldapExpertUUIDGroupAttr' => null, |
|
| 103 | + 'lastJpegPhotoLookup' => null, |
|
| 104 | + 'ldapNestedGroups' => false, |
|
| 105 | + 'ldapPagingSize' => null, |
|
| 106 | + 'turnOnPasswordChange' => false, |
|
| 107 | + 'ldapDynamicGroupMemberURL' => null, |
|
| 108 | + 'ldapDefaultPPolicyDN' => null, |
|
| 109 | + 'ldapExtStorageHomeAttribute' => null, |
|
| 110 | + ); |
|
| 111 | 111 | |
| 112 | - /** |
|
| 113 | - * @param string $configPrefix |
|
| 114 | - * @param bool $autoRead |
|
| 115 | - */ |
|
| 116 | - public function __construct($configPrefix, $autoRead = true) { |
|
| 117 | - $this->configPrefix = $configPrefix; |
|
| 118 | - if($autoRead) { |
|
| 119 | - $this->readConfiguration(); |
|
| 120 | - } |
|
| 121 | - } |
|
| 112 | + /** |
|
| 113 | + * @param string $configPrefix |
|
| 114 | + * @param bool $autoRead |
|
| 115 | + */ |
|
| 116 | + public function __construct($configPrefix, $autoRead = true) { |
|
| 117 | + $this->configPrefix = $configPrefix; |
|
| 118 | + if($autoRead) { |
|
| 119 | + $this->readConfiguration(); |
|
| 120 | + } |
|
| 121 | + } |
|
| 122 | 122 | |
| 123 | - /** |
|
| 124 | - * @param string $name |
|
| 125 | - * @return mixed|null |
|
| 126 | - */ |
|
| 127 | - public function __get($name) { |
|
| 128 | - if(isset($this->config[$name])) { |
|
| 129 | - return $this->config[$name]; |
|
| 130 | - } |
|
| 131 | - return null; |
|
| 132 | - } |
|
| 123 | + /** |
|
| 124 | + * @param string $name |
|
| 125 | + * @return mixed|null |
|
| 126 | + */ |
|
| 127 | + public function __get($name) { |
|
| 128 | + if(isset($this->config[$name])) { |
|
| 129 | + return $this->config[$name]; |
|
| 130 | + } |
|
| 131 | + return null; |
|
| 132 | + } |
|
| 133 | 133 | |
| 134 | - /** |
|
| 135 | - * @param string $name |
|
| 136 | - * @param mixed $value |
|
| 137 | - */ |
|
| 138 | - public function __set($name, $value) { |
|
| 139 | - $this->setConfiguration(array($name => $value)); |
|
| 140 | - } |
|
| 134 | + /** |
|
| 135 | + * @param string $name |
|
| 136 | + * @param mixed $value |
|
| 137 | + */ |
|
| 138 | + public function __set($name, $value) { |
|
| 139 | + $this->setConfiguration(array($name => $value)); |
|
| 140 | + } |
|
| 141 | 141 | |
| 142 | - /** |
|
| 143 | - * @return array |
|
| 144 | - */ |
|
| 145 | - public function getConfiguration() { |
|
| 146 | - return $this->config; |
|
| 147 | - } |
|
| 142 | + /** |
|
| 143 | + * @return array |
|
| 144 | + */ |
|
| 145 | + public function getConfiguration() { |
|
| 146 | + return $this->config; |
|
| 147 | + } |
|
| 148 | 148 | |
| 149 | - /** |
|
| 150 | - * set LDAP configuration with values delivered by an array, not read |
|
| 151 | - * from configuration. It does not save the configuration! To do so, you |
|
| 152 | - * must call saveConfiguration afterwards. |
|
| 153 | - * @param array $config array that holds the config parameters in an associated |
|
| 154 | - * array |
|
| 155 | - * @param array &$applied optional; array where the set fields will be given to |
|
| 156 | - * @return false|null |
|
| 157 | - */ |
|
| 158 | - public function setConfiguration($config, &$applied = null) { |
|
| 159 | - if(!is_array($config)) { |
|
| 160 | - return false; |
|
| 161 | - } |
|
| 149 | + /** |
|
| 150 | + * set LDAP configuration with values delivered by an array, not read |
|
| 151 | + * from configuration. It does not save the configuration! To do so, you |
|
| 152 | + * must call saveConfiguration afterwards. |
|
| 153 | + * @param array $config array that holds the config parameters in an associated |
|
| 154 | + * array |
|
| 155 | + * @param array &$applied optional; array where the set fields will be given to |
|
| 156 | + * @return false|null |
|
| 157 | + */ |
|
| 158 | + public function setConfiguration($config, &$applied = null) { |
|
| 159 | + if(!is_array($config)) { |
|
| 160 | + return false; |
|
| 161 | + } |
|
| 162 | 162 | |
| 163 | - $cta = $this->getConfigTranslationArray(); |
|
| 164 | - foreach($config as $inputKey => $val) { |
|
| 165 | - if(strpos($inputKey, '_') !== false && array_key_exists($inputKey, $cta)) { |
|
| 166 | - $key = $cta[$inputKey]; |
|
| 167 | - } elseif(array_key_exists($inputKey, $this->config)) { |
|
| 168 | - $key = $inputKey; |
|
| 169 | - } else { |
|
| 170 | - continue; |
|
| 171 | - } |
|
| 163 | + $cta = $this->getConfigTranslationArray(); |
|
| 164 | + foreach($config as $inputKey => $val) { |
|
| 165 | + if(strpos($inputKey, '_') !== false && array_key_exists($inputKey, $cta)) { |
|
| 166 | + $key = $cta[$inputKey]; |
|
| 167 | + } elseif(array_key_exists($inputKey, $this->config)) { |
|
| 168 | + $key = $inputKey; |
|
| 169 | + } else { |
|
| 170 | + continue; |
|
| 171 | + } |
|
| 172 | 172 | |
| 173 | - $setMethod = 'setValue'; |
|
| 174 | - switch($key) { |
|
| 175 | - case 'ldapAgentPassword': |
|
| 176 | - $setMethod = 'setRawValue'; |
|
| 177 | - break; |
|
| 178 | - case 'homeFolderNamingRule': |
|
| 179 | - $trimmedVal = trim($val); |
|
| 180 | - if ($trimmedVal !== '' && strpos($val, 'attr:') === false) { |
|
| 181 | - $val = 'attr:'.$trimmedVal; |
|
| 182 | - } |
|
| 183 | - break; |
|
| 184 | - case 'ldapBase': |
|
| 185 | - case 'ldapBaseUsers': |
|
| 186 | - case 'ldapBaseGroups': |
|
| 187 | - case 'ldapAttributesForUserSearch': |
|
| 188 | - case 'ldapAttributesForGroupSearch': |
|
| 189 | - case 'ldapUserFilterObjectclass': |
|
| 190 | - case 'ldapUserFilterGroups': |
|
| 191 | - case 'ldapGroupFilterObjectclass': |
|
| 192 | - case 'ldapGroupFilterGroups': |
|
| 193 | - case 'ldapLoginFilterAttributes': |
|
| 194 | - $setMethod = 'setMultiLine'; |
|
| 195 | - break; |
|
| 196 | - } |
|
| 197 | - $this->$setMethod($key, $val); |
|
| 198 | - if(is_array($applied)) { |
|
| 199 | - $applied[] = $inputKey; |
|
| 200 | - // storing key as index avoids duplication, and as value for simplicity |
|
| 201 | - } |
|
| 202 | - $this->unsavedChanges[$key] = $key; |
|
| 203 | - } |
|
| 204 | - return null; |
|
| 205 | - } |
|
| 173 | + $setMethod = 'setValue'; |
|
| 174 | + switch($key) { |
|
| 175 | + case 'ldapAgentPassword': |
|
| 176 | + $setMethod = 'setRawValue'; |
|
| 177 | + break; |
|
| 178 | + case 'homeFolderNamingRule': |
|
| 179 | + $trimmedVal = trim($val); |
|
| 180 | + if ($trimmedVal !== '' && strpos($val, 'attr:') === false) { |
|
| 181 | + $val = 'attr:'.$trimmedVal; |
|
| 182 | + } |
|
| 183 | + break; |
|
| 184 | + case 'ldapBase': |
|
| 185 | + case 'ldapBaseUsers': |
|
| 186 | + case 'ldapBaseGroups': |
|
| 187 | + case 'ldapAttributesForUserSearch': |
|
| 188 | + case 'ldapAttributesForGroupSearch': |
|
| 189 | + case 'ldapUserFilterObjectclass': |
|
| 190 | + case 'ldapUserFilterGroups': |
|
| 191 | + case 'ldapGroupFilterObjectclass': |
|
| 192 | + case 'ldapGroupFilterGroups': |
|
| 193 | + case 'ldapLoginFilterAttributes': |
|
| 194 | + $setMethod = 'setMultiLine'; |
|
| 195 | + break; |
|
| 196 | + } |
|
| 197 | + $this->$setMethod($key, $val); |
|
| 198 | + if(is_array($applied)) { |
|
| 199 | + $applied[] = $inputKey; |
|
| 200 | + // storing key as index avoids duplication, and as value for simplicity |
|
| 201 | + } |
|
| 202 | + $this->unsavedChanges[$key] = $key; |
|
| 203 | + } |
|
| 204 | + return null; |
|
| 205 | + } |
|
| 206 | 206 | |
| 207 | - public function readConfiguration() { |
|
| 208 | - if(!$this->configRead && !is_null($this->configPrefix)) { |
|
| 209 | - $cta = array_flip($this->getConfigTranslationArray()); |
|
| 210 | - foreach($this->config as $key => $val) { |
|
| 211 | - if(!isset($cta[$key])) { |
|
| 212 | - //some are determined |
|
| 213 | - continue; |
|
| 214 | - } |
|
| 215 | - $dbKey = $cta[$key]; |
|
| 216 | - switch($key) { |
|
| 217 | - case 'ldapBase': |
|
| 218 | - case 'ldapBaseUsers': |
|
| 219 | - case 'ldapBaseGroups': |
|
| 220 | - case 'ldapAttributesForUserSearch': |
|
| 221 | - case 'ldapAttributesForGroupSearch': |
|
| 222 | - case 'ldapUserFilterObjectclass': |
|
| 223 | - case 'ldapUserFilterGroups': |
|
| 224 | - case 'ldapGroupFilterObjectclass': |
|
| 225 | - case 'ldapGroupFilterGroups': |
|
| 226 | - case 'ldapLoginFilterAttributes': |
|
| 227 | - $readMethod = 'getMultiLine'; |
|
| 228 | - break; |
|
| 229 | - case 'ldapIgnoreNamingRules': |
|
| 230 | - $readMethod = 'getSystemValue'; |
|
| 231 | - $dbKey = $key; |
|
| 232 | - break; |
|
| 233 | - case 'ldapAgentPassword': |
|
| 234 | - $readMethod = 'getPwd'; |
|
| 235 | - break; |
|
| 236 | - case 'ldapUserDisplayName2': |
|
| 237 | - case 'ldapGroupDisplayName': |
|
| 238 | - $readMethod = 'getLcValue'; |
|
| 239 | - break; |
|
| 240 | - case 'ldapUserDisplayName': |
|
| 241 | - default: |
|
| 242 | - // user display name does not lower case because |
|
| 243 | - // we rely on an upper case N as indicator whether to |
|
| 244 | - // auto-detect it or not. FIXME |
|
| 245 | - $readMethod = 'getValue'; |
|
| 246 | - break; |
|
| 247 | - } |
|
| 248 | - $this->config[$key] = $this->$readMethod($dbKey); |
|
| 249 | - } |
|
| 250 | - $this->configRead = true; |
|
| 251 | - } |
|
| 252 | - } |
|
| 207 | + public function readConfiguration() { |
|
| 208 | + if(!$this->configRead && !is_null($this->configPrefix)) { |
|
| 209 | + $cta = array_flip($this->getConfigTranslationArray()); |
|
| 210 | + foreach($this->config as $key => $val) { |
|
| 211 | + if(!isset($cta[$key])) { |
|
| 212 | + //some are determined |
|
| 213 | + continue; |
|
| 214 | + } |
|
| 215 | + $dbKey = $cta[$key]; |
|
| 216 | + switch($key) { |
|
| 217 | + case 'ldapBase': |
|
| 218 | + case 'ldapBaseUsers': |
|
| 219 | + case 'ldapBaseGroups': |
|
| 220 | + case 'ldapAttributesForUserSearch': |
|
| 221 | + case 'ldapAttributesForGroupSearch': |
|
| 222 | + case 'ldapUserFilterObjectclass': |
|
| 223 | + case 'ldapUserFilterGroups': |
|
| 224 | + case 'ldapGroupFilterObjectclass': |
|
| 225 | + case 'ldapGroupFilterGroups': |
|
| 226 | + case 'ldapLoginFilterAttributes': |
|
| 227 | + $readMethod = 'getMultiLine'; |
|
| 228 | + break; |
|
| 229 | + case 'ldapIgnoreNamingRules': |
|
| 230 | + $readMethod = 'getSystemValue'; |
|
| 231 | + $dbKey = $key; |
|
| 232 | + break; |
|
| 233 | + case 'ldapAgentPassword': |
|
| 234 | + $readMethod = 'getPwd'; |
|
| 235 | + break; |
|
| 236 | + case 'ldapUserDisplayName2': |
|
| 237 | + case 'ldapGroupDisplayName': |
|
| 238 | + $readMethod = 'getLcValue'; |
|
| 239 | + break; |
|
| 240 | + case 'ldapUserDisplayName': |
|
| 241 | + default: |
|
| 242 | + // user display name does not lower case because |
|
| 243 | + // we rely on an upper case N as indicator whether to |
|
| 244 | + // auto-detect it or not. FIXME |
|
| 245 | + $readMethod = 'getValue'; |
|
| 246 | + break; |
|
| 247 | + } |
|
| 248 | + $this->config[$key] = $this->$readMethod($dbKey); |
|
| 249 | + } |
|
| 250 | + $this->configRead = true; |
|
| 251 | + } |
|
| 252 | + } |
|
| 253 | 253 | |
| 254 | - /** |
|
| 255 | - * saves the current config changes in the database |
|
| 256 | - */ |
|
| 257 | - public function saveConfiguration() { |
|
| 258 | - $cta = array_flip($this->getConfigTranslationArray()); |
|
| 259 | - foreach($this->unsavedChanges as $key) { |
|
| 260 | - $value = $this->config[$key]; |
|
| 261 | - switch ($key) { |
|
| 262 | - case 'ldapAgentPassword': |
|
| 263 | - $value = base64_encode($value); |
|
| 264 | - break; |
|
| 265 | - case 'ldapBase': |
|
| 266 | - case 'ldapBaseUsers': |
|
| 267 | - case 'ldapBaseGroups': |
|
| 268 | - case 'ldapAttributesForUserSearch': |
|
| 269 | - case 'ldapAttributesForGroupSearch': |
|
| 270 | - case 'ldapUserFilterObjectclass': |
|
| 271 | - case 'ldapUserFilterGroups': |
|
| 272 | - case 'ldapGroupFilterObjectclass': |
|
| 273 | - case 'ldapGroupFilterGroups': |
|
| 274 | - case 'ldapLoginFilterAttributes': |
|
| 275 | - if(is_array($value)) { |
|
| 276 | - $value = implode("\n", $value); |
|
| 277 | - } |
|
| 278 | - break; |
|
| 279 | - //following options are not stored but detected, skip them |
|
| 280 | - case 'ldapIgnoreNamingRules': |
|
| 281 | - case 'ldapUuidUserAttribute': |
|
| 282 | - case 'ldapUuidGroupAttribute': |
|
| 283 | - continue 2; |
|
| 284 | - } |
|
| 285 | - if(is_null($value)) { |
|
| 286 | - $value = ''; |
|
| 287 | - } |
|
| 288 | - $this->saveValue($cta[$key], $value); |
|
| 289 | - } |
|
| 290 | - $this->saveValue('_lastChange', time()); |
|
| 291 | - $this->unsavedChanges = []; |
|
| 292 | - } |
|
| 254 | + /** |
|
| 255 | + * saves the current config changes in the database |
|
| 256 | + */ |
|
| 257 | + public function saveConfiguration() { |
|
| 258 | + $cta = array_flip($this->getConfigTranslationArray()); |
|
| 259 | + foreach($this->unsavedChanges as $key) { |
|
| 260 | + $value = $this->config[$key]; |
|
| 261 | + switch ($key) { |
|
| 262 | + case 'ldapAgentPassword': |
|
| 263 | + $value = base64_encode($value); |
|
| 264 | + break; |
|
| 265 | + case 'ldapBase': |
|
| 266 | + case 'ldapBaseUsers': |
|
| 267 | + case 'ldapBaseGroups': |
|
| 268 | + case 'ldapAttributesForUserSearch': |
|
| 269 | + case 'ldapAttributesForGroupSearch': |
|
| 270 | + case 'ldapUserFilterObjectclass': |
|
| 271 | + case 'ldapUserFilterGroups': |
|
| 272 | + case 'ldapGroupFilterObjectclass': |
|
| 273 | + case 'ldapGroupFilterGroups': |
|
| 274 | + case 'ldapLoginFilterAttributes': |
|
| 275 | + if(is_array($value)) { |
|
| 276 | + $value = implode("\n", $value); |
|
| 277 | + } |
|
| 278 | + break; |
|
| 279 | + //following options are not stored but detected, skip them |
|
| 280 | + case 'ldapIgnoreNamingRules': |
|
| 281 | + case 'ldapUuidUserAttribute': |
|
| 282 | + case 'ldapUuidGroupAttribute': |
|
| 283 | + continue 2; |
|
| 284 | + } |
|
| 285 | + if(is_null($value)) { |
|
| 286 | + $value = ''; |
|
| 287 | + } |
|
| 288 | + $this->saveValue($cta[$key], $value); |
|
| 289 | + } |
|
| 290 | + $this->saveValue('_lastChange', time()); |
|
| 291 | + $this->unsavedChanges = []; |
|
| 292 | + } |
|
| 293 | 293 | |
| 294 | - /** |
|
| 295 | - * @param string $varName |
|
| 296 | - * @return array|string |
|
| 297 | - */ |
|
| 298 | - protected function getMultiLine($varName) { |
|
| 299 | - $value = $this->getValue($varName); |
|
| 300 | - if(empty($value)) { |
|
| 301 | - $value = ''; |
|
| 302 | - } else { |
|
| 303 | - $value = preg_split('/\r\n|\r|\n/', $value); |
|
| 304 | - } |
|
| 294 | + /** |
|
| 295 | + * @param string $varName |
|
| 296 | + * @return array|string |
|
| 297 | + */ |
|
| 298 | + protected function getMultiLine($varName) { |
|
| 299 | + $value = $this->getValue($varName); |
|
| 300 | + if(empty($value)) { |
|
| 301 | + $value = ''; |
|
| 302 | + } else { |
|
| 303 | + $value = preg_split('/\r\n|\r|\n/', $value); |
|
| 304 | + } |
|
| 305 | 305 | |
| 306 | - return $value; |
|
| 307 | - } |
|
| 306 | + return $value; |
|
| 307 | + } |
|
| 308 | 308 | |
| 309 | - /** |
|
| 310 | - * Sets multi-line values as arrays |
|
| 311 | - * |
|
| 312 | - * @param string $varName name of config-key |
|
| 313 | - * @param array|string $value to set |
|
| 314 | - */ |
|
| 315 | - protected function setMultiLine($varName, $value) { |
|
| 316 | - if(empty($value)) { |
|
| 317 | - $value = ''; |
|
| 318 | - } else if (!is_array($value)) { |
|
| 319 | - $value = preg_split('/\r\n|\r|\n|;/', $value); |
|
| 320 | - if($value === false) { |
|
| 321 | - $value = ''; |
|
| 322 | - } |
|
| 323 | - } |
|
| 309 | + /** |
|
| 310 | + * Sets multi-line values as arrays |
|
| 311 | + * |
|
| 312 | + * @param string $varName name of config-key |
|
| 313 | + * @param array|string $value to set |
|
| 314 | + */ |
|
| 315 | + protected function setMultiLine($varName, $value) { |
|
| 316 | + if(empty($value)) { |
|
| 317 | + $value = ''; |
|
| 318 | + } else if (!is_array($value)) { |
|
| 319 | + $value = preg_split('/\r\n|\r|\n|;/', $value); |
|
| 320 | + if($value === false) { |
|
| 321 | + $value = ''; |
|
| 322 | + } |
|
| 323 | + } |
|
| 324 | 324 | |
| 325 | - if(!is_array($value)) { |
|
| 326 | - $finalValue = trim($value); |
|
| 327 | - } else { |
|
| 328 | - $finalValue = []; |
|
| 329 | - foreach($value as $key => $val) { |
|
| 330 | - if(is_string($val)) { |
|
| 331 | - $val = trim($val); |
|
| 332 | - if ($val !== '') { |
|
| 333 | - //accidental line breaks are not wanted and can cause |
|
| 334 | - // odd behaviour. Thus, away with them. |
|
| 335 | - $finalValue[] = $val; |
|
| 336 | - } |
|
| 337 | - } else { |
|
| 338 | - $finalValue[] = $val; |
|
| 339 | - } |
|
| 340 | - } |
|
| 341 | - } |
|
| 325 | + if(!is_array($value)) { |
|
| 326 | + $finalValue = trim($value); |
|
| 327 | + } else { |
|
| 328 | + $finalValue = []; |
|
| 329 | + foreach($value as $key => $val) { |
|
| 330 | + if(is_string($val)) { |
|
| 331 | + $val = trim($val); |
|
| 332 | + if ($val !== '') { |
|
| 333 | + //accidental line breaks are not wanted and can cause |
|
| 334 | + // odd behaviour. Thus, away with them. |
|
| 335 | + $finalValue[] = $val; |
|
| 336 | + } |
|
| 337 | + } else { |
|
| 338 | + $finalValue[] = $val; |
|
| 339 | + } |
|
| 340 | + } |
|
| 341 | + } |
|
| 342 | 342 | |
| 343 | - $this->setRawValue($varName, $finalValue); |
|
| 344 | - } |
|
| 343 | + $this->setRawValue($varName, $finalValue); |
|
| 344 | + } |
|
| 345 | 345 | |
| 346 | - /** |
|
| 347 | - * @param string $varName |
|
| 348 | - * @return string |
|
| 349 | - */ |
|
| 350 | - protected function getPwd($varName) { |
|
| 351 | - return base64_decode($this->getValue($varName)); |
|
| 352 | - } |
|
| 346 | + /** |
|
| 347 | + * @param string $varName |
|
| 348 | + * @return string |
|
| 349 | + */ |
|
| 350 | + protected function getPwd($varName) { |
|
| 351 | + return base64_decode($this->getValue($varName)); |
|
| 352 | + } |
|
| 353 | 353 | |
| 354 | - /** |
|
| 355 | - * @param string $varName |
|
| 356 | - * @return string |
|
| 357 | - */ |
|
| 358 | - protected function getLcValue($varName) { |
|
| 359 | - return mb_strtolower($this->getValue($varName), 'UTF-8'); |
|
| 360 | - } |
|
| 354 | + /** |
|
| 355 | + * @param string $varName |
|
| 356 | + * @return string |
|
| 357 | + */ |
|
| 358 | + protected function getLcValue($varName) { |
|
| 359 | + return mb_strtolower($this->getValue($varName), 'UTF-8'); |
|
| 360 | + } |
|
| 361 | 361 | |
| 362 | - /** |
|
| 363 | - * @param string $varName |
|
| 364 | - * @return string |
|
| 365 | - */ |
|
| 366 | - protected function getSystemValue($varName) { |
|
| 367 | - //FIXME: if another system value is added, softcode the default value |
|
| 368 | - return \OC::$server->getConfig()->getSystemValue($varName, false); |
|
| 369 | - } |
|
| 362 | + /** |
|
| 363 | + * @param string $varName |
|
| 364 | + * @return string |
|
| 365 | + */ |
|
| 366 | + protected function getSystemValue($varName) { |
|
| 367 | + //FIXME: if another system value is added, softcode the default value |
|
| 368 | + return \OC::$server->getConfig()->getSystemValue($varName, false); |
|
| 369 | + } |
|
| 370 | 370 | |
| 371 | - /** |
|
| 372 | - * @param string $varName |
|
| 373 | - * @return string |
|
| 374 | - */ |
|
| 375 | - protected function getValue($varName) { |
|
| 376 | - static $defaults; |
|
| 377 | - if(is_null($defaults)) { |
|
| 378 | - $defaults = $this->getDefaults(); |
|
| 379 | - } |
|
| 380 | - return \OC::$server->getConfig()->getAppValue('user_ldap', |
|
| 381 | - $this->configPrefix.$varName, |
|
| 382 | - $defaults[$varName]); |
|
| 383 | - } |
|
| 371 | + /** |
|
| 372 | + * @param string $varName |
|
| 373 | + * @return string |
|
| 374 | + */ |
|
| 375 | + protected function getValue($varName) { |
|
| 376 | + static $defaults; |
|
| 377 | + if(is_null($defaults)) { |
|
| 378 | + $defaults = $this->getDefaults(); |
|
| 379 | + } |
|
| 380 | + return \OC::$server->getConfig()->getAppValue('user_ldap', |
|
| 381 | + $this->configPrefix.$varName, |
|
| 382 | + $defaults[$varName]); |
|
| 383 | + } |
|
| 384 | 384 | |
| 385 | - /** |
|
| 386 | - * Sets a scalar value. |
|
| 387 | - * |
|
| 388 | - * @param string $varName name of config key |
|
| 389 | - * @param mixed $value to set |
|
| 390 | - */ |
|
| 391 | - protected function setValue($varName, $value) { |
|
| 392 | - if(is_string($value)) { |
|
| 393 | - $value = trim($value); |
|
| 394 | - } |
|
| 395 | - $this->config[$varName] = $value; |
|
| 396 | - } |
|
| 385 | + /** |
|
| 386 | + * Sets a scalar value. |
|
| 387 | + * |
|
| 388 | + * @param string $varName name of config key |
|
| 389 | + * @param mixed $value to set |
|
| 390 | + */ |
|
| 391 | + protected function setValue($varName, $value) { |
|
| 392 | + if(is_string($value)) { |
|
| 393 | + $value = trim($value); |
|
| 394 | + } |
|
| 395 | + $this->config[$varName] = $value; |
|
| 396 | + } |
|
| 397 | 397 | |
| 398 | - /** |
|
| 399 | - * Sets a scalar value without trimming. |
|
| 400 | - * |
|
| 401 | - * @param string $varName name of config key |
|
| 402 | - * @param mixed $value to set |
|
| 403 | - */ |
|
| 404 | - protected function setRawValue($varName, $value) { |
|
| 405 | - $this->config[$varName] = $value; |
|
| 406 | - } |
|
| 398 | + /** |
|
| 399 | + * Sets a scalar value without trimming. |
|
| 400 | + * |
|
| 401 | + * @param string $varName name of config key |
|
| 402 | + * @param mixed $value to set |
|
| 403 | + */ |
|
| 404 | + protected function setRawValue($varName, $value) { |
|
| 405 | + $this->config[$varName] = $value; |
|
| 406 | + } |
|
| 407 | 407 | |
| 408 | - /** |
|
| 409 | - * @param string $varName |
|
| 410 | - * @param string $value |
|
| 411 | - * @return bool |
|
| 412 | - */ |
|
| 413 | - protected function saveValue($varName, $value) { |
|
| 414 | - \OC::$server->getConfig()->setAppValue( |
|
| 415 | - 'user_ldap', |
|
| 416 | - $this->configPrefix.$varName, |
|
| 417 | - $value |
|
| 418 | - ); |
|
| 419 | - return true; |
|
| 420 | - } |
|
| 408 | + /** |
|
| 409 | + * @param string $varName |
|
| 410 | + * @param string $value |
|
| 411 | + * @return bool |
|
| 412 | + */ |
|
| 413 | + protected function saveValue($varName, $value) { |
|
| 414 | + \OC::$server->getConfig()->setAppValue( |
|
| 415 | + 'user_ldap', |
|
| 416 | + $this->configPrefix.$varName, |
|
| 417 | + $value |
|
| 418 | + ); |
|
| 419 | + return true; |
|
| 420 | + } |
|
| 421 | 421 | |
| 422 | - /** |
|
| 423 | - * @return array an associative array with the default values. Keys are correspond |
|
| 424 | - * to config-value entries in the database table |
|
| 425 | - */ |
|
| 426 | - public function getDefaults() { |
|
| 427 | - return array( |
|
| 428 | - 'ldap_host' => '', |
|
| 429 | - 'ldap_port' => '', |
|
| 430 | - 'ldap_backup_host' => '', |
|
| 431 | - 'ldap_backup_port' => '', |
|
| 432 | - 'ldap_override_main_server' => '', |
|
| 433 | - 'ldap_dn' => '', |
|
| 434 | - 'ldap_agent_password' => '', |
|
| 435 | - 'ldap_base' => '', |
|
| 436 | - 'ldap_base_users' => '', |
|
| 437 | - 'ldap_base_groups' => '', |
|
| 438 | - 'ldap_userlist_filter' => '', |
|
| 439 | - 'ldap_user_filter_mode' => 0, |
|
| 440 | - 'ldap_userfilter_objectclass' => '', |
|
| 441 | - 'ldap_userfilter_groups' => '', |
|
| 442 | - 'ldap_login_filter' => '', |
|
| 443 | - 'ldap_login_filter_mode' => 0, |
|
| 444 | - 'ldap_loginfilter_email' => 0, |
|
| 445 | - 'ldap_loginfilter_username' => 1, |
|
| 446 | - 'ldap_loginfilter_attributes' => '', |
|
| 447 | - 'ldap_group_filter' => '', |
|
| 448 | - 'ldap_group_filter_mode' => 0, |
|
| 449 | - 'ldap_groupfilter_objectclass' => '', |
|
| 450 | - 'ldap_groupfilter_groups' => '', |
|
| 451 | - 'ldap_gid_number' => 'gidNumber', |
|
| 452 | - 'ldap_display_name' => 'displayName', |
|
| 453 | - 'ldap_user_display_name_2' => '', |
|
| 454 | - 'ldap_group_display_name' => 'cn', |
|
| 455 | - 'ldap_tls' => 0, |
|
| 456 | - 'ldap_quota_def' => '', |
|
| 457 | - 'ldap_quota_attr' => '', |
|
| 458 | - 'ldap_email_attr' => '', |
|
| 459 | - 'ldap_group_member_assoc_attribute' => 'uniqueMember', |
|
| 460 | - 'ldap_cache_ttl' => 600, |
|
| 461 | - 'ldap_uuid_user_attribute' => 'auto', |
|
| 462 | - 'ldap_uuid_group_attribute' => 'auto', |
|
| 463 | - 'home_folder_naming_rule' => '', |
|
| 464 | - 'ldap_turn_off_cert_check' => 0, |
|
| 465 | - 'ldap_configuration_active' => 0, |
|
| 466 | - 'ldap_attributes_for_user_search' => '', |
|
| 467 | - 'ldap_attributes_for_group_search' => '', |
|
| 468 | - 'ldap_expert_username_attr' => '', |
|
| 469 | - 'ldap_expert_uuid_user_attr' => '', |
|
| 470 | - 'ldap_expert_uuid_group_attr' => '', |
|
| 471 | - 'has_memberof_filter_support' => 0, |
|
| 472 | - 'use_memberof_to_detect_membership' => 1, |
|
| 473 | - 'last_jpegPhoto_lookup' => 0, |
|
| 474 | - 'ldap_nested_groups' => 0, |
|
| 475 | - 'ldap_paging_size' => 500, |
|
| 476 | - 'ldap_turn_on_pwd_change' => 0, |
|
| 477 | - 'ldap_experienced_admin' => 0, |
|
| 478 | - 'ldap_dynamic_group_member_url' => '', |
|
| 479 | - 'ldap_default_ppolicy_dn' => '', |
|
| 480 | - 'ldap_user_avatar_rule' => 'default', |
|
| 481 | - 'ldap_ext_storage_home_attribute' => '', |
|
| 482 | - ); |
|
| 483 | - } |
|
| 422 | + /** |
|
| 423 | + * @return array an associative array with the default values. Keys are correspond |
|
| 424 | + * to config-value entries in the database table |
|
| 425 | + */ |
|
| 426 | + public function getDefaults() { |
|
| 427 | + return array( |
|
| 428 | + 'ldap_host' => '', |
|
| 429 | + 'ldap_port' => '', |
|
| 430 | + 'ldap_backup_host' => '', |
|
| 431 | + 'ldap_backup_port' => '', |
|
| 432 | + 'ldap_override_main_server' => '', |
|
| 433 | + 'ldap_dn' => '', |
|
| 434 | + 'ldap_agent_password' => '', |
|
| 435 | + 'ldap_base' => '', |
|
| 436 | + 'ldap_base_users' => '', |
|
| 437 | + 'ldap_base_groups' => '', |
|
| 438 | + 'ldap_userlist_filter' => '', |
|
| 439 | + 'ldap_user_filter_mode' => 0, |
|
| 440 | + 'ldap_userfilter_objectclass' => '', |
|
| 441 | + 'ldap_userfilter_groups' => '', |
|
| 442 | + 'ldap_login_filter' => '', |
|
| 443 | + 'ldap_login_filter_mode' => 0, |
|
| 444 | + 'ldap_loginfilter_email' => 0, |
|
| 445 | + 'ldap_loginfilter_username' => 1, |
|
| 446 | + 'ldap_loginfilter_attributes' => '', |
|
| 447 | + 'ldap_group_filter' => '', |
|
| 448 | + 'ldap_group_filter_mode' => 0, |
|
| 449 | + 'ldap_groupfilter_objectclass' => '', |
|
| 450 | + 'ldap_groupfilter_groups' => '', |
|
| 451 | + 'ldap_gid_number' => 'gidNumber', |
|
| 452 | + 'ldap_display_name' => 'displayName', |
|
| 453 | + 'ldap_user_display_name_2' => '', |
|
| 454 | + 'ldap_group_display_name' => 'cn', |
|
| 455 | + 'ldap_tls' => 0, |
|
| 456 | + 'ldap_quota_def' => '', |
|
| 457 | + 'ldap_quota_attr' => '', |
|
| 458 | + 'ldap_email_attr' => '', |
|
| 459 | + 'ldap_group_member_assoc_attribute' => 'uniqueMember', |
|
| 460 | + 'ldap_cache_ttl' => 600, |
|
| 461 | + 'ldap_uuid_user_attribute' => 'auto', |
|
| 462 | + 'ldap_uuid_group_attribute' => 'auto', |
|
| 463 | + 'home_folder_naming_rule' => '', |
|
| 464 | + 'ldap_turn_off_cert_check' => 0, |
|
| 465 | + 'ldap_configuration_active' => 0, |
|
| 466 | + 'ldap_attributes_for_user_search' => '', |
|
| 467 | + 'ldap_attributes_for_group_search' => '', |
|
| 468 | + 'ldap_expert_username_attr' => '', |
|
| 469 | + 'ldap_expert_uuid_user_attr' => '', |
|
| 470 | + 'ldap_expert_uuid_group_attr' => '', |
|
| 471 | + 'has_memberof_filter_support' => 0, |
|
| 472 | + 'use_memberof_to_detect_membership' => 1, |
|
| 473 | + 'last_jpegPhoto_lookup' => 0, |
|
| 474 | + 'ldap_nested_groups' => 0, |
|
| 475 | + 'ldap_paging_size' => 500, |
|
| 476 | + 'ldap_turn_on_pwd_change' => 0, |
|
| 477 | + 'ldap_experienced_admin' => 0, |
|
| 478 | + 'ldap_dynamic_group_member_url' => '', |
|
| 479 | + 'ldap_default_ppolicy_dn' => '', |
|
| 480 | + 'ldap_user_avatar_rule' => 'default', |
|
| 481 | + 'ldap_ext_storage_home_attribute' => '', |
|
| 482 | + ); |
|
| 483 | + } |
|
| 484 | 484 | |
| 485 | - /** |
|
| 486 | - * @return array that maps internal variable names to database fields |
|
| 487 | - */ |
|
| 488 | - public function getConfigTranslationArray() { |
|
| 489 | - //TODO: merge them into one representation |
|
| 490 | - static $array = array( |
|
| 491 | - 'ldap_host' => 'ldapHost', |
|
| 492 | - 'ldap_port' => 'ldapPort', |
|
| 493 | - 'ldap_backup_host' => 'ldapBackupHost', |
|
| 494 | - 'ldap_backup_port' => 'ldapBackupPort', |
|
| 495 | - 'ldap_override_main_server' => 'ldapOverrideMainServer', |
|
| 496 | - 'ldap_dn' => 'ldapAgentName', |
|
| 497 | - 'ldap_agent_password' => 'ldapAgentPassword', |
|
| 498 | - 'ldap_base' => 'ldapBase', |
|
| 499 | - 'ldap_base_users' => 'ldapBaseUsers', |
|
| 500 | - 'ldap_base_groups' => 'ldapBaseGroups', |
|
| 501 | - 'ldap_userfilter_objectclass' => 'ldapUserFilterObjectclass', |
|
| 502 | - 'ldap_userfilter_groups' => 'ldapUserFilterGroups', |
|
| 503 | - 'ldap_userlist_filter' => 'ldapUserFilter', |
|
| 504 | - 'ldap_user_filter_mode' => 'ldapUserFilterMode', |
|
| 505 | - 'ldap_user_avatar_rule' => 'ldapUserAvatarRule', |
|
| 506 | - 'ldap_login_filter' => 'ldapLoginFilter', |
|
| 507 | - 'ldap_login_filter_mode' => 'ldapLoginFilterMode', |
|
| 508 | - 'ldap_loginfilter_email' => 'ldapLoginFilterEmail', |
|
| 509 | - 'ldap_loginfilter_username' => 'ldapLoginFilterUsername', |
|
| 510 | - 'ldap_loginfilter_attributes' => 'ldapLoginFilterAttributes', |
|
| 511 | - 'ldap_group_filter' => 'ldapGroupFilter', |
|
| 512 | - 'ldap_group_filter_mode' => 'ldapGroupFilterMode', |
|
| 513 | - 'ldap_groupfilter_objectclass' => 'ldapGroupFilterObjectclass', |
|
| 514 | - 'ldap_groupfilter_groups' => 'ldapGroupFilterGroups', |
|
| 515 | - 'ldap_gid_number' => 'ldapGidNumber', |
|
| 516 | - 'ldap_display_name' => 'ldapUserDisplayName', |
|
| 517 | - 'ldap_user_display_name_2' => 'ldapUserDisplayName2', |
|
| 518 | - 'ldap_group_display_name' => 'ldapGroupDisplayName', |
|
| 519 | - 'ldap_tls' => 'ldapTLS', |
|
| 520 | - 'ldap_quota_def' => 'ldapQuotaDefault', |
|
| 521 | - 'ldap_quota_attr' => 'ldapQuotaAttribute', |
|
| 522 | - 'ldap_email_attr' => 'ldapEmailAttribute', |
|
| 523 | - 'ldap_group_member_assoc_attribute' => 'ldapGroupMemberAssocAttr', |
|
| 524 | - 'ldap_cache_ttl' => 'ldapCacheTTL', |
|
| 525 | - 'home_folder_naming_rule' => 'homeFolderNamingRule', |
|
| 526 | - 'ldap_turn_off_cert_check' => 'turnOffCertCheck', |
|
| 527 | - 'ldap_configuration_active' => 'ldapConfigurationActive', |
|
| 528 | - 'ldap_attributes_for_user_search' => 'ldapAttributesForUserSearch', |
|
| 529 | - 'ldap_attributes_for_group_search' => 'ldapAttributesForGroupSearch', |
|
| 530 | - 'ldap_expert_username_attr' => 'ldapExpertUsernameAttr', |
|
| 531 | - 'ldap_expert_uuid_user_attr' => 'ldapExpertUUIDUserAttr', |
|
| 532 | - 'ldap_expert_uuid_group_attr' => 'ldapExpertUUIDGroupAttr', |
|
| 533 | - 'has_memberof_filter_support' => 'hasMemberOfFilterSupport', |
|
| 534 | - 'use_memberof_to_detect_membership' => 'useMemberOfToDetectMembership', |
|
| 535 | - 'last_jpegPhoto_lookup' => 'lastJpegPhotoLookup', |
|
| 536 | - 'ldap_nested_groups' => 'ldapNestedGroups', |
|
| 537 | - 'ldap_paging_size' => 'ldapPagingSize', |
|
| 538 | - 'ldap_turn_on_pwd_change' => 'turnOnPasswordChange', |
|
| 539 | - 'ldap_experienced_admin' => 'ldapExperiencedAdmin', |
|
| 540 | - 'ldap_dynamic_group_member_url' => 'ldapDynamicGroupMemberURL', |
|
| 541 | - 'ldap_default_ppolicy_dn' => 'ldapDefaultPPolicyDN', |
|
| 542 | - 'ldap_ext_storage_home_attribute' => 'ldapExtStorageHomeAttribute', |
|
| 543 | - 'ldapIgnoreNamingRules' => 'ldapIgnoreNamingRules', // sysconfig |
|
| 544 | - ); |
|
| 545 | - return $array; |
|
| 546 | - } |
|
| 485 | + /** |
|
| 486 | + * @return array that maps internal variable names to database fields |
|
| 487 | + */ |
|
| 488 | + public function getConfigTranslationArray() { |
|
| 489 | + //TODO: merge them into one representation |
|
| 490 | + static $array = array( |
|
| 491 | + 'ldap_host' => 'ldapHost', |
|
| 492 | + 'ldap_port' => 'ldapPort', |
|
| 493 | + 'ldap_backup_host' => 'ldapBackupHost', |
|
| 494 | + 'ldap_backup_port' => 'ldapBackupPort', |
|
| 495 | + 'ldap_override_main_server' => 'ldapOverrideMainServer', |
|
| 496 | + 'ldap_dn' => 'ldapAgentName', |
|
| 497 | + 'ldap_agent_password' => 'ldapAgentPassword', |
|
| 498 | + 'ldap_base' => 'ldapBase', |
|
| 499 | + 'ldap_base_users' => 'ldapBaseUsers', |
|
| 500 | + 'ldap_base_groups' => 'ldapBaseGroups', |
|
| 501 | + 'ldap_userfilter_objectclass' => 'ldapUserFilterObjectclass', |
|
| 502 | + 'ldap_userfilter_groups' => 'ldapUserFilterGroups', |
|
| 503 | + 'ldap_userlist_filter' => 'ldapUserFilter', |
|
| 504 | + 'ldap_user_filter_mode' => 'ldapUserFilterMode', |
|
| 505 | + 'ldap_user_avatar_rule' => 'ldapUserAvatarRule', |
|
| 506 | + 'ldap_login_filter' => 'ldapLoginFilter', |
|
| 507 | + 'ldap_login_filter_mode' => 'ldapLoginFilterMode', |
|
| 508 | + 'ldap_loginfilter_email' => 'ldapLoginFilterEmail', |
|
| 509 | + 'ldap_loginfilter_username' => 'ldapLoginFilterUsername', |
|
| 510 | + 'ldap_loginfilter_attributes' => 'ldapLoginFilterAttributes', |
|
| 511 | + 'ldap_group_filter' => 'ldapGroupFilter', |
|
| 512 | + 'ldap_group_filter_mode' => 'ldapGroupFilterMode', |
|
| 513 | + 'ldap_groupfilter_objectclass' => 'ldapGroupFilterObjectclass', |
|
| 514 | + 'ldap_groupfilter_groups' => 'ldapGroupFilterGroups', |
|
| 515 | + 'ldap_gid_number' => 'ldapGidNumber', |
|
| 516 | + 'ldap_display_name' => 'ldapUserDisplayName', |
|
| 517 | + 'ldap_user_display_name_2' => 'ldapUserDisplayName2', |
|
| 518 | + 'ldap_group_display_name' => 'ldapGroupDisplayName', |
|
| 519 | + 'ldap_tls' => 'ldapTLS', |
|
| 520 | + 'ldap_quota_def' => 'ldapQuotaDefault', |
|
| 521 | + 'ldap_quota_attr' => 'ldapQuotaAttribute', |
|
| 522 | + 'ldap_email_attr' => 'ldapEmailAttribute', |
|
| 523 | + 'ldap_group_member_assoc_attribute' => 'ldapGroupMemberAssocAttr', |
|
| 524 | + 'ldap_cache_ttl' => 'ldapCacheTTL', |
|
| 525 | + 'home_folder_naming_rule' => 'homeFolderNamingRule', |
|
| 526 | + 'ldap_turn_off_cert_check' => 'turnOffCertCheck', |
|
| 527 | + 'ldap_configuration_active' => 'ldapConfigurationActive', |
|
| 528 | + 'ldap_attributes_for_user_search' => 'ldapAttributesForUserSearch', |
|
| 529 | + 'ldap_attributes_for_group_search' => 'ldapAttributesForGroupSearch', |
|
| 530 | + 'ldap_expert_username_attr' => 'ldapExpertUsernameAttr', |
|
| 531 | + 'ldap_expert_uuid_user_attr' => 'ldapExpertUUIDUserAttr', |
|
| 532 | + 'ldap_expert_uuid_group_attr' => 'ldapExpertUUIDGroupAttr', |
|
| 533 | + 'has_memberof_filter_support' => 'hasMemberOfFilterSupport', |
|
| 534 | + 'use_memberof_to_detect_membership' => 'useMemberOfToDetectMembership', |
|
| 535 | + 'last_jpegPhoto_lookup' => 'lastJpegPhotoLookup', |
|
| 536 | + 'ldap_nested_groups' => 'ldapNestedGroups', |
|
| 537 | + 'ldap_paging_size' => 'ldapPagingSize', |
|
| 538 | + 'ldap_turn_on_pwd_change' => 'turnOnPasswordChange', |
|
| 539 | + 'ldap_experienced_admin' => 'ldapExperiencedAdmin', |
|
| 540 | + 'ldap_dynamic_group_member_url' => 'ldapDynamicGroupMemberURL', |
|
| 541 | + 'ldap_default_ppolicy_dn' => 'ldapDefaultPPolicyDN', |
|
| 542 | + 'ldap_ext_storage_home_attribute' => 'ldapExtStorageHomeAttribute', |
|
| 543 | + 'ldapIgnoreNamingRules' => 'ldapIgnoreNamingRules', // sysconfig |
|
| 544 | + ); |
|
| 545 | + return $array; |
|
| 546 | + } |
|
| 547 | 547 | |
| 548 | - /** |
|
| 549 | - * @param string $rule |
|
| 550 | - * @return array |
|
| 551 | - * @throws \RuntimeException |
|
| 552 | - */ |
|
| 553 | - public function resolveRule($rule) { |
|
| 554 | - if($rule === 'avatar') { |
|
| 555 | - return $this->getAvatarAttributes(); |
|
| 556 | - } |
|
| 557 | - throw new \RuntimeException('Invalid rule'); |
|
| 558 | - } |
|
| 548 | + /** |
|
| 549 | + * @param string $rule |
|
| 550 | + * @return array |
|
| 551 | + * @throws \RuntimeException |
|
| 552 | + */ |
|
| 553 | + public function resolveRule($rule) { |
|
| 554 | + if($rule === 'avatar') { |
|
| 555 | + return $this->getAvatarAttributes(); |
|
| 556 | + } |
|
| 557 | + throw new \RuntimeException('Invalid rule'); |
|
| 558 | + } |
|
| 559 | 559 | |
| 560 | - public function getAvatarAttributes() { |
|
| 561 | - $value = $this->ldapUserAvatarRule ?: self::AVATAR_PREFIX_DEFAULT; |
|
| 562 | - $defaultAttributes = ['jpegphoto', 'thumbnailphoto']; |
|
| 560 | + public function getAvatarAttributes() { |
|
| 561 | + $value = $this->ldapUserAvatarRule ?: self::AVATAR_PREFIX_DEFAULT; |
|
| 562 | + $defaultAttributes = ['jpegphoto', 'thumbnailphoto']; |
|
| 563 | 563 | |
| 564 | - if($value === self::AVATAR_PREFIX_NONE) { |
|
| 565 | - return []; |
|
| 566 | - } |
|
| 567 | - if(strpos($value, self::AVATAR_PREFIX_DATA_ATTRIBUTE) === 0) { |
|
| 568 | - $attribute = trim(substr($value, strlen(self::AVATAR_PREFIX_DATA_ATTRIBUTE))); |
|
| 569 | - if($attribute === '') { |
|
| 570 | - return $defaultAttributes; |
|
| 571 | - } |
|
| 572 | - return [strtolower($attribute)]; |
|
| 573 | - } |
|
| 574 | - if($value !== self::AVATAR_PREFIX_DEFAULT) { |
|
| 575 | - \OC::$server->getLogger()->warning('Invalid config value to ldapUserAvatarRule; falling back to default.'); |
|
| 576 | - } |
|
| 577 | - return $defaultAttributes; |
|
| 578 | - } |
|
| 564 | + if($value === self::AVATAR_PREFIX_NONE) { |
|
| 565 | + return []; |
|
| 566 | + } |
|
| 567 | + if(strpos($value, self::AVATAR_PREFIX_DATA_ATTRIBUTE) === 0) { |
|
| 568 | + $attribute = trim(substr($value, strlen(self::AVATAR_PREFIX_DATA_ATTRIBUTE))); |
|
| 569 | + if($attribute === '') { |
|
| 570 | + return $defaultAttributes; |
|
| 571 | + } |
|
| 572 | + return [strtolower($attribute)]; |
|
| 573 | + } |
|
| 574 | + if($value !== self::AVATAR_PREFIX_DEFAULT) { |
|
| 575 | + \OC::$server->getLogger()->warning('Invalid config value to ldapUserAvatarRule; falling back to default.'); |
|
| 576 | + } |
|
| 577 | + return $defaultAttributes; |
|
| 578 | + } |
|
| 579 | 579 | |
| 580 | 580 | } |
@@ -115,7 +115,7 @@ discard block |
||
| 115 | 115 | */ |
| 116 | 116 | public function __construct($configPrefix, $autoRead = true) { |
| 117 | 117 | $this->configPrefix = $configPrefix; |
| 118 | - if($autoRead) { |
|
| 118 | + if ($autoRead) { |
|
| 119 | 119 | $this->readConfiguration(); |
| 120 | 120 | } |
| 121 | 121 | } |
@@ -125,7 +125,7 @@ discard block |
||
| 125 | 125 | * @return mixed|null |
| 126 | 126 | */ |
| 127 | 127 | public function __get($name) { |
| 128 | - if(isset($this->config[$name])) { |
|
| 128 | + if (isset($this->config[$name])) { |
|
| 129 | 129 | return $this->config[$name]; |
| 130 | 130 | } |
| 131 | 131 | return null; |
@@ -156,22 +156,22 @@ discard block |
||
| 156 | 156 | * @return false|null |
| 157 | 157 | */ |
| 158 | 158 | public function setConfiguration($config, &$applied = null) { |
| 159 | - if(!is_array($config)) { |
|
| 159 | + if (!is_array($config)) { |
|
| 160 | 160 | return false; |
| 161 | 161 | } |
| 162 | 162 | |
| 163 | 163 | $cta = $this->getConfigTranslationArray(); |
| 164 | - foreach($config as $inputKey => $val) { |
|
| 165 | - if(strpos($inputKey, '_') !== false && array_key_exists($inputKey, $cta)) { |
|
| 164 | + foreach ($config as $inputKey => $val) { |
|
| 165 | + if (strpos($inputKey, '_') !== false && array_key_exists($inputKey, $cta)) { |
|
| 166 | 166 | $key = $cta[$inputKey]; |
| 167 | - } elseif(array_key_exists($inputKey, $this->config)) { |
|
| 167 | + } elseif (array_key_exists($inputKey, $this->config)) { |
|
| 168 | 168 | $key = $inputKey; |
| 169 | 169 | } else { |
| 170 | 170 | continue; |
| 171 | 171 | } |
| 172 | 172 | |
| 173 | 173 | $setMethod = 'setValue'; |
| 174 | - switch($key) { |
|
| 174 | + switch ($key) { |
|
| 175 | 175 | case 'ldapAgentPassword': |
| 176 | 176 | $setMethod = 'setRawValue'; |
| 177 | 177 | break; |
@@ -195,7 +195,7 @@ discard block |
||
| 195 | 195 | break; |
| 196 | 196 | } |
| 197 | 197 | $this->$setMethod($key, $val); |
| 198 | - if(is_array($applied)) { |
|
| 198 | + if (is_array($applied)) { |
|
| 199 | 199 | $applied[] = $inputKey; |
| 200 | 200 | // storing key as index avoids duplication, and as value for simplicity |
| 201 | 201 | } |
@@ -205,15 +205,15 @@ discard block |
||
| 205 | 205 | } |
| 206 | 206 | |
| 207 | 207 | public function readConfiguration() { |
| 208 | - if(!$this->configRead && !is_null($this->configPrefix)) { |
|
| 208 | + if (!$this->configRead && !is_null($this->configPrefix)) { |
|
| 209 | 209 | $cta = array_flip($this->getConfigTranslationArray()); |
| 210 | - foreach($this->config as $key => $val) { |
|
| 211 | - if(!isset($cta[$key])) { |
|
| 210 | + foreach ($this->config as $key => $val) { |
|
| 211 | + if (!isset($cta[$key])) { |
|
| 212 | 212 | //some are determined |
| 213 | 213 | continue; |
| 214 | 214 | } |
| 215 | 215 | $dbKey = $cta[$key]; |
| 216 | - switch($key) { |
|
| 216 | + switch ($key) { |
|
| 217 | 217 | case 'ldapBase': |
| 218 | 218 | case 'ldapBaseUsers': |
| 219 | 219 | case 'ldapBaseGroups': |
@@ -256,7 +256,7 @@ discard block |
||
| 256 | 256 | */ |
| 257 | 257 | public function saveConfiguration() { |
| 258 | 258 | $cta = array_flip($this->getConfigTranslationArray()); |
| 259 | - foreach($this->unsavedChanges as $key) { |
|
| 259 | + foreach ($this->unsavedChanges as $key) { |
|
| 260 | 260 | $value = $this->config[$key]; |
| 261 | 261 | switch ($key) { |
| 262 | 262 | case 'ldapAgentPassword': |
@@ -272,7 +272,7 @@ discard block |
||
| 272 | 272 | case 'ldapGroupFilterObjectclass': |
| 273 | 273 | case 'ldapGroupFilterGroups': |
| 274 | 274 | case 'ldapLoginFilterAttributes': |
| 275 | - if(is_array($value)) { |
|
| 275 | + if (is_array($value)) { |
|
| 276 | 276 | $value = implode("\n", $value); |
| 277 | 277 | } |
| 278 | 278 | break; |
@@ -282,7 +282,7 @@ discard block |
||
| 282 | 282 | case 'ldapUuidGroupAttribute': |
| 283 | 283 | continue 2; |
| 284 | 284 | } |
| 285 | - if(is_null($value)) { |
|
| 285 | + if (is_null($value)) { |
|
| 286 | 286 | $value = ''; |
| 287 | 287 | } |
| 288 | 288 | $this->saveValue($cta[$key], $value); |
@@ -297,7 +297,7 @@ discard block |
||
| 297 | 297 | */ |
| 298 | 298 | protected function getMultiLine($varName) { |
| 299 | 299 | $value = $this->getValue($varName); |
| 300 | - if(empty($value)) { |
|
| 300 | + if (empty($value)) { |
|
| 301 | 301 | $value = ''; |
| 302 | 302 | } else { |
| 303 | 303 | $value = preg_split('/\r\n|\r|\n/', $value); |
@@ -313,21 +313,21 @@ discard block |
||
| 313 | 313 | * @param array|string $value to set |
| 314 | 314 | */ |
| 315 | 315 | protected function setMultiLine($varName, $value) { |
| 316 | - if(empty($value)) { |
|
| 316 | + if (empty($value)) { |
|
| 317 | 317 | $value = ''; |
| 318 | 318 | } else if (!is_array($value)) { |
| 319 | 319 | $value = preg_split('/\r\n|\r|\n|;/', $value); |
| 320 | - if($value === false) { |
|
| 320 | + if ($value === false) { |
|
| 321 | 321 | $value = ''; |
| 322 | 322 | } |
| 323 | 323 | } |
| 324 | 324 | |
| 325 | - if(!is_array($value)) { |
|
| 325 | + if (!is_array($value)) { |
|
| 326 | 326 | $finalValue = trim($value); |
| 327 | 327 | } else { |
| 328 | 328 | $finalValue = []; |
| 329 | - foreach($value as $key => $val) { |
|
| 330 | - if(is_string($val)) { |
|
| 329 | + foreach ($value as $key => $val) { |
|
| 330 | + if (is_string($val)) { |
|
| 331 | 331 | $val = trim($val); |
| 332 | 332 | if ($val !== '') { |
| 333 | 333 | //accidental line breaks are not wanted and can cause |
@@ -374,7 +374,7 @@ discard block |
||
| 374 | 374 | */ |
| 375 | 375 | protected function getValue($varName) { |
| 376 | 376 | static $defaults; |
| 377 | - if(is_null($defaults)) { |
|
| 377 | + if (is_null($defaults)) { |
|
| 378 | 378 | $defaults = $this->getDefaults(); |
| 379 | 379 | } |
| 380 | 380 | return \OC::$server->getConfig()->getAppValue('user_ldap', |
@@ -389,7 +389,7 @@ discard block |
||
| 389 | 389 | * @param mixed $value to set |
| 390 | 390 | */ |
| 391 | 391 | protected function setValue($varName, $value) { |
| 392 | - if(is_string($value)) { |
|
| 392 | + if (is_string($value)) { |
|
| 393 | 393 | $value = trim($value); |
| 394 | 394 | } |
| 395 | 395 | $this->config[$varName] = $value; |
@@ -540,7 +540,7 @@ discard block |
||
| 540 | 540 | 'ldap_dynamic_group_member_url' => 'ldapDynamicGroupMemberURL', |
| 541 | 541 | 'ldap_default_ppolicy_dn' => 'ldapDefaultPPolicyDN', |
| 542 | 542 | 'ldap_ext_storage_home_attribute' => 'ldapExtStorageHomeAttribute', |
| 543 | - 'ldapIgnoreNamingRules' => 'ldapIgnoreNamingRules', // sysconfig |
|
| 543 | + 'ldapIgnoreNamingRules' => 'ldapIgnoreNamingRules', // sysconfig |
|
| 544 | 544 | ); |
| 545 | 545 | return $array; |
| 546 | 546 | } |
@@ -551,7 +551,7 @@ discard block |
||
| 551 | 551 | * @throws \RuntimeException |
| 552 | 552 | */ |
| 553 | 553 | public function resolveRule($rule) { |
| 554 | - if($rule === 'avatar') { |
|
| 554 | + if ($rule === 'avatar') { |
|
| 555 | 555 | return $this->getAvatarAttributes(); |
| 556 | 556 | } |
| 557 | 557 | throw new \RuntimeException('Invalid rule'); |
@@ -561,17 +561,17 @@ discard block |
||
| 561 | 561 | $value = $this->ldapUserAvatarRule ?: self::AVATAR_PREFIX_DEFAULT; |
| 562 | 562 | $defaultAttributes = ['jpegphoto', 'thumbnailphoto']; |
| 563 | 563 | |
| 564 | - if($value === self::AVATAR_PREFIX_NONE) { |
|
| 564 | + if ($value === self::AVATAR_PREFIX_NONE) { |
|
| 565 | 565 | return []; |
| 566 | 566 | } |
| 567 | - if(strpos($value, self::AVATAR_PREFIX_DATA_ATTRIBUTE) === 0) { |
|
| 567 | + if (strpos($value, self::AVATAR_PREFIX_DATA_ATTRIBUTE) === 0) { |
|
| 568 | 568 | $attribute = trim(substr($value, strlen(self::AVATAR_PREFIX_DATA_ATTRIBUTE))); |
| 569 | - if($attribute === '') { |
|
| 569 | + if ($attribute === '') { |
|
| 570 | 570 | return $defaultAttributes; |
| 571 | 571 | } |
| 572 | 572 | return [strtolower($attribute)]; |
| 573 | 573 | } |
| 574 | - if($value !== self::AVATAR_PREFIX_DEFAULT) { |
|
| 574 | + if ($value !== self::AVATAR_PREFIX_DEFAULT) { |
|
| 575 | 575 | \OC::$server->getLogger()->warning('Invalid config value to ldapUserAvatarRule; falling back to default.'); |
| 576 | 576 | } |
| 577 | 577 | return $defaultAttributes; |
@@ -28,10 +28,10 @@ discard block |
||
| 28 | 28 | */ |
| 29 | 29 | |
| 30 | 30 | \OC::$server->registerService('LDAPUserPluginManager', function() { |
| 31 | - return new OCA\User_LDAP\UserPluginManager(); |
|
| 31 | + return new OCA\User_LDAP\UserPluginManager(); |
|
| 32 | 32 | }); |
| 33 | 33 | \OC::$server->registerService('LDAPGroupPluginManager', function() { |
| 34 | - return new OCA\User_LDAP\GroupPluginManager(); |
|
| 34 | + return new OCA\User_LDAP\GroupPluginManager(); |
|
| 35 | 35 | }); |
| 36 | 36 | |
| 37 | 37 | $app = new \OCA\User_LDAP\AppInfo\Application(); |
@@ -39,43 +39,43 @@ discard block |
||
| 39 | 39 | $helper = new \OCA\User_LDAP\Helper(\OC::$server->getConfig()); |
| 40 | 40 | $configPrefixes = $helper->getServerConfigurationPrefixes(true); |
| 41 | 41 | if(count($configPrefixes) > 0) { |
| 42 | - $ldapWrapper = new OCA\User_LDAP\LDAP(); |
|
| 43 | - $ocConfig = \OC::$server->getConfig(); |
|
| 44 | - $notificationManager = \OC::$server->getNotificationManager(); |
|
| 45 | - $notificationManager->registerNotifier(function() { |
|
| 46 | - return new \OCA\User_LDAP\Notification\Notifier( |
|
| 47 | - \OC::$server->getL10NFactory() |
|
| 48 | - ); |
|
| 49 | - }, function() { |
|
| 50 | - $l = \OC::$server->getL10N('user_ldap'); |
|
| 51 | - return [ |
|
| 52 | - 'id' => 'user_ldap', |
|
| 53 | - 'name' => $l->t('LDAP user and group backend'), |
|
| 54 | - ]; |
|
| 55 | - }); |
|
| 56 | - $userSession = \OC::$server->getUserSession(); |
|
| 42 | + $ldapWrapper = new OCA\User_LDAP\LDAP(); |
|
| 43 | + $ocConfig = \OC::$server->getConfig(); |
|
| 44 | + $notificationManager = \OC::$server->getNotificationManager(); |
|
| 45 | + $notificationManager->registerNotifier(function() { |
|
| 46 | + return new \OCA\User_LDAP\Notification\Notifier( |
|
| 47 | + \OC::$server->getL10NFactory() |
|
| 48 | + ); |
|
| 49 | + }, function() { |
|
| 50 | + $l = \OC::$server->getL10N('user_ldap'); |
|
| 51 | + return [ |
|
| 52 | + 'id' => 'user_ldap', |
|
| 53 | + 'name' => $l->t('LDAP user and group backend'), |
|
| 54 | + ]; |
|
| 55 | + }); |
|
| 56 | + $userSession = \OC::$server->getUserSession(); |
|
| 57 | 57 | |
| 58 | - $userPluginManager = \OC::$server->query('LDAPUserPluginManager'); |
|
| 59 | - $groupPluginManager = \OC::$server->query('LDAPGroupPluginManager'); |
|
| 58 | + $userPluginManager = \OC::$server->query('LDAPUserPluginManager'); |
|
| 59 | + $groupPluginManager = \OC::$server->query('LDAPGroupPluginManager'); |
|
| 60 | 60 | |
| 61 | - $userBackend = new OCA\User_LDAP\User_Proxy( |
|
| 62 | - $configPrefixes, $ldapWrapper, $ocConfig, $notificationManager, $userSession, $userPluginManager |
|
| 63 | - ); |
|
| 64 | - $groupBackend = new OCA\User_LDAP\Group_Proxy($configPrefixes, $ldapWrapper, $groupPluginManager); |
|
| 65 | - // register user backend |
|
| 66 | - OC_User::useBackend($userBackend); |
|
| 61 | + $userBackend = new OCA\User_LDAP\User_Proxy( |
|
| 62 | + $configPrefixes, $ldapWrapper, $ocConfig, $notificationManager, $userSession, $userPluginManager |
|
| 63 | + ); |
|
| 64 | + $groupBackend = new OCA\User_LDAP\Group_Proxy($configPrefixes, $ldapWrapper, $groupPluginManager); |
|
| 65 | + // register user backend |
|
| 66 | + OC_User::useBackend($userBackend); |
|
| 67 | 67 | |
| 68 | - // Hook to allow plugins to work on registered backends |
|
| 69 | - OC::$server->getEventDispatcher()->dispatch('OCA\\User_LDAP\\User\\User::postLDAPBackendAdded'); |
|
| 68 | + // Hook to allow plugins to work on registered backends |
|
| 69 | + OC::$server->getEventDispatcher()->dispatch('OCA\\User_LDAP\\User\\User::postLDAPBackendAdded'); |
|
| 70 | 70 | |
| 71 | - \OC::$server->getGroupManager()->addBackend($groupBackend); |
|
| 71 | + \OC::$server->getGroupManager()->addBackend($groupBackend); |
|
| 72 | 72 | |
| 73 | - $app->registerBackendDependents(); |
|
| 73 | + $app->registerBackendDependents(); |
|
| 74 | 74 | } |
| 75 | 75 | |
| 76 | 76 | \OCP\Util::connectHook( |
| 77 | - '\OCA\Files_Sharing\API\Server2Server', |
|
| 78 | - 'preLoginNameUsedAsUserName', |
|
| 79 | - '\OCA\User_LDAP\Helper', |
|
| 80 | - 'loginName2UserName' |
|
| 77 | + '\OCA\Files_Sharing\API\Server2Server', |
|
| 78 | + 'preLoginNameUsedAsUserName', |
|
| 79 | + '\OCA\User_LDAP\Helper', |
|
| 80 | + 'loginName2UserName' |
|
| 81 | 81 | ); |
@@ -6,85 +6,85 @@ |
||
| 6 | 6 | |
| 7 | 7 | class ComposerStaticInitUser_LDAP |
| 8 | 8 | { |
| 9 | - public static $prefixLengthsPsr4 = array ( |
|
| 9 | + public static $prefixLengthsPsr4 = array( |
|
| 10 | 10 | 'O' => |
| 11 | - array ( |
|
| 11 | + array( |
|
| 12 | 12 | 'OCA\\User_LDAP\\' => 14, |
| 13 | 13 | ), |
| 14 | 14 | ); |
| 15 | 15 | |
| 16 | - public static $prefixDirsPsr4 = array ( |
|
| 16 | + public static $prefixDirsPsr4 = array( |
|
| 17 | 17 | 'OCA\\User_LDAP\\' => |
| 18 | - array ( |
|
| 19 | - 0 => __DIR__ . '/..' . '/../lib', |
|
| 18 | + array( |
|
| 19 | + 0 => __DIR__.'/..'.'/../lib', |
|
| 20 | 20 | ), |
| 21 | 21 | ); |
| 22 | 22 | |
| 23 | - public static $classMap = array ( |
|
| 24 | - 'OCA\\User_LDAP\\Access' => __DIR__ . '/..' . '/../lib/Access.php', |
|
| 25 | - 'OCA\\User_LDAP\\AccessFactory' => __DIR__ . '/..' . '/../lib/AccessFactory.php', |
|
| 26 | - 'OCA\\User_LDAP\\AppInfo\\Application' => __DIR__ . '/..' . '/../lib/AppInfo/Application.php', |
|
| 27 | - 'OCA\\User_LDAP\\BackendUtility' => __DIR__ . '/..' . '/../lib/BackendUtility.php', |
|
| 28 | - 'OCA\\User_LDAP\\Command\\CheckUser' => __DIR__ . '/..' . '/../lib/Command/CheckUser.php', |
|
| 29 | - 'OCA\\User_LDAP\\Command\\CreateEmptyConfig' => __DIR__ . '/..' . '/../lib/Command/CreateEmptyConfig.php', |
|
| 30 | - 'OCA\\User_LDAP\\Command\\DeleteConfig' => __DIR__ . '/..' . '/../lib/Command/DeleteConfig.php', |
|
| 31 | - 'OCA\\User_LDAP\\Command\\Search' => __DIR__ . '/..' . '/../lib/Command/Search.php', |
|
| 32 | - 'OCA\\User_LDAP\\Command\\SetConfig' => __DIR__ . '/..' . '/../lib/Command/SetConfig.php', |
|
| 33 | - 'OCA\\User_LDAP\\Command\\ShowConfig' => __DIR__ . '/..' . '/../lib/Command/ShowConfig.php', |
|
| 34 | - 'OCA\\User_LDAP\\Command\\ShowRemnants' => __DIR__ . '/..' . '/../lib/Command/ShowRemnants.php', |
|
| 35 | - 'OCA\\User_LDAP\\Command\\TestConfig' => __DIR__ . '/..' . '/../lib/Command/TestConfig.php', |
|
| 36 | - 'OCA\\User_LDAP\\Configuration' => __DIR__ . '/..' . '/../lib/Configuration.php', |
|
| 37 | - 'OCA\\User_LDAP\\Connection' => __DIR__ . '/..' . '/../lib/Connection.php', |
|
| 38 | - 'OCA\\User_LDAP\\ConnectionFactory' => __DIR__ . '/..' . '/../lib/ConnectionFactory.php', |
|
| 39 | - 'OCA\\User_LDAP\\Controller\\ConfigAPIController' => __DIR__ . '/..' . '/../lib/Controller/ConfigAPIController.php', |
|
| 40 | - 'OCA\\User_LDAP\\Controller\\RenewPasswordController' => __DIR__ . '/..' . '/../lib/Controller/RenewPasswordController.php', |
|
| 41 | - 'OCA\\User_LDAP\\Exceptions\\AttributeNotSet' => __DIR__ . '/..' . '/../lib/Exceptions/AttributeNotSet.php', |
|
| 42 | - 'OCA\\User_LDAP\\Exceptions\\ConstraintViolationException' => __DIR__ . '/..' . '/../lib/Exceptions/ConstraintViolationException.php', |
|
| 43 | - 'OCA\\User_LDAP\\Exceptions\\NotOnLDAP' => __DIR__ . '/..' . '/../lib/Exceptions/NotOnLDAP.php', |
|
| 44 | - 'OCA\\User_LDAP\\FilesystemHelper' => __DIR__ . '/..' . '/../lib/FilesystemHelper.php', |
|
| 45 | - 'OCA\\User_LDAP\\GroupPluginManager' => __DIR__ . '/..' . '/../lib/GroupPluginManager.php', |
|
| 46 | - 'OCA\\User_LDAP\\Group_LDAP' => __DIR__ . '/..' . '/../lib/Group_LDAP.php', |
|
| 47 | - 'OCA\\User_LDAP\\Group_Proxy' => __DIR__ . '/..' . '/../lib/Group_Proxy.php', |
|
| 48 | - 'OCA\\User_LDAP\\Handler\\ExtStorageConfigHandler' => __DIR__ . '/..' . '/../lib/Handler/ExtStorageConfigHandler.php', |
|
| 49 | - 'OCA\\User_LDAP\\Helper' => __DIR__ . '/..' . '/../lib/Helper.php', |
|
| 50 | - 'OCA\\User_LDAP\\IGroupLDAP' => __DIR__ . '/..' . '/../lib/IGroupLDAP.php', |
|
| 51 | - 'OCA\\User_LDAP\\ILDAPGroupPlugin' => __DIR__ . '/..' . '/../lib/ILDAPGroupPlugin.php', |
|
| 52 | - 'OCA\\User_LDAP\\ILDAPUserPlugin' => __DIR__ . '/..' . '/../lib/ILDAPUserPlugin.php', |
|
| 53 | - 'OCA\\User_LDAP\\ILDAPWrapper' => __DIR__ . '/..' . '/../lib/ILDAPWrapper.php', |
|
| 54 | - 'OCA\\User_LDAP\\IUserLDAP' => __DIR__ . '/..' . '/../lib/IUserLDAP.php', |
|
| 55 | - 'OCA\\User_LDAP\\Jobs\\CleanUp' => __DIR__ . '/..' . '/../lib/Jobs/CleanUp.php', |
|
| 56 | - 'OCA\\User_LDAP\\Jobs\\Sync' => __DIR__ . '/..' . '/../lib/Jobs/Sync.php', |
|
| 57 | - 'OCA\\User_LDAP\\Jobs\\UpdateGroups' => __DIR__ . '/..' . '/../lib/Jobs/UpdateGroups.php', |
|
| 58 | - 'OCA\\User_LDAP\\LDAP' => __DIR__ . '/..' . '/../lib/LDAP.php', |
|
| 59 | - 'OCA\\User_LDAP\\LDAPProvider' => __DIR__ . '/..' . '/../lib/LDAPProvider.php', |
|
| 60 | - 'OCA\\User_LDAP\\LDAPProviderFactory' => __DIR__ . '/..' . '/../lib/LDAPProviderFactory.php', |
|
| 61 | - 'OCA\\User_LDAP\\LDAPUtility' => __DIR__ . '/..' . '/../lib/LDAPUtility.php', |
|
| 62 | - 'OCA\\User_LDAP\\LogWrapper' => __DIR__ . '/..' . '/../lib/LogWrapper.php', |
|
| 63 | - 'OCA\\User_LDAP\\Mapping\\AbstractMapping' => __DIR__ . '/..' . '/../lib/Mapping/AbstractMapping.php', |
|
| 64 | - 'OCA\\User_LDAP\\Mapping\\GroupMapping' => __DIR__ . '/..' . '/../lib/Mapping/GroupMapping.php', |
|
| 65 | - 'OCA\\User_LDAP\\Mapping\\UserMapping' => __DIR__ . '/..' . '/../lib/Mapping/UserMapping.php', |
|
| 66 | - 'OCA\\User_LDAP\\Migration\\UUIDFix' => __DIR__ . '/..' . '/../lib/Migration/UUIDFix.php', |
|
| 67 | - 'OCA\\User_LDAP\\Migration\\UUIDFixGroup' => __DIR__ . '/..' . '/../lib/Migration/UUIDFixGroup.php', |
|
| 68 | - 'OCA\\User_LDAP\\Migration\\UUIDFixInsert' => __DIR__ . '/..' . '/../lib/Migration/UUIDFixInsert.php', |
|
| 69 | - 'OCA\\User_LDAP\\Migration\\UUIDFixUser' => __DIR__ . '/..' . '/../lib/Migration/UUIDFixUser.php', |
|
| 70 | - 'OCA\\User_LDAP\\Notification\\Notifier' => __DIR__ . '/..' . '/../lib/Notification/Notifier.php', |
|
| 71 | - 'OCA\\User_LDAP\\Proxy' => __DIR__ . '/..' . '/../lib/Proxy.php', |
|
| 72 | - 'OCA\\User_LDAP\\Settings\\Admin' => __DIR__ . '/..' . '/../lib/Settings/Admin.php', |
|
| 73 | - 'OCA\\User_LDAP\\Settings\\Section' => __DIR__ . '/..' . '/../lib/Settings/Section.php', |
|
| 74 | - 'OCA\\User_LDAP\\UserPluginManager' => __DIR__ . '/..' . '/../lib/UserPluginManager.php', |
|
| 75 | - 'OCA\\User_LDAP\\User\\DeletedUsersIndex' => __DIR__ . '/..' . '/../lib/User/DeletedUsersIndex.php', |
|
| 76 | - 'OCA\\User_LDAP\\User\\Manager' => __DIR__ . '/..' . '/../lib/User/Manager.php', |
|
| 77 | - 'OCA\\User_LDAP\\User\\OfflineUser' => __DIR__ . '/..' . '/../lib/User/OfflineUser.php', |
|
| 78 | - 'OCA\\User_LDAP\\User\\User' => __DIR__ . '/..' . '/../lib/User/User.php', |
|
| 79 | - 'OCA\\User_LDAP\\User_LDAP' => __DIR__ . '/..' . '/../lib/User_LDAP.php', |
|
| 80 | - 'OCA\\User_LDAP\\User_Proxy' => __DIR__ . '/..' . '/../lib/User_Proxy.php', |
|
| 81 | - 'OCA\\User_LDAP\\Wizard' => __DIR__ . '/..' . '/../lib/Wizard.php', |
|
| 82 | - 'OCA\\User_LDAP\\WizardResult' => __DIR__ . '/..' . '/../lib/WizardResult.php', |
|
| 23 | + public static $classMap = array( |
|
| 24 | + 'OCA\\User_LDAP\\Access' => __DIR__.'/..'.'/../lib/Access.php', |
|
| 25 | + 'OCA\\User_LDAP\\AccessFactory' => __DIR__.'/..'.'/../lib/AccessFactory.php', |
|
| 26 | + 'OCA\\User_LDAP\\AppInfo\\Application' => __DIR__.'/..'.'/../lib/AppInfo/Application.php', |
|
| 27 | + 'OCA\\User_LDAP\\BackendUtility' => __DIR__.'/..'.'/../lib/BackendUtility.php', |
|
| 28 | + 'OCA\\User_LDAP\\Command\\CheckUser' => __DIR__.'/..'.'/../lib/Command/CheckUser.php', |
|
| 29 | + 'OCA\\User_LDAP\\Command\\CreateEmptyConfig' => __DIR__.'/..'.'/../lib/Command/CreateEmptyConfig.php', |
|
| 30 | + 'OCA\\User_LDAP\\Command\\DeleteConfig' => __DIR__.'/..'.'/../lib/Command/DeleteConfig.php', |
|
| 31 | + 'OCA\\User_LDAP\\Command\\Search' => __DIR__.'/..'.'/../lib/Command/Search.php', |
|
| 32 | + 'OCA\\User_LDAP\\Command\\SetConfig' => __DIR__.'/..'.'/../lib/Command/SetConfig.php', |
|
| 33 | + 'OCA\\User_LDAP\\Command\\ShowConfig' => __DIR__.'/..'.'/../lib/Command/ShowConfig.php', |
|
| 34 | + 'OCA\\User_LDAP\\Command\\ShowRemnants' => __DIR__.'/..'.'/../lib/Command/ShowRemnants.php', |
|
| 35 | + 'OCA\\User_LDAP\\Command\\TestConfig' => __DIR__.'/..'.'/../lib/Command/TestConfig.php', |
|
| 36 | + 'OCA\\User_LDAP\\Configuration' => __DIR__.'/..'.'/../lib/Configuration.php', |
|
| 37 | + 'OCA\\User_LDAP\\Connection' => __DIR__.'/..'.'/../lib/Connection.php', |
|
| 38 | + 'OCA\\User_LDAP\\ConnectionFactory' => __DIR__.'/..'.'/../lib/ConnectionFactory.php', |
|
| 39 | + 'OCA\\User_LDAP\\Controller\\ConfigAPIController' => __DIR__.'/..'.'/../lib/Controller/ConfigAPIController.php', |
|
| 40 | + 'OCA\\User_LDAP\\Controller\\RenewPasswordController' => __DIR__.'/..'.'/../lib/Controller/RenewPasswordController.php', |
|
| 41 | + 'OCA\\User_LDAP\\Exceptions\\AttributeNotSet' => __DIR__.'/..'.'/../lib/Exceptions/AttributeNotSet.php', |
|
| 42 | + 'OCA\\User_LDAP\\Exceptions\\ConstraintViolationException' => __DIR__.'/..'.'/../lib/Exceptions/ConstraintViolationException.php', |
|
| 43 | + 'OCA\\User_LDAP\\Exceptions\\NotOnLDAP' => __DIR__.'/..'.'/../lib/Exceptions/NotOnLDAP.php', |
|
| 44 | + 'OCA\\User_LDAP\\FilesystemHelper' => __DIR__.'/..'.'/../lib/FilesystemHelper.php', |
|
| 45 | + 'OCA\\User_LDAP\\GroupPluginManager' => __DIR__.'/..'.'/../lib/GroupPluginManager.php', |
|
| 46 | + 'OCA\\User_LDAP\\Group_LDAP' => __DIR__.'/..'.'/../lib/Group_LDAP.php', |
|
| 47 | + 'OCA\\User_LDAP\\Group_Proxy' => __DIR__.'/..'.'/../lib/Group_Proxy.php', |
|
| 48 | + 'OCA\\User_LDAP\\Handler\\ExtStorageConfigHandler' => __DIR__.'/..'.'/../lib/Handler/ExtStorageConfigHandler.php', |
|
| 49 | + 'OCA\\User_LDAP\\Helper' => __DIR__.'/..'.'/../lib/Helper.php', |
|
| 50 | + 'OCA\\User_LDAP\\IGroupLDAP' => __DIR__.'/..'.'/../lib/IGroupLDAP.php', |
|
| 51 | + 'OCA\\User_LDAP\\ILDAPGroupPlugin' => __DIR__.'/..'.'/../lib/ILDAPGroupPlugin.php', |
|
| 52 | + 'OCA\\User_LDAP\\ILDAPUserPlugin' => __DIR__.'/..'.'/../lib/ILDAPUserPlugin.php', |
|
| 53 | + 'OCA\\User_LDAP\\ILDAPWrapper' => __DIR__.'/..'.'/../lib/ILDAPWrapper.php', |
|
| 54 | + 'OCA\\User_LDAP\\IUserLDAP' => __DIR__.'/..'.'/../lib/IUserLDAP.php', |
|
| 55 | + 'OCA\\User_LDAP\\Jobs\\CleanUp' => __DIR__.'/..'.'/../lib/Jobs/CleanUp.php', |
|
| 56 | + 'OCA\\User_LDAP\\Jobs\\Sync' => __DIR__.'/..'.'/../lib/Jobs/Sync.php', |
|
| 57 | + 'OCA\\User_LDAP\\Jobs\\UpdateGroups' => __DIR__.'/..'.'/../lib/Jobs/UpdateGroups.php', |
|
| 58 | + 'OCA\\User_LDAP\\LDAP' => __DIR__.'/..'.'/../lib/LDAP.php', |
|
| 59 | + 'OCA\\User_LDAP\\LDAPProvider' => __DIR__.'/..'.'/../lib/LDAPProvider.php', |
|
| 60 | + 'OCA\\User_LDAP\\LDAPProviderFactory' => __DIR__.'/..'.'/../lib/LDAPProviderFactory.php', |
|
| 61 | + 'OCA\\User_LDAP\\LDAPUtility' => __DIR__.'/..'.'/../lib/LDAPUtility.php', |
|
| 62 | + 'OCA\\User_LDAP\\LogWrapper' => __DIR__.'/..'.'/../lib/LogWrapper.php', |
|
| 63 | + 'OCA\\User_LDAP\\Mapping\\AbstractMapping' => __DIR__.'/..'.'/../lib/Mapping/AbstractMapping.php', |
|
| 64 | + 'OCA\\User_LDAP\\Mapping\\GroupMapping' => __DIR__.'/..'.'/../lib/Mapping/GroupMapping.php', |
|
| 65 | + 'OCA\\User_LDAP\\Mapping\\UserMapping' => __DIR__.'/..'.'/../lib/Mapping/UserMapping.php', |
|
| 66 | + 'OCA\\User_LDAP\\Migration\\UUIDFix' => __DIR__.'/..'.'/../lib/Migration/UUIDFix.php', |
|
| 67 | + 'OCA\\User_LDAP\\Migration\\UUIDFixGroup' => __DIR__.'/..'.'/../lib/Migration/UUIDFixGroup.php', |
|
| 68 | + 'OCA\\User_LDAP\\Migration\\UUIDFixInsert' => __DIR__.'/..'.'/../lib/Migration/UUIDFixInsert.php', |
|
| 69 | + 'OCA\\User_LDAP\\Migration\\UUIDFixUser' => __DIR__.'/..'.'/../lib/Migration/UUIDFixUser.php', |
|
| 70 | + 'OCA\\User_LDAP\\Notification\\Notifier' => __DIR__.'/..'.'/../lib/Notification/Notifier.php', |
|
| 71 | + 'OCA\\User_LDAP\\Proxy' => __DIR__.'/..'.'/../lib/Proxy.php', |
|
| 72 | + 'OCA\\User_LDAP\\Settings\\Admin' => __DIR__.'/..'.'/../lib/Settings/Admin.php', |
|
| 73 | + 'OCA\\User_LDAP\\Settings\\Section' => __DIR__.'/..'.'/../lib/Settings/Section.php', |
|
| 74 | + 'OCA\\User_LDAP\\UserPluginManager' => __DIR__.'/..'.'/../lib/UserPluginManager.php', |
|
| 75 | + 'OCA\\User_LDAP\\User\\DeletedUsersIndex' => __DIR__.'/..'.'/../lib/User/DeletedUsersIndex.php', |
|
| 76 | + 'OCA\\User_LDAP\\User\\Manager' => __DIR__.'/..'.'/../lib/User/Manager.php', |
|
| 77 | + 'OCA\\User_LDAP\\User\\OfflineUser' => __DIR__.'/..'.'/../lib/User/OfflineUser.php', |
|
| 78 | + 'OCA\\User_LDAP\\User\\User' => __DIR__.'/..'.'/../lib/User/User.php', |
|
| 79 | + 'OCA\\User_LDAP\\User_LDAP' => __DIR__.'/..'.'/../lib/User_LDAP.php', |
|
| 80 | + 'OCA\\User_LDAP\\User_Proxy' => __DIR__.'/..'.'/../lib/User_Proxy.php', |
|
| 81 | + 'OCA\\User_LDAP\\Wizard' => __DIR__.'/..'.'/../lib/Wizard.php', |
|
| 82 | + 'OCA\\User_LDAP\\WizardResult' => __DIR__.'/..'.'/../lib/WizardResult.php', |
|
| 83 | 83 | ); |
| 84 | 84 | |
| 85 | 85 | public static function getInitializer(ClassLoader $loader) |
| 86 | 86 | { |
| 87 | - return \Closure::bind(function () use ($loader) { |
|
| 87 | + return \Closure::bind(function() use ($loader) { |
|
| 88 | 88 | $loader->prefixLengthsPsr4 = ComposerStaticInitUser_LDAP::$prefixLengthsPsr4; |
| 89 | 89 | $loader->prefixDirsPsr4 = ComposerStaticInitUser_LDAP::$prefixDirsPsr4; |
| 90 | 90 | $loader->classMap = ComposerStaticInitUser_LDAP::$classMap; |
@@ -6,63 +6,63 @@ |
||
| 6 | 6 | $baseDir = $vendorDir; |
| 7 | 7 | |
| 8 | 8 | return array( |
| 9 | - 'OCA\\User_LDAP\\Access' => $baseDir . '/../lib/Access.php', |
|
| 10 | - 'OCA\\User_LDAP\\AccessFactory' => $baseDir . '/../lib/AccessFactory.php', |
|
| 11 | - 'OCA\\User_LDAP\\AppInfo\\Application' => $baseDir . '/../lib/AppInfo/Application.php', |
|
| 12 | - 'OCA\\User_LDAP\\BackendUtility' => $baseDir . '/../lib/BackendUtility.php', |
|
| 13 | - 'OCA\\User_LDAP\\Command\\CheckUser' => $baseDir . '/../lib/Command/CheckUser.php', |
|
| 14 | - 'OCA\\User_LDAP\\Command\\CreateEmptyConfig' => $baseDir . '/../lib/Command/CreateEmptyConfig.php', |
|
| 15 | - 'OCA\\User_LDAP\\Command\\DeleteConfig' => $baseDir . '/../lib/Command/DeleteConfig.php', |
|
| 16 | - 'OCA\\User_LDAP\\Command\\Search' => $baseDir . '/../lib/Command/Search.php', |
|
| 17 | - 'OCA\\User_LDAP\\Command\\SetConfig' => $baseDir . '/../lib/Command/SetConfig.php', |
|
| 18 | - 'OCA\\User_LDAP\\Command\\ShowConfig' => $baseDir . '/../lib/Command/ShowConfig.php', |
|
| 19 | - 'OCA\\User_LDAP\\Command\\ShowRemnants' => $baseDir . '/../lib/Command/ShowRemnants.php', |
|
| 20 | - 'OCA\\User_LDAP\\Command\\TestConfig' => $baseDir . '/../lib/Command/TestConfig.php', |
|
| 21 | - 'OCA\\User_LDAP\\Configuration' => $baseDir . '/../lib/Configuration.php', |
|
| 22 | - 'OCA\\User_LDAP\\Connection' => $baseDir . '/../lib/Connection.php', |
|
| 23 | - 'OCA\\User_LDAP\\ConnectionFactory' => $baseDir . '/../lib/ConnectionFactory.php', |
|
| 24 | - 'OCA\\User_LDAP\\Controller\\ConfigAPIController' => $baseDir . '/../lib/Controller/ConfigAPIController.php', |
|
| 25 | - 'OCA\\User_LDAP\\Controller\\RenewPasswordController' => $baseDir . '/../lib/Controller/RenewPasswordController.php', |
|
| 26 | - 'OCA\\User_LDAP\\Exceptions\\AttributeNotSet' => $baseDir . '/../lib/Exceptions/AttributeNotSet.php', |
|
| 27 | - 'OCA\\User_LDAP\\Exceptions\\ConstraintViolationException' => $baseDir . '/../lib/Exceptions/ConstraintViolationException.php', |
|
| 28 | - 'OCA\\User_LDAP\\Exceptions\\NotOnLDAP' => $baseDir . '/../lib/Exceptions/NotOnLDAP.php', |
|
| 29 | - 'OCA\\User_LDAP\\FilesystemHelper' => $baseDir . '/../lib/FilesystemHelper.php', |
|
| 30 | - 'OCA\\User_LDAP\\GroupPluginManager' => $baseDir . '/../lib/GroupPluginManager.php', |
|
| 31 | - 'OCA\\User_LDAP\\Group_LDAP' => $baseDir . '/../lib/Group_LDAP.php', |
|
| 32 | - 'OCA\\User_LDAP\\Group_Proxy' => $baseDir . '/../lib/Group_Proxy.php', |
|
| 33 | - 'OCA\\User_LDAP\\Handler\\ExtStorageConfigHandler' => $baseDir . '/../lib/Handler/ExtStorageConfigHandler.php', |
|
| 34 | - 'OCA\\User_LDAP\\Helper' => $baseDir . '/../lib/Helper.php', |
|
| 35 | - 'OCA\\User_LDAP\\IGroupLDAP' => $baseDir . '/../lib/IGroupLDAP.php', |
|
| 36 | - 'OCA\\User_LDAP\\ILDAPGroupPlugin' => $baseDir . '/../lib/ILDAPGroupPlugin.php', |
|
| 37 | - 'OCA\\User_LDAP\\ILDAPUserPlugin' => $baseDir . '/../lib/ILDAPUserPlugin.php', |
|
| 38 | - 'OCA\\User_LDAP\\ILDAPWrapper' => $baseDir . '/../lib/ILDAPWrapper.php', |
|
| 39 | - 'OCA\\User_LDAP\\IUserLDAP' => $baseDir . '/../lib/IUserLDAP.php', |
|
| 40 | - 'OCA\\User_LDAP\\Jobs\\CleanUp' => $baseDir . '/../lib/Jobs/CleanUp.php', |
|
| 41 | - 'OCA\\User_LDAP\\Jobs\\Sync' => $baseDir . '/../lib/Jobs/Sync.php', |
|
| 42 | - 'OCA\\User_LDAP\\Jobs\\UpdateGroups' => $baseDir . '/../lib/Jobs/UpdateGroups.php', |
|
| 43 | - 'OCA\\User_LDAP\\LDAP' => $baseDir . '/../lib/LDAP.php', |
|
| 44 | - 'OCA\\User_LDAP\\LDAPProvider' => $baseDir . '/../lib/LDAPProvider.php', |
|
| 45 | - 'OCA\\User_LDAP\\LDAPProviderFactory' => $baseDir . '/../lib/LDAPProviderFactory.php', |
|
| 46 | - 'OCA\\User_LDAP\\LDAPUtility' => $baseDir . '/../lib/LDAPUtility.php', |
|
| 47 | - 'OCA\\User_LDAP\\LogWrapper' => $baseDir . '/../lib/LogWrapper.php', |
|
| 48 | - 'OCA\\User_LDAP\\Mapping\\AbstractMapping' => $baseDir . '/../lib/Mapping/AbstractMapping.php', |
|
| 49 | - 'OCA\\User_LDAP\\Mapping\\GroupMapping' => $baseDir . '/../lib/Mapping/GroupMapping.php', |
|
| 50 | - 'OCA\\User_LDAP\\Mapping\\UserMapping' => $baseDir . '/../lib/Mapping/UserMapping.php', |
|
| 51 | - 'OCA\\User_LDAP\\Migration\\UUIDFix' => $baseDir . '/../lib/Migration/UUIDFix.php', |
|
| 52 | - 'OCA\\User_LDAP\\Migration\\UUIDFixGroup' => $baseDir . '/../lib/Migration/UUIDFixGroup.php', |
|
| 53 | - 'OCA\\User_LDAP\\Migration\\UUIDFixInsert' => $baseDir . '/../lib/Migration/UUIDFixInsert.php', |
|
| 54 | - 'OCA\\User_LDAP\\Migration\\UUIDFixUser' => $baseDir . '/../lib/Migration/UUIDFixUser.php', |
|
| 55 | - 'OCA\\User_LDAP\\Notification\\Notifier' => $baseDir . '/../lib/Notification/Notifier.php', |
|
| 56 | - 'OCA\\User_LDAP\\Proxy' => $baseDir . '/../lib/Proxy.php', |
|
| 57 | - 'OCA\\User_LDAP\\Settings\\Admin' => $baseDir . '/../lib/Settings/Admin.php', |
|
| 58 | - 'OCA\\User_LDAP\\Settings\\Section' => $baseDir . '/../lib/Settings/Section.php', |
|
| 59 | - 'OCA\\User_LDAP\\UserPluginManager' => $baseDir . '/../lib/UserPluginManager.php', |
|
| 60 | - 'OCA\\User_LDAP\\User\\DeletedUsersIndex' => $baseDir . '/../lib/User/DeletedUsersIndex.php', |
|
| 61 | - 'OCA\\User_LDAP\\User\\Manager' => $baseDir . '/../lib/User/Manager.php', |
|
| 62 | - 'OCA\\User_LDAP\\User\\OfflineUser' => $baseDir . '/../lib/User/OfflineUser.php', |
|
| 63 | - 'OCA\\User_LDAP\\User\\User' => $baseDir . '/../lib/User/User.php', |
|
| 64 | - 'OCA\\User_LDAP\\User_LDAP' => $baseDir . '/../lib/User_LDAP.php', |
|
| 65 | - 'OCA\\User_LDAP\\User_Proxy' => $baseDir . '/../lib/User_Proxy.php', |
|
| 66 | - 'OCA\\User_LDAP\\Wizard' => $baseDir . '/../lib/Wizard.php', |
|
| 67 | - 'OCA\\User_LDAP\\WizardResult' => $baseDir . '/../lib/WizardResult.php', |
|
| 9 | + 'OCA\\User_LDAP\\Access' => $baseDir.'/../lib/Access.php', |
|
| 10 | + 'OCA\\User_LDAP\\AccessFactory' => $baseDir.'/../lib/AccessFactory.php', |
|
| 11 | + 'OCA\\User_LDAP\\AppInfo\\Application' => $baseDir.'/../lib/AppInfo/Application.php', |
|
| 12 | + 'OCA\\User_LDAP\\BackendUtility' => $baseDir.'/../lib/BackendUtility.php', |
|
| 13 | + 'OCA\\User_LDAP\\Command\\CheckUser' => $baseDir.'/../lib/Command/CheckUser.php', |
|
| 14 | + 'OCA\\User_LDAP\\Command\\CreateEmptyConfig' => $baseDir.'/../lib/Command/CreateEmptyConfig.php', |
|
| 15 | + 'OCA\\User_LDAP\\Command\\DeleteConfig' => $baseDir.'/../lib/Command/DeleteConfig.php', |
|
| 16 | + 'OCA\\User_LDAP\\Command\\Search' => $baseDir.'/../lib/Command/Search.php', |
|
| 17 | + 'OCA\\User_LDAP\\Command\\SetConfig' => $baseDir.'/../lib/Command/SetConfig.php', |
|
| 18 | + 'OCA\\User_LDAP\\Command\\ShowConfig' => $baseDir.'/../lib/Command/ShowConfig.php', |
|
| 19 | + 'OCA\\User_LDAP\\Command\\ShowRemnants' => $baseDir.'/../lib/Command/ShowRemnants.php', |
|
| 20 | + 'OCA\\User_LDAP\\Command\\TestConfig' => $baseDir.'/../lib/Command/TestConfig.php', |
|
| 21 | + 'OCA\\User_LDAP\\Configuration' => $baseDir.'/../lib/Configuration.php', |
|
| 22 | + 'OCA\\User_LDAP\\Connection' => $baseDir.'/../lib/Connection.php', |
|
| 23 | + 'OCA\\User_LDAP\\ConnectionFactory' => $baseDir.'/../lib/ConnectionFactory.php', |
|
| 24 | + 'OCA\\User_LDAP\\Controller\\ConfigAPIController' => $baseDir.'/../lib/Controller/ConfigAPIController.php', |
|
| 25 | + 'OCA\\User_LDAP\\Controller\\RenewPasswordController' => $baseDir.'/../lib/Controller/RenewPasswordController.php', |
|
| 26 | + 'OCA\\User_LDAP\\Exceptions\\AttributeNotSet' => $baseDir.'/../lib/Exceptions/AttributeNotSet.php', |
|
| 27 | + 'OCA\\User_LDAP\\Exceptions\\ConstraintViolationException' => $baseDir.'/../lib/Exceptions/ConstraintViolationException.php', |
|
| 28 | + 'OCA\\User_LDAP\\Exceptions\\NotOnLDAP' => $baseDir.'/../lib/Exceptions/NotOnLDAP.php', |
|
| 29 | + 'OCA\\User_LDAP\\FilesystemHelper' => $baseDir.'/../lib/FilesystemHelper.php', |
|
| 30 | + 'OCA\\User_LDAP\\GroupPluginManager' => $baseDir.'/../lib/GroupPluginManager.php', |
|
| 31 | + 'OCA\\User_LDAP\\Group_LDAP' => $baseDir.'/../lib/Group_LDAP.php', |
|
| 32 | + 'OCA\\User_LDAP\\Group_Proxy' => $baseDir.'/../lib/Group_Proxy.php', |
|
| 33 | + 'OCA\\User_LDAP\\Handler\\ExtStorageConfigHandler' => $baseDir.'/../lib/Handler/ExtStorageConfigHandler.php', |
|
| 34 | + 'OCA\\User_LDAP\\Helper' => $baseDir.'/../lib/Helper.php', |
|
| 35 | + 'OCA\\User_LDAP\\IGroupLDAP' => $baseDir.'/../lib/IGroupLDAP.php', |
|
| 36 | + 'OCA\\User_LDAP\\ILDAPGroupPlugin' => $baseDir.'/../lib/ILDAPGroupPlugin.php', |
|
| 37 | + 'OCA\\User_LDAP\\ILDAPUserPlugin' => $baseDir.'/../lib/ILDAPUserPlugin.php', |
|
| 38 | + 'OCA\\User_LDAP\\ILDAPWrapper' => $baseDir.'/../lib/ILDAPWrapper.php', |
|
| 39 | + 'OCA\\User_LDAP\\IUserLDAP' => $baseDir.'/../lib/IUserLDAP.php', |
|
| 40 | + 'OCA\\User_LDAP\\Jobs\\CleanUp' => $baseDir.'/../lib/Jobs/CleanUp.php', |
|
| 41 | + 'OCA\\User_LDAP\\Jobs\\Sync' => $baseDir.'/../lib/Jobs/Sync.php', |
|
| 42 | + 'OCA\\User_LDAP\\Jobs\\UpdateGroups' => $baseDir.'/../lib/Jobs/UpdateGroups.php', |
|
| 43 | + 'OCA\\User_LDAP\\LDAP' => $baseDir.'/../lib/LDAP.php', |
|
| 44 | + 'OCA\\User_LDAP\\LDAPProvider' => $baseDir.'/../lib/LDAPProvider.php', |
|
| 45 | + 'OCA\\User_LDAP\\LDAPProviderFactory' => $baseDir.'/../lib/LDAPProviderFactory.php', |
|
| 46 | + 'OCA\\User_LDAP\\LDAPUtility' => $baseDir.'/../lib/LDAPUtility.php', |
|
| 47 | + 'OCA\\User_LDAP\\LogWrapper' => $baseDir.'/../lib/LogWrapper.php', |
|
| 48 | + 'OCA\\User_LDAP\\Mapping\\AbstractMapping' => $baseDir.'/../lib/Mapping/AbstractMapping.php', |
|
| 49 | + 'OCA\\User_LDAP\\Mapping\\GroupMapping' => $baseDir.'/../lib/Mapping/GroupMapping.php', |
|
| 50 | + 'OCA\\User_LDAP\\Mapping\\UserMapping' => $baseDir.'/../lib/Mapping/UserMapping.php', |
|
| 51 | + 'OCA\\User_LDAP\\Migration\\UUIDFix' => $baseDir.'/../lib/Migration/UUIDFix.php', |
|
| 52 | + 'OCA\\User_LDAP\\Migration\\UUIDFixGroup' => $baseDir.'/../lib/Migration/UUIDFixGroup.php', |
|
| 53 | + 'OCA\\User_LDAP\\Migration\\UUIDFixInsert' => $baseDir.'/../lib/Migration/UUIDFixInsert.php', |
|
| 54 | + 'OCA\\User_LDAP\\Migration\\UUIDFixUser' => $baseDir.'/../lib/Migration/UUIDFixUser.php', |
|
| 55 | + 'OCA\\User_LDAP\\Notification\\Notifier' => $baseDir.'/../lib/Notification/Notifier.php', |
|
| 56 | + 'OCA\\User_LDAP\\Proxy' => $baseDir.'/../lib/Proxy.php', |
|
| 57 | + 'OCA\\User_LDAP\\Settings\\Admin' => $baseDir.'/../lib/Settings/Admin.php', |
|
| 58 | + 'OCA\\User_LDAP\\Settings\\Section' => $baseDir.'/../lib/Settings/Section.php', |
|
| 59 | + 'OCA\\User_LDAP\\UserPluginManager' => $baseDir.'/../lib/UserPluginManager.php', |
|
| 60 | + 'OCA\\User_LDAP\\User\\DeletedUsersIndex' => $baseDir.'/../lib/User/DeletedUsersIndex.php', |
|
| 61 | + 'OCA\\User_LDAP\\User\\Manager' => $baseDir.'/../lib/User/Manager.php', |
|
| 62 | + 'OCA\\User_LDAP\\User\\OfflineUser' => $baseDir.'/../lib/User/OfflineUser.php', |
|
| 63 | + 'OCA\\User_LDAP\\User\\User' => $baseDir.'/../lib/User/User.php', |
|
| 64 | + 'OCA\\User_LDAP\\User_LDAP' => $baseDir.'/../lib/User_LDAP.php', |
|
| 65 | + 'OCA\\User_LDAP\\User_Proxy' => $baseDir.'/../lib/User_Proxy.php', |
|
| 66 | + 'OCA\\User_LDAP\\Wizard' => $baseDir.'/../lib/Wizard.php', |
|
| 67 | + 'OCA\\User_LDAP\\WizardResult' => $baseDir.'/../lib/WizardResult.php', |
|
| 68 | 68 | ); |
@@ -59,71 +59,71 @@ |
||
| 59 | 59 | |
| 60 | 60 | <div id="ldapSettings"> |
| 61 | 61 | <ul> |
| 62 | - <li id="#ldapWizard1"><a href="#ldapWizard1"><?php p($l->t('Server'));?></a></li> |
|
| 63 | - <li id="#ldapWizard2"><a href="#ldapWizard2"><?php p($l->t('Users'));?></a></li> |
|
| 64 | - <li id="#ldapWizard3"><a href="#ldapWizard3"><?php p($l->t('Login Attributes'));?></a></li> |
|
| 65 | - <li id="#ldapWizard4"><a href="#ldapWizard4"><?php p($l->t('Groups'));?></a></li> |
|
| 66 | - <li class="ldapSettingsTabs"><a href="#ldapSettings-2"><?php p($l->t('Expert'));?></a></li> |
|
| 67 | - <li class="ldapSettingsTabs"><a href="#ldapSettings-1"><?php p($l->t('Advanced'));?></a></li> |
|
| 62 | + <li id="#ldapWizard1"><a href="#ldapWizard1"><?php p($l->t('Server')); ?></a></li> |
|
| 63 | + <li id="#ldapWizard2"><a href="#ldapWizard2"><?php p($l->t('Users')); ?></a></li> |
|
| 64 | + <li id="#ldapWizard3"><a href="#ldapWizard3"><?php p($l->t('Login Attributes')); ?></a></li> |
|
| 65 | + <li id="#ldapWizard4"><a href="#ldapWizard4"><?php p($l->t('Groups')); ?></a></li> |
|
| 66 | + <li class="ldapSettingsTabs"><a href="#ldapSettings-2"><?php p($l->t('Expert')); ?></a></li> |
|
| 67 | + <li class="ldapSettingsTabs"><a href="#ldapSettings-1"><?php p($l->t('Advanced')); ?></a></li> |
|
| 68 | 68 | </ul> |
| 69 | 69 | <?php |
| 70 | - if(!function_exists('ldap_connect')) { |
|
| 70 | + if (!function_exists('ldap_connect')) { |
|
| 71 | 71 | print_unescaped('<p class="ldapwarning">'.$l->t('<b>Warning:</b> The PHP LDAP module is not installed, the backend will not work. Please ask your system administrator to install it.').'</p>'); |
| 72 | 72 | } |
| 73 | 73 | ?> |
| 74 | - <?php require_once __DIR__ . '/part.wizard-server.php'; ?> |
|
| 75 | - <?php require_once __DIR__ . '/part.wizard-userfilter.php'; ?> |
|
| 76 | - <?php require_once __DIR__ . '/part.wizard-loginfilter.php'; ?> |
|
| 77 | - <?php require_once __DIR__ . '/part.wizard-groupfilter.php'; ?> |
|
| 74 | + <?php require_once __DIR__.'/part.wizard-server.php'; ?> |
|
| 75 | + <?php require_once __DIR__.'/part.wizard-userfilter.php'; ?> |
|
| 76 | + <?php require_once __DIR__.'/part.wizard-loginfilter.php'; ?> |
|
| 77 | + <?php require_once __DIR__.'/part.wizard-groupfilter.php'; ?> |
|
| 78 | 78 | <fieldset id="ldapSettings-1"> |
| 79 | 79 | <div id="ldapAdvancedAccordion"> |
| 80 | - <h3><?php p($l->t('Connection Settings'));?></h3> |
|
| 80 | + <h3><?php p($l->t('Connection Settings')); ?></h3> |
|
| 81 | 81 | <div> |
| 82 | - <p><label for="ldap_configuration_active"><?php p($l->t('Configuration Active'));?></label><input type="checkbox" id="ldap_configuration_active" name="ldap_configuration_active" value="1" data-default="<?php p($_['ldap_configuration_active_default']); ?>" title="<?php p($l->t('When unchecked, this configuration will be skipped.'));?>" /></p> |
|
| 83 | - <p><label for="ldap_backup_host"><?php p($l->t('Backup (Replica) Host'));?></label><input type="text" id="ldap_backup_host" name="ldap_backup_host" data-default="<?php p($_['ldap_backup_host_default']); ?>" title="<?php p($l->t('Give an optional backup host. It must be a replica of the main LDAP/AD server.'));?>"></p> |
|
| 84 | - <p><label for="ldap_backup_port"><?php p($l->t('Backup (Replica) Port'));?></label><input type="number" id="ldap_backup_port" name="ldap_backup_port" data-default="<?php p($_['ldap_backup_port_default']); ?>" /></p> |
|
| 85 | - <p><label for="ldap_override_main_server"><?php p($l->t('Disable Main Server'));?></label><input type="checkbox" id="ldap_override_main_server" name="ldap_override_main_server" value="1" data-default="<?php p($_['ldap_override_main_server_default']); ?>" title="<?php p($l->t('Only connect to the replica server.'));?>" /></p> |
|
| 86 | - <p><label for="ldap_turn_off_cert_check"><?php p($l->t('Turn off SSL certificate validation.'));?></label><input type="checkbox" id="ldap_turn_off_cert_check" name="ldap_turn_off_cert_check" title="<?php p($l->t('Not recommended, use it for testing only! If connection only works with this option, import the LDAP server\'s SSL certificate in your %s server.', [$theme->getName()] ));?>" data-default="<?php p($_['ldap_turn_off_cert_check_default']); ?>" value="1"><br/></p> |
|
| 87 | - <p><label for="ldap_cache_ttl"><?php p($l->t('Cache Time-To-Live'));?></label><input type="number" id="ldap_cache_ttl" name="ldap_cache_ttl" title="<?php p($l->t('in seconds. A change empties the cache.'));?>" data-default="<?php p($_['ldap_cache_ttl_default']); ?>" /></p> |
|
| 82 | + <p><label for="ldap_configuration_active"><?php p($l->t('Configuration Active')); ?></label><input type="checkbox" id="ldap_configuration_active" name="ldap_configuration_active" value="1" data-default="<?php p($_['ldap_configuration_active_default']); ?>" title="<?php p($l->t('When unchecked, this configuration will be skipped.')); ?>" /></p> |
|
| 83 | + <p><label for="ldap_backup_host"><?php p($l->t('Backup (Replica) Host')); ?></label><input type="text" id="ldap_backup_host" name="ldap_backup_host" data-default="<?php p($_['ldap_backup_host_default']); ?>" title="<?php p($l->t('Give an optional backup host. It must be a replica of the main LDAP/AD server.')); ?>"></p> |
|
| 84 | + <p><label for="ldap_backup_port"><?php p($l->t('Backup (Replica) Port')); ?></label><input type="number" id="ldap_backup_port" name="ldap_backup_port" data-default="<?php p($_['ldap_backup_port_default']); ?>" /></p> |
|
| 85 | + <p><label for="ldap_override_main_server"><?php p($l->t('Disable Main Server')); ?></label><input type="checkbox" id="ldap_override_main_server" name="ldap_override_main_server" value="1" data-default="<?php p($_['ldap_override_main_server_default']); ?>" title="<?php p($l->t('Only connect to the replica server.')); ?>" /></p> |
|
| 86 | + <p><label for="ldap_turn_off_cert_check"><?php p($l->t('Turn off SSL certificate validation.')); ?></label><input type="checkbox" id="ldap_turn_off_cert_check" name="ldap_turn_off_cert_check" title="<?php p($l->t('Not recommended, use it for testing only! If connection only works with this option, import the LDAP server\'s SSL certificate in your %s server.', [$theme->getName()])); ?>" data-default="<?php p($_['ldap_turn_off_cert_check_default']); ?>" value="1"><br/></p> |
|
| 87 | + <p><label for="ldap_cache_ttl"><?php p($l->t('Cache Time-To-Live')); ?></label><input type="number" id="ldap_cache_ttl" name="ldap_cache_ttl" title="<?php p($l->t('in seconds. A change empties the cache.')); ?>" data-default="<?php p($_['ldap_cache_ttl_default']); ?>" /></p> |
|
| 88 | 88 | </div> |
| 89 | - <h3><?php p($l->t('Directory Settings'));?></h3> |
|
| 89 | + <h3><?php p($l->t('Directory Settings')); ?></h3> |
|
| 90 | 90 | <div> |
| 91 | - <p><label for="ldap_display_name"><?php p($l->t('User Display Name Field'));?></label><input type="text" id="ldap_display_name" name="ldap_display_name" data-default="<?php p($_['ldap_display_name_default']); ?>" title="<?php p($l->t('The LDAP attribute to use to generate the user\'s display name.'));?>" /></p> |
|
| 92 | - <p><label for="ldap_user_display_name_2"><?php p($l->t('2nd User Display Name Field'));?></label><input type="text" id="ldap_user_display_name_2" name="ldap_user_display_name_2" data-default="<?php p($_['ldap_user_display_name_2_default']); ?>" title="<?php p($l->t('Optional. An LDAP attribute to be added to the display name in brackets. Results in e.g. »John Doe ([email protected])«.'));?>" /></p> |
|
| 93 | - <p><label for="ldap_base_users"><?php p($l->t('Base User Tree'));?></label><textarea id="ldap_base_users" name="ldap_base_users" placeholder="<?php p($l->t('One User Base DN per line'));?>" data-default="<?php p($_['ldap_base_users_default']); ?>" title="<?php p($l->t('Base User Tree'));?>"></textarea></p> |
|
| 94 | - <p><label for="ldap_attributes_for_user_search"><?php p($l->t('User Search Attributes'));?></label><textarea id="ldap_attributes_for_user_search" name="ldap_attributes_for_user_search" placeholder="<?php p($l->t('Optional; one attribute per line'));?>" data-default="<?php p($_['ldap_attributes_for_user_search_default']); ?>" title="<?php p($l->t('User Search Attributes'));?>"></textarea></p> |
|
| 95 | - <p><label for="ldap_group_display_name"><?php p($l->t('Group Display Name Field'));?></label><input type="text" id="ldap_group_display_name" name="ldap_group_display_name" data-default="<?php p($_['ldap_group_display_name_default']); ?>" title="<?php p($l->t('The LDAP attribute to use to generate the groups\'s display name.'));?>" /></p> |
|
| 96 | - <p><label for="ldap_base_groups"><?php p($l->t('Base Group Tree'));?></label><textarea id="ldap_base_groups" name="ldap_base_groups" placeholder="<?php p($l->t('One Group Base DN per line'));?>" data-default="<?php p($_['ldap_base_groups_default']); ?>" title="<?php p($l->t('Base Group Tree'));?>"></textarea></p> |
|
| 97 | - <p><label for="ldap_attributes_for_group_search"><?php p($l->t('Group Search Attributes'));?></label><textarea id="ldap_attributes_for_group_search" name="ldap_attributes_for_group_search" placeholder="<?php p($l->t('Optional; one attribute per line'));?>" data-default="<?php p($_['ldap_attributes_for_group_search_default']); ?>" title="<?php p($l->t('Group Search Attributes'));?>"></textarea></p> |
|
| 98 | - <p><label for="ldap_group_member_assoc_attribute"><?php p($l->t('Group-Member association'));?></label><select id="ldap_group_member_assoc_attribute" name="ldap_group_member_assoc_attribute" data-default="<?php p($_['ldap_group_member_assoc_attribute_default']); ?>" ><option value="uniqueMember"<?php if (isset($_['ldap_group_member_assoc_attribute']) && ($_['ldap_group_member_assoc_attribute'] === 'uniqueMember')) p(' selected'); ?>>uniqueMember</option><option value="memberUid"<?php if (isset($_['ldap_group_member_assoc_attribute']) && ($_['ldap_group_member_assoc_attribute'] === 'memberUid')) p(' selected'); ?>>memberUid</option><option value="member"<?php if (isset($_['ldap_group_member_assoc_attribute']) && ($_['ldap_group_member_assoc_attribute'] === 'member')) p(' selected'); ?>>member (AD)</option><option value="gidNumber"<?php if (isset($_['ldap_group_member_assoc_attribute']) && ($_['ldap_group_member_assoc_attribute'] === 'gidNumber')) p(' selected'); ?>>gidNumber</option></select></p> <p><label for="ldap_dynamic_group_member_url"><?php p($l->t('Dynamic Group Member URL'));?></label><input type="text" id="ldap_dynamic_group_member_url" name="ldap_dynamic_group_member_url" title="<?php p($l->t('The LDAP attribute that on group objects contains an LDAP search URL that determines what objects belong to the group. (An empty setting disables dynamic group membership functionality.)'));?>" data-default="<?php p($_['ldap_dynamic_group_member_url_default']); ?>" /></p> |
|
| 99 | - <p><label for="ldap_nested_groups"><?php p($l->t('Nested Groups'));?></label><input type="checkbox" id="ldap_nested_groups" name="ldap_nested_groups" value="1" data-default="<?php p($_['ldap_nested_groups_default']); ?>" title="<?php p($l->t('When switched on, groups that contain groups are supported. (Only works if the group member attribute contains DNs.)'));?>" /></p> |
|
| 100 | - <p><label for="ldap_paging_size"><?php p($l->t('Paging chunksize'));?></label><input type="number" id="ldap_paging_size" name="ldap_paging_size" title="<?php p($l->t('Chunksize used for paged LDAP searches that may return bulky results like user or group enumeration. (Setting it 0 disables paged LDAP searches in those situations.)'));?>" data-default="<?php p($_['ldap_paging_size_default']); ?>" /></p> |
|
| 101 | - <p><label for="ldap_turn_on_pwd_change"><?php p($l->t('Enable LDAP password changes per user'));?></label><span class="inlinetable"><span class="tablerow left"><input type="checkbox" id="ldap_turn_on_pwd_change" name="ldap_turn_on_pwd_change" value="1" data-default="<?php p($_['ldap_turn_on_pwd_change_default']); ?>" title="<?php p($l->t('Allow LDAP users to change their password and allow Super Administrators and Group Administrators to change the password of their LDAP users. Only works when access control policies are configured accordingly on the LDAP server. As passwords are sent in plaintext to the LDAP server, transport encryption must be used and password hashing should be configured on the LDAP server.'));?>" /><span class="tablecell"><?php p($l->t('(New password is sent as plain text to LDAP)'));?></span></span> |
|
| 91 | + <p><label for="ldap_display_name"><?php p($l->t('User Display Name Field')); ?></label><input type="text" id="ldap_display_name" name="ldap_display_name" data-default="<?php p($_['ldap_display_name_default']); ?>" title="<?php p($l->t('The LDAP attribute to use to generate the user\'s display name.')); ?>" /></p> |
|
| 92 | + <p><label for="ldap_user_display_name_2"><?php p($l->t('2nd User Display Name Field')); ?></label><input type="text" id="ldap_user_display_name_2" name="ldap_user_display_name_2" data-default="<?php p($_['ldap_user_display_name_2_default']); ?>" title="<?php p($l->t('Optional. An LDAP attribute to be added to the display name in brackets. Results in e.g. »John Doe ([email protected])«.')); ?>" /></p> |
|
| 93 | + <p><label for="ldap_base_users"><?php p($l->t('Base User Tree')); ?></label><textarea id="ldap_base_users" name="ldap_base_users" placeholder="<?php p($l->t('One User Base DN per line')); ?>" data-default="<?php p($_['ldap_base_users_default']); ?>" title="<?php p($l->t('Base User Tree')); ?>"></textarea></p> |
|
| 94 | + <p><label for="ldap_attributes_for_user_search"><?php p($l->t('User Search Attributes')); ?></label><textarea id="ldap_attributes_for_user_search" name="ldap_attributes_for_user_search" placeholder="<?php p($l->t('Optional; one attribute per line')); ?>" data-default="<?php p($_['ldap_attributes_for_user_search_default']); ?>" title="<?php p($l->t('User Search Attributes')); ?>"></textarea></p> |
|
| 95 | + <p><label for="ldap_group_display_name"><?php p($l->t('Group Display Name Field')); ?></label><input type="text" id="ldap_group_display_name" name="ldap_group_display_name" data-default="<?php p($_['ldap_group_display_name_default']); ?>" title="<?php p($l->t('The LDAP attribute to use to generate the groups\'s display name.')); ?>" /></p> |
|
| 96 | + <p><label for="ldap_base_groups"><?php p($l->t('Base Group Tree')); ?></label><textarea id="ldap_base_groups" name="ldap_base_groups" placeholder="<?php p($l->t('One Group Base DN per line')); ?>" data-default="<?php p($_['ldap_base_groups_default']); ?>" title="<?php p($l->t('Base Group Tree')); ?>"></textarea></p> |
|
| 97 | + <p><label for="ldap_attributes_for_group_search"><?php p($l->t('Group Search Attributes')); ?></label><textarea id="ldap_attributes_for_group_search" name="ldap_attributes_for_group_search" placeholder="<?php p($l->t('Optional; one attribute per line')); ?>" data-default="<?php p($_['ldap_attributes_for_group_search_default']); ?>" title="<?php p($l->t('Group Search Attributes')); ?>"></textarea></p> |
|
| 98 | + <p><label for="ldap_group_member_assoc_attribute"><?php p($l->t('Group-Member association')); ?></label><select id="ldap_group_member_assoc_attribute" name="ldap_group_member_assoc_attribute" data-default="<?php p($_['ldap_group_member_assoc_attribute_default']); ?>" ><option value="uniqueMember"<?php if (isset($_['ldap_group_member_assoc_attribute']) && ($_['ldap_group_member_assoc_attribute'] === 'uniqueMember')) p(' selected'); ?>>uniqueMember</option><option value="memberUid"<?php if (isset($_['ldap_group_member_assoc_attribute']) && ($_['ldap_group_member_assoc_attribute'] === 'memberUid')) p(' selected'); ?>>memberUid</option><option value="member"<?php if (isset($_['ldap_group_member_assoc_attribute']) && ($_['ldap_group_member_assoc_attribute'] === 'member')) p(' selected'); ?>>member (AD)</option><option value="gidNumber"<?php if (isset($_['ldap_group_member_assoc_attribute']) && ($_['ldap_group_member_assoc_attribute'] === 'gidNumber')) p(' selected'); ?>>gidNumber</option></select></p> <p><label for="ldap_dynamic_group_member_url"><?php p($l->t('Dynamic Group Member URL')); ?></label><input type="text" id="ldap_dynamic_group_member_url" name="ldap_dynamic_group_member_url" title="<?php p($l->t('The LDAP attribute that on group objects contains an LDAP search URL that determines what objects belong to the group. (An empty setting disables dynamic group membership functionality.)')); ?>" data-default="<?php p($_['ldap_dynamic_group_member_url_default']); ?>" /></p> |
|
| 99 | + <p><label for="ldap_nested_groups"><?php p($l->t('Nested Groups')); ?></label><input type="checkbox" id="ldap_nested_groups" name="ldap_nested_groups" value="1" data-default="<?php p($_['ldap_nested_groups_default']); ?>" title="<?php p($l->t('When switched on, groups that contain groups are supported. (Only works if the group member attribute contains DNs.)')); ?>" /></p> |
|
| 100 | + <p><label for="ldap_paging_size"><?php p($l->t('Paging chunksize')); ?></label><input type="number" id="ldap_paging_size" name="ldap_paging_size" title="<?php p($l->t('Chunksize used for paged LDAP searches that may return bulky results like user or group enumeration. (Setting it 0 disables paged LDAP searches in those situations.)')); ?>" data-default="<?php p($_['ldap_paging_size_default']); ?>" /></p> |
|
| 101 | + <p><label for="ldap_turn_on_pwd_change"><?php p($l->t('Enable LDAP password changes per user')); ?></label><span class="inlinetable"><span class="tablerow left"><input type="checkbox" id="ldap_turn_on_pwd_change" name="ldap_turn_on_pwd_change" value="1" data-default="<?php p($_['ldap_turn_on_pwd_change_default']); ?>" title="<?php p($l->t('Allow LDAP users to change their password and allow Super Administrators and Group Administrators to change the password of their LDAP users. Only works when access control policies are configured accordingly on the LDAP server. As passwords are sent in plaintext to the LDAP server, transport encryption must be used and password hashing should be configured on the LDAP server.')); ?>" /><span class="tablecell"><?php p($l->t('(New password is sent as plain text to LDAP)')); ?></span></span> |
|
| 102 | 102 | </span><br/></p> |
| 103 | - <p><label for="ldap_default_ppolicy_dn"><?php p($l->t('Default password policy DN'));?></label><input type="text" id="ldap_default_ppolicy_dn" name="ldap_default_ppolicy_dn" title="<?php p($l->t('The DN of a default password policy that will be used for password expiry handling. Works only when LDAP password changes per user are enabled and is only supported by OpenLDAP. Leave empty to disable password expiry handling.'));?>" data-default="<?php p($_['ldap_default_ppolicy_dn_default']); ?>" /></p> |
|
| 103 | + <p><label for="ldap_default_ppolicy_dn"><?php p($l->t('Default password policy DN')); ?></label><input type="text" id="ldap_default_ppolicy_dn" name="ldap_default_ppolicy_dn" title="<?php p($l->t('The DN of a default password policy that will be used for password expiry handling. Works only when LDAP password changes per user are enabled and is only supported by OpenLDAP. Leave empty to disable password expiry handling.')); ?>" data-default="<?php p($_['ldap_default_ppolicy_dn_default']); ?>" /></p> |
|
| 104 | 104 | </div> |
| 105 | - <h3><?php p($l->t('Special Attributes'));?></h3> |
|
| 105 | + <h3><?php p($l->t('Special Attributes')); ?></h3> |
|
| 106 | 106 | <div> |
| 107 | - <p><label for="ldap_quota_attr"><?php p($l->t('Quota Field'));?></label><input type="text" id="ldap_quota_attr" name="ldap_quota_attr" data-default="<?php p($_['ldap_quota_attr_default']); ?>" title="<?php p($l->t('Leave empty for user\'s default quota. Otherwise, specify an LDAP/AD attribute.'));?>" /></p> |
|
| 108 | - <p><label for="ldap_quota_def"><?php p($l->t('Quota Default'));?></label><input type="text" id="ldap_quota_def" name="ldap_quota_def" data-default="<?php p($_['ldap_quota_def_default']); ?>" title="<?php p($l->t('Override default quota for LDAP users who do not have a quota set in the Quota Field.'));?>" /></p> |
|
| 109 | - <p><label for="ldap_email_attr"><?php p($l->t('Email Field'));?></label><input type="text" id="ldap_email_attr" name="ldap_email_attr" data-default="<?php p($_['ldap_email_attr_default']); ?>" title="<?php p($l->t('Set the user\'s email from their LDAP attribute. Leave it empty for default behaviour.'));?>" /></p> |
|
| 110 | - <p><label for="home_folder_naming_rule"><?php p($l->t('User Home Folder Naming Rule'));?></label><input type="text" id="home_folder_naming_rule" name="home_folder_naming_rule" title="<?php p($l->t('Leave empty for user name (default). Otherwise, specify an LDAP/AD attribute.'));?>" data-default="<?php p($_['home_folder_naming_rule_default']); ?>" /></p> |
|
| 107 | + <p><label for="ldap_quota_attr"><?php p($l->t('Quota Field')); ?></label><input type="text" id="ldap_quota_attr" name="ldap_quota_attr" data-default="<?php p($_['ldap_quota_attr_default']); ?>" title="<?php p($l->t('Leave empty for user\'s default quota. Otherwise, specify an LDAP/AD attribute.')); ?>" /></p> |
|
| 108 | + <p><label for="ldap_quota_def"><?php p($l->t('Quota Default')); ?></label><input type="text" id="ldap_quota_def" name="ldap_quota_def" data-default="<?php p($_['ldap_quota_def_default']); ?>" title="<?php p($l->t('Override default quota for LDAP users who do not have a quota set in the Quota Field.')); ?>" /></p> |
|
| 109 | + <p><label for="ldap_email_attr"><?php p($l->t('Email Field')); ?></label><input type="text" id="ldap_email_attr" name="ldap_email_attr" data-default="<?php p($_['ldap_email_attr_default']); ?>" title="<?php p($l->t('Set the user\'s email from their LDAP attribute. Leave it empty for default behaviour.')); ?>" /></p> |
|
| 110 | + <p><label for="home_folder_naming_rule"><?php p($l->t('User Home Folder Naming Rule')); ?></label><input type="text" id="home_folder_naming_rule" name="home_folder_naming_rule" title="<?php p($l->t('Leave empty for user name (default). Otherwise, specify an LDAP/AD attribute.')); ?>" data-default="<?php p($_['home_folder_naming_rule_default']); ?>" /></p> |
|
| 111 | 111 | <p><label for="ldap_ext_storage_home_attribute"> <?php p($l->t('"$home" Placeholder Field')); ?></label><input type="text" id="ldap_ext_storage_home_attribute" name="ldap_ext_storage_home_attribute" title="<?php p($l->t('$home in an external storage configuration will replaced with the value of the specified attribute')); ?>" data-default="<?php p($_['ldap_ext_storage_home_attribute_default']); ?>"></p> |
| 112 | 112 | </div> |
| 113 | 113 | </div> |
| 114 | 114 | <?php print_unescaped($_['settingControls']); ?> |
| 115 | 115 | </fieldset> |
| 116 | 116 | <fieldset id="ldapSettings-2"> |
| 117 | - <p><strong><?php p($l->t('Internal Username'));?></strong></p> |
|
| 118 | - <p class="ldapIndent"><?php p($l->t('By default the internal username will be created from the UUID attribute. It makes sure that the username is unique and characters do not need to be converted. The internal username has the restriction that only these characters are allowed: [ a-zA-Z0-9_.@- ]. Other characters are replaced with their ASCII correspondence or simply omitted. On collisions a number will be added/increased. The internal username is used to identify a user internally. It is also the default name for the user home folder. It is also a part of remote URLs, for instance for all *DAV services. With this setting, the default behavior can be overridden. Leave it empty for default behavior. Changes will have effect only on newly mapped (added) LDAP users.'));?></p> |
|
| 119 | - <p class="ldapIndent"><label for="ldap_expert_username_attr"><?php p($l->t('Internal Username Attribute:'));?></label><input type="text" id="ldap_expert_username_attr" name="ldap_expert_username_attr" data-default="<?php p($_['ldap_expert_username_attr_default']); ?>" /></p> |
|
| 120 | - <p><strong><?php p($l->t('Override UUID detection'));?></strong></p> |
|
| 121 | - <p class="ldapIndent"><?php p($l->t('By default, the UUID attribute is automatically detected. The UUID attribute is used to doubtlessly identify LDAP users and groups. Also, the internal username will be created based on the UUID, if not specified otherwise above. You can override the setting and pass an attribute of your choice. You must make sure that the attribute of your choice can be fetched for both users and groups and it is unique. Leave it empty for default behavior. Changes will have effect only on newly mapped (added) LDAP users and groups.'));?></p> |
|
| 122 | - <p class="ldapIndent"><label for="ldap_expert_uuid_user_attr"><?php p($l->t('UUID Attribute for Users:'));?></label><input type="text" id="ldap_expert_uuid_user_attr" name="ldap_expert_uuid_user_attr" data-default="<?php p($_['ldap_expert_uuid_user_attr_default']); ?>" /></p> |
|
| 123 | - <p class="ldapIndent"><label for="ldap_expert_uuid_group_attr"><?php p($l->t('UUID Attribute for Groups:'));?></label><input type="text" id="ldap_expert_uuid_group_attr" name="ldap_expert_uuid_group_attr" data-default="<?php p($_['ldap_expert_uuid_group_attr_default']); ?>" /></p> |
|
| 124 | - <p><strong><?php p($l->t('Username-LDAP User Mapping'));?></strong></p> |
|
| 125 | - <p class="ldapIndent"><?php p($l->t('Usernames are used to store and assign metadata. In order to precisely identify and recognize users, each LDAP user will have an internal username. This requires a mapping from username to LDAP user. The created username is mapped to the UUID of the LDAP user. Additionally the DN is cached as well to reduce LDAP interaction, but it is not used for identification. If the DN changes, the changes will be found. The internal username is used all over. Clearing the mappings will have leftovers everywhere. Clearing the mappings is not configuration sensitive, it affects all LDAP configurations! Never clear the mappings in a production environment, only in a testing or experimental stage.'));?></p> |
|
| 126 | - <p class="ldapIndent"><button type="button" id="ldap_action_clear_user_mappings" name="ldap_action_clear_user_mappings"><?php p($l->t('Clear Username-LDAP User Mapping'));?></button><br/><button type="button" id="ldap_action_clear_group_mappings" name="ldap_action_clear_group_mappings"><?php p($l->t('Clear Groupname-LDAP Group Mapping'));?></button></p> |
|
| 117 | + <p><strong><?php p($l->t('Internal Username')); ?></strong></p> |
|
| 118 | + <p class="ldapIndent"><?php p($l->t('By default the internal username will be created from the UUID attribute. It makes sure that the username is unique and characters do not need to be converted. The internal username has the restriction that only these characters are allowed: [ a-zA-Z0-9_.@- ]. Other characters are replaced with their ASCII correspondence or simply omitted. On collisions a number will be added/increased. The internal username is used to identify a user internally. It is also the default name for the user home folder. It is also a part of remote URLs, for instance for all *DAV services. With this setting, the default behavior can be overridden. Leave it empty for default behavior. Changes will have effect only on newly mapped (added) LDAP users.')); ?></p> |
|
| 119 | + <p class="ldapIndent"><label for="ldap_expert_username_attr"><?php p($l->t('Internal Username Attribute:')); ?></label><input type="text" id="ldap_expert_username_attr" name="ldap_expert_username_attr" data-default="<?php p($_['ldap_expert_username_attr_default']); ?>" /></p> |
|
| 120 | + <p><strong><?php p($l->t('Override UUID detection')); ?></strong></p> |
|
| 121 | + <p class="ldapIndent"><?php p($l->t('By default, the UUID attribute is automatically detected. The UUID attribute is used to doubtlessly identify LDAP users and groups. Also, the internal username will be created based on the UUID, if not specified otherwise above. You can override the setting and pass an attribute of your choice. You must make sure that the attribute of your choice can be fetched for both users and groups and it is unique. Leave it empty for default behavior. Changes will have effect only on newly mapped (added) LDAP users and groups.')); ?></p> |
|
| 122 | + <p class="ldapIndent"><label for="ldap_expert_uuid_user_attr"><?php p($l->t('UUID Attribute for Users:')); ?></label><input type="text" id="ldap_expert_uuid_user_attr" name="ldap_expert_uuid_user_attr" data-default="<?php p($_['ldap_expert_uuid_user_attr_default']); ?>" /></p> |
|
| 123 | + <p class="ldapIndent"><label for="ldap_expert_uuid_group_attr"><?php p($l->t('UUID Attribute for Groups:')); ?></label><input type="text" id="ldap_expert_uuid_group_attr" name="ldap_expert_uuid_group_attr" data-default="<?php p($_['ldap_expert_uuid_group_attr_default']); ?>" /></p> |
|
| 124 | + <p><strong><?php p($l->t('Username-LDAP User Mapping')); ?></strong></p> |
|
| 125 | + <p class="ldapIndent"><?php p($l->t('Usernames are used to store and assign metadata. In order to precisely identify and recognize users, each LDAP user will have an internal username. This requires a mapping from username to LDAP user. The created username is mapped to the UUID of the LDAP user. Additionally the DN is cached as well to reduce LDAP interaction, but it is not used for identification. If the DN changes, the changes will be found. The internal username is used all over. Clearing the mappings will have leftovers everywhere. Clearing the mappings is not configuration sensitive, it affects all LDAP configurations! Never clear the mappings in a production environment, only in a testing or experimental stage.')); ?></p> |
|
| 126 | + <p class="ldapIndent"><button type="button" id="ldap_action_clear_user_mappings" name="ldap_action_clear_user_mappings"><?php p($l->t('Clear Username-LDAP User Mapping')); ?></button><br/><button type="button" id="ldap_action_clear_group_mappings" name="ldap_action_clear_group_mappings"><?php p($l->t('Clear Groupname-LDAP Group Mapping')); ?></button></p> |
|
| 127 | 127 | <?php print_unescaped($_['settingControls']); ?> |
| 128 | 128 | </fieldset> |
| 129 | 129 | </div> |
