2013-01-11 21:13:22 +04:00
|
|
|
<?php
|
|
|
|
/**
|
2016-07-21 17:49:16 +03:00
|
|
|
* @copyright Copyright (c) 2016, ownCloud, Inc.
|
|
|
|
*
|
2016-05-26 20:56:05 +03:00
|
|
|
* @author Arthur Schiwon <blizzz@arthur-schiwon.de>
|
2015-03-26 13:44:34 +03:00
|
|
|
* @author Christopher Schäpers <kondou@ts.unde.re>
|
2016-07-21 17:49:16 +03:00
|
|
|
* @author Joas Schilling <coding@schilljs.com>
|
2016-05-26 20:56:05 +03:00
|
|
|
* @author Lukas Reschke <lukas@statuscode.ch>
|
2015-03-26 13:44:34 +03:00
|
|
|
* @author Morris Jobke <hey@morrisjobke.de>
|
2016-01-12 17:02:16 +03:00
|
|
|
* @author Robin McCorkell <robin@mccorkell.me.uk>
|
2016-07-22 11:46:29 +03:00
|
|
|
* @author Roger Szabo <roger.szabo@web.de>
|
2017-11-06 17:56:42 +03:00
|
|
|
* @author root <root@localhost.localdomain>
|
|
|
|
* @author Thomas Müller <thomas.mueller@tmit.eu>
|
|
|
|
* @author Vinicius Cubas Brand <vinicius@eita.org.br>
|
2013-01-11 21:13:22 +04:00
|
|
|
*
|
2015-03-26 13:44:34 +03:00
|
|
|
* @license AGPL-3.0
|
2013-01-11 21:13:22 +04:00
|
|
|
*
|
2015-03-26 13:44:34 +03:00
|
|
|
* This code is free software: you can redistribute it and/or modify
|
|
|
|
* it under the terms of the GNU Affero General Public License, version 3,
|
|
|
|
* as published by the Free Software Foundation.
|
2013-01-11 21:13:22 +04:00
|
|
|
*
|
2015-03-26 13:44:34 +03:00
|
|
|
* This program is distributed in the hope that it will be useful,
|
2013-01-11 21:13:22 +04:00
|
|
|
* but WITHOUT ANY WARRANTY; without even the implied warranty of
|
2015-03-26 13:44:34 +03:00
|
|
|
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
|
|
|
* GNU Affero General Public License for more details.
|
2013-01-11 21:13:22 +04:00
|
|
|
*
|
2015-03-26 13:44:34 +03:00
|
|
|
* You should have received a copy of the GNU Affero General Public License, version 3,
|
2019-12-03 21:57:53 +03:00
|
|
|
* along with this program. If not, see <http://www.gnu.org/licenses/>
|
2013-01-11 21:13:22 +04:00
|
|
|
*
|
|
|
|
*/
|
2015-02-26 13:37:37 +03:00
|
|
|
|
2016-05-12 12:01:29 +03:00
|
|
|
namespace OCA\User_LDAP;
|
2013-01-11 21:13:22 +04:00
|
|
|
|
2016-05-12 12:25:50 +03:00
|
|
|
use OCA\User_LDAP\User\User;
|
2015-01-07 01:28:49 +03:00
|
|
|
use OCP\IConfig;
|
2017-09-15 17:01:54 +03:00
|
|
|
use OCP\IUserSession;
|
2017-03-31 10:16:22 +03:00
|
|
|
use OCP\Notification\IManager as INotificationManager;
|
2013-09-10 19:11:02 +04:00
|
|
|
|
2016-07-22 11:46:29 +03:00
|
|
|
class User_Proxy extends Proxy implements \OCP\IUserBackend, \OCP\UserInterface, IUserLDAP {
|
2019-11-29 15:21:45 +03:00
|
|
|
private $backends = [];
|
|
|
|
/** @var User_LDAP */
|
2013-01-11 21:13:22 +04:00
|
|
|
private $refBackend = null;
|
|
|
|
|
|
|
|
/**
|
2014-05-19 19:50:53 +04:00
|
|
|
* Constructor
|
2017-09-15 17:01:54 +03:00
|
|
|
*
|
2014-05-13 15:29:25 +04:00
|
|
|
* @param array $serverConfigPrefixes array containing the config Prefixes
|
2017-09-15 17:01:54 +03:00
|
|
|
* @param ILDAPWrapper $ldap
|
|
|
|
* @param IConfig $ocConfig
|
|
|
|
* @param INotificationManager $notificationManager
|
|
|
|
* @param IUserSession $userSession
|
2013-01-11 21:13:22 +04:00
|
|
|
*/
|
2019-11-29 15:21:45 +03:00
|
|
|
public function __construct(
|
|
|
|
array $serverConfigPrefixes,
|
|
|
|
ILDAPWrapper $ldap,
|
|
|
|
IConfig $ocConfig,
|
|
|
|
INotificationManager $notificationManager,
|
|
|
|
IUserSession $userSession,
|
|
|
|
UserPluginManager $userPluginManager
|
|
|
|
) {
|
2013-09-10 19:11:02 +04:00
|
|
|
parent::__construct($ldap);
|
2013-01-11 21:13:22 +04:00
|
|
|
foreach($serverConfigPrefixes as $configPrefix) {
|
2014-05-16 00:47:28 +04:00
|
|
|
$this->backends[$configPrefix] =
|
2017-11-02 15:40:38 +03:00
|
|
|
new User_LDAP($this->getAccess($configPrefix), $ocConfig, $notificationManager, $userSession, $userPluginManager);
|
|
|
|
|
2013-01-11 21:13:22 +04:00
|
|
|
if(is_null($this->refBackend)) {
|
|
|
|
$this->refBackend = &$this->backends[$configPrefix];
|
|
|
|
}
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
/**
|
2014-05-19 19:50:53 +04:00
|
|
|
* Tries the backends one after the other until a positive result is returned from the specified method
|
2014-05-13 15:29:25 +04:00
|
|
|
* @param string $uid the uid connected to the request
|
|
|
|
* @param string $method the method of the user backend that shall be called
|
|
|
|
* @param array $parameters an array of parameters to be passed
|
|
|
|
* @return mixed the result of the method or false
|
2013-01-11 21:13:22 +04:00
|
|
|
*/
|
2014-05-16 00:47:28 +04:00
|
|
|
protected function walkBackends($uid, $method, $parameters) {
|
2013-01-11 21:13:22 +04:00
|
|
|
$cacheKey = $this->getUserCacheKey($uid);
|
|
|
|
foreach($this->backends as $configPrefix => $backend) {
|
2014-02-27 19:18:03 +04:00
|
|
|
$instance = $backend;
|
|
|
|
if(!method_exists($instance, $method)
|
|
|
|
&& method_exists($this->getAccess($configPrefix), $method)) {
|
|
|
|
$instance = $this->getAccess($configPrefix);
|
|
|
|
}
|
2020-03-26 11:30:18 +03:00
|
|
|
if($result = call_user_func_array([$instance, $method], $parameters)) {
|
2013-01-11 21:13:22 +04:00
|
|
|
$this->writeToCache($cacheKey, $configPrefix);
|
|
|
|
return $result;
|
2014-02-27 19:20:53 +04:00
|
|
|
}
|
2013-01-11 21:13:22 +04:00
|
|
|
}
|
|
|
|
return false;
|
|
|
|
}
|
|
|
|
|
|
|
|
/**
|
2014-05-19 19:50:53 +04:00
|
|
|
* Asks the backend connected to the server that supposely takes care of the uid from the request.
|
2014-05-13 15:29:25 +04:00
|
|
|
* @param string $uid the uid connected to the request
|
|
|
|
* @param string $method the method of the user backend that shall be called
|
|
|
|
* @param array $parameters an array of parameters to be passed
|
|
|
|
* @param mixed $passOnWhen the result matches this variable
|
|
|
|
* @return mixed the result of the method or false
|
2013-01-11 21:13:22 +04:00
|
|
|
*/
|
2014-05-16 00:47:28 +04:00
|
|
|
protected function callOnLastSeenOn($uid, $method, $parameters, $passOnWhen) {
|
2013-01-11 21:13:22 +04:00
|
|
|
$cacheKey = $this->getUserCacheKey($uid);
|
|
|
|
$prefix = $this->getFromCache($cacheKey);
|
|
|
|
//in case the uid has been found in the past, try this stored connection first
|
2014-02-28 13:58:51 +04:00
|
|
|
if(!is_null($prefix)) {
|
2013-01-11 21:13:22 +04:00
|
|
|
if(isset($this->backends[$prefix])) {
|
2014-02-27 19:18:03 +04:00
|
|
|
$instance = $this->backends[$prefix];
|
|
|
|
if(!method_exists($instance, $method)
|
|
|
|
&& method_exists($this->getAccess($prefix), $method)) {
|
|
|
|
$instance = $this->getAccess($prefix);
|
|
|
|
}
|
2019-11-29 15:21:45 +03:00
|
|
|
$result = call_user_func_array([$instance, $method], $parameters);
|
2013-11-26 01:05:00 +04:00
|
|
|
if($result === $passOnWhen) {
|
2013-04-23 03:00:27 +04:00
|
|
|
//not found here, reset cache to null if user vanished
|
|
|
|
//because sometimes methods return false with a reason
|
|
|
|
$userExists = call_user_func_array(
|
2019-11-29 15:21:45 +03:00
|
|
|
[$this->backends[$prefix], 'userExistsOnLDAP'],
|
|
|
|
[$uid]
|
2013-04-23 03:00:27 +04:00
|
|
|
);
|
|
|
|
if(!$userExists) {
|
|
|
|
$this->writeToCache($cacheKey, null);
|
|
|
|
}
|
2013-01-11 21:13:22 +04:00
|
|
|
}
|
|
|
|
return $result;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
return false;
|
|
|
|
}
|
|
|
|
|
|
|
|
/**
|
2014-05-19 19:50:53 +04:00
|
|
|
* Check if backend implements actions
|
2014-05-13 15:29:25 +04:00
|
|
|
* @param int $actions bitwise-or'ed actions
|
|
|
|
* @return boolean
|
2013-01-11 21:13:22 +04:00
|
|
|
*
|
|
|
|
* Returns the supported actions as int to be
|
2017-07-25 09:57:58 +03:00
|
|
|
* compared with \OC\User\Backend::CREATE_USER etc.
|
2013-01-11 21:13:22 +04:00
|
|
|
*/
|
|
|
|
public function implementsActions($actions) {
|
|
|
|
//it's the same across all our user backends obviously
|
|
|
|
return $this->refBackend->implementsActions($actions);
|
|
|
|
}
|
|
|
|
|
2014-12-12 19:25:03 +03:00
|
|
|
/**
|
|
|
|
* Backend name to be shown in user management
|
|
|
|
* @return string the name of the backend to be shown
|
|
|
|
*/
|
|
|
|
public function getBackendName() {
|
|
|
|
return $this->refBackend->getBackendName();
|
|
|
|
}
|
|
|
|
|
2013-01-11 21:13:22 +04:00
|
|
|
/**
|
2014-05-19 19:50:53 +04:00
|
|
|
* Get a list of all users
|
2013-01-11 21:13:22 +04:00
|
|
|
*
|
2015-06-27 21:35:47 +03:00
|
|
|
* @param string $search
|
|
|
|
* @param null|int $limit
|
|
|
|
* @param null|int $offset
|
|
|
|
* @return string[] an array of all uids
|
2013-01-11 21:13:22 +04:00
|
|
|
*/
|
|
|
|
public function getUsers($search = '', $limit = 10, $offset = 0) {
|
|
|
|
//we do it just as the /OC_User implementation: do not play around with limit and offset but ask all backends
|
2020-03-26 11:30:18 +03:00
|
|
|
$users = [];
|
2013-01-11 21:13:22 +04:00
|
|
|
foreach($this->backends as $backend) {
|
|
|
|
$backendUsers = $backend->getUsers($search, $limit, $offset);
|
|
|
|
if (is_array($backendUsers)) {
|
|
|
|
$users = array_merge($users, $backendUsers);
|
|
|
|
}
|
|
|
|
}
|
|
|
|
return $users;
|
|
|
|
}
|
|
|
|
|
|
|
|
/**
|
2014-05-19 19:50:53 +04:00
|
|
|
* check if a user exists
|
2013-01-11 21:13:22 +04:00
|
|
|
* @param string $uid the username
|
|
|
|
* @return boolean
|
|
|
|
*/
|
|
|
|
public function userExists($uid) {
|
2019-11-29 15:21:45 +03:00
|
|
|
$existsOnLDAP = false;
|
2020-03-26 11:30:18 +03:00
|
|
|
$existsLocally = $this->handleRequest($uid, 'userExists', [$uid]);
|
2019-11-29 15:21:45 +03:00
|
|
|
if($existsLocally) {
|
|
|
|
$existsOnLDAP = $this->userExistsOnLDAP($uid);
|
|
|
|
}
|
|
|
|
if($existsLocally && !$existsOnLDAP) {
|
|
|
|
try {
|
|
|
|
$user = $this->getLDAPAccess($uid)->userManager->get($uid);
|
|
|
|
if($user instanceof User) {
|
|
|
|
$user->markUser();
|
|
|
|
}
|
|
|
|
} catch (\Exception $e) {
|
|
|
|
// ignore
|
|
|
|
}
|
|
|
|
}
|
|
|
|
return $existsLocally;
|
2013-01-11 21:13:22 +04:00
|
|
|
}
|
|
|
|
|
2014-08-21 19:59:13 +04:00
|
|
|
/**
|
|
|
|
* check if a user exists on LDAP
|
2017-04-12 07:16:27 +03:00
|
|
|
* @param string|\OCA\User_LDAP\User\User $user either the Nextcloud user
|
2014-08-21 19:59:13 +04:00
|
|
|
* name or an instance of that user
|
|
|
|
* @return boolean
|
|
|
|
*/
|
|
|
|
public function userExistsOnLDAP($user) {
|
|
|
|
$id = ($user instanceof User) ? $user->getUsername() : $user;
|
2020-03-26 11:30:18 +03:00
|
|
|
return $this->handleRequest($id, 'userExistsOnLDAP', [$user]);
|
2014-08-21 19:59:13 +04:00
|
|
|
}
|
|
|
|
|
2013-01-11 21:13:22 +04:00
|
|
|
/**
|
2014-05-19 19:50:53 +04:00
|
|
|
* Check if the password is correct
|
2014-05-13 15:29:25 +04:00
|
|
|
* @param string $uid The username
|
|
|
|
* @param string $password The password
|
|
|
|
* @return bool
|
2013-01-11 21:13:22 +04:00
|
|
|
*
|
|
|
|
* Check if the password is correct without logging in the user
|
|
|
|
*/
|
|
|
|
public function checkPassword($uid, $password) {
|
2020-03-26 11:30:18 +03:00
|
|
|
return $this->handleRequest($uid, 'checkPassword', [$uid, $password]);
|
2013-01-11 21:13:22 +04:00
|
|
|
}
|
|
|
|
|
2015-02-20 15:09:33 +03:00
|
|
|
/**
|
|
|
|
* returns the username for the given login name, if available
|
|
|
|
*
|
|
|
|
* @param string $loginName
|
|
|
|
* @return string|false
|
|
|
|
*/
|
|
|
|
public function loginName2UserName($loginName) {
|
|
|
|
$id = 'LOGINNAME,' . $loginName;
|
2020-03-26 11:30:18 +03:00
|
|
|
return $this->handleRequest($id, 'loginName2UserName', [$loginName]);
|
2015-02-20 15:09:33 +03:00
|
|
|
}
|
2016-07-22 11:46:29 +03:00
|
|
|
|
|
|
|
/**
|
|
|
|
* returns the username for the given LDAP DN, if available
|
|
|
|
*
|
|
|
|
* @param string $dn
|
2016-07-27 10:16:57 +03:00
|
|
|
* @return string|false with the username
|
2016-07-22 11:46:29 +03:00
|
|
|
*/
|
|
|
|
public function dn2UserName($dn) {
|
|
|
|
$id = 'DN,' . $dn;
|
2020-03-26 11:30:18 +03:00
|
|
|
return $this->handleRequest($id, 'dn2UserName', [$dn]);
|
2016-07-22 11:46:29 +03:00
|
|
|
}
|
2015-02-20 15:09:33 +03:00
|
|
|
|
2013-01-11 21:13:22 +04:00
|
|
|
/**
|
2014-05-19 19:50:53 +04:00
|
|
|
* get the user's home directory
|
2013-01-11 21:13:22 +04:00
|
|
|
* @param string $uid the username
|
|
|
|
* @return boolean
|
|
|
|
*/
|
|
|
|
public function getHome($uid) {
|
2020-03-26 11:30:18 +03:00
|
|
|
return $this->handleRequest($uid, 'getHome', [$uid]);
|
2013-01-11 21:13:22 +04:00
|
|
|
}
|
|
|
|
|
2013-02-01 00:19:24 +04:00
|
|
|
/**
|
2014-05-19 19:50:53 +04:00
|
|
|
* get display name of the user
|
2014-05-13 15:29:25 +04:00
|
|
|
* @param string $uid user ID of the user
|
|
|
|
* @return string display name
|
2013-02-01 00:19:24 +04:00
|
|
|
*/
|
|
|
|
public function getDisplayName($uid) {
|
2020-03-26 11:30:18 +03:00
|
|
|
return $this->handleRequest($uid, 'getDisplayName', [$uid]);
|
2013-02-01 00:19:24 +04:00
|
|
|
}
|
|
|
|
|
2017-11-02 15:40:38 +03:00
|
|
|
/**
|
|
|
|
* set display name of the user
|
|
|
|
*
|
|
|
|
* @param string $uid user ID of the user
|
|
|
|
* @param string $displayName new display name
|
|
|
|
* @return string display name
|
|
|
|
*/
|
|
|
|
public function setDisplayName($uid, $displayName) {
|
2020-03-26 11:30:18 +03:00
|
|
|
return $this->handleRequest($uid, 'setDisplayName', [$uid, $displayName]);
|
2017-11-02 15:40:38 +03:00
|
|
|
}
|
|
|
|
|
2013-11-22 16:24:38 +04:00
|
|
|
/**
|
2017-04-12 07:16:27 +03:00
|
|
|
* checks whether the user is allowed to change his avatar in Nextcloud
|
|
|
|
* @param string $uid the Nextcloud user name
|
2013-11-22 16:24:38 +04:00
|
|
|
* @return boolean either the user can or cannot
|
|
|
|
*/
|
|
|
|
public function canChangeAvatar($uid) {
|
2019-09-04 14:36:08 +03:00
|
|
|
return $this->handleRequest($uid, 'canChangeAvatar', [$uid], true);
|
2013-11-22 16:24:38 +04:00
|
|
|
}
|
|
|
|
|
2013-02-01 00:19:24 +04:00
|
|
|
/**
|
|
|
|
* Get a list of all display names and user ids.
|
2015-06-27 21:35:47 +03:00
|
|
|
* @param string $search
|
|
|
|
* @param string|null $limit
|
|
|
|
* @param string|null $offset
|
|
|
|
* @return array an array of all displayNames (value) and the corresponding uids (key)
|
2013-02-01 00:19:24 +04:00
|
|
|
*/
|
|
|
|
public function getDisplayNames($search = '', $limit = null, $offset = null) {
|
|
|
|
//we do it just as the /OC_User implementation: do not play around with limit and offset but ask all backends
|
2020-03-26 11:30:18 +03:00
|
|
|
$users = [];
|
2013-02-01 00:19:24 +04:00
|
|
|
foreach($this->backends as $backend) {
|
|
|
|
$backendUsers = $backend->getDisplayNames($search, $limit, $offset);
|
|
|
|
if (is_array($backendUsers)) {
|
2013-05-08 19:54:38 +04:00
|
|
|
$users = $users + $backendUsers;
|
2013-02-01 00:19:24 +04:00
|
|
|
}
|
|
|
|
}
|
|
|
|
return $users;
|
|
|
|
}
|
|
|
|
|
2013-01-11 21:13:22 +04:00
|
|
|
/**
|
2014-05-19 19:50:53 +04:00
|
|
|
* delete a user
|
2014-05-13 15:29:25 +04:00
|
|
|
* @param string $uid The username of the user to delete
|
|
|
|
* @return bool
|
2013-01-11 21:13:22 +04:00
|
|
|
*
|
|
|
|
* Deletes a user
|
|
|
|
*/
|
|
|
|
public function deleteUser($uid) {
|
2020-03-26 11:30:18 +03:00
|
|
|
return $this->handleRequest($uid, 'deleteUser', [$uid]);
|
2013-01-11 21:13:22 +04:00
|
|
|
}
|
2016-08-30 12:43:29 +03:00
|
|
|
|
|
|
|
/**
|
|
|
|
* Set password
|
|
|
|
* @param string $uid The username
|
|
|
|
* @param string $password The new password
|
|
|
|
* @return bool
|
|
|
|
*
|
|
|
|
*/
|
|
|
|
public function setPassword($uid, $password) {
|
2020-03-26 11:30:18 +03:00
|
|
|
return $this->handleRequest($uid, 'setPassword', [$uid, $password]);
|
2016-08-30 12:43:29 +03:00
|
|
|
}
|
2013-02-12 01:01:52 +04:00
|
|
|
|
|
|
|
/**
|
|
|
|
* @return bool
|
|
|
|
*/
|
|
|
|
public function hasUserListings() {
|
2013-02-12 16:10:26 +04:00
|
|
|
return $this->refBackend->hasUserListings();
|
2013-02-12 01:01:52 +04:00
|
|
|
}
|
|
|
|
|
2014-01-08 15:07:57 +04:00
|
|
|
/**
|
2014-05-19 19:50:53 +04:00
|
|
|
* Count the number of users
|
2014-05-13 15:29:25 +04:00
|
|
|
* @return int|bool
|
2014-01-08 15:07:57 +04:00
|
|
|
*/
|
|
|
|
public function countUsers() {
|
|
|
|
$users = false;
|
|
|
|
foreach($this->backends as $backend) {
|
|
|
|
$backendUsers = $backend->countUsers();
|
|
|
|
if ($backendUsers !== false) {
|
|
|
|
$users += $backendUsers;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
return $users;
|
|
|
|
}
|
|
|
|
|
2016-07-22 11:46:29 +03:00
|
|
|
/**
|
|
|
|
* Return access for LDAP interaction.
|
|
|
|
* @param string $uid
|
|
|
|
* @return Access instance of Access for LDAP interaction
|
|
|
|
*/
|
|
|
|
public function getLDAPAccess($uid) {
|
2020-03-26 11:30:18 +03:00
|
|
|
return $this->handleRequest($uid, 'getLDAPAccess', [$uid]);
|
2016-07-22 11:46:29 +03:00
|
|
|
}
|
|
|
|
|
|
|
|
/**
|
|
|
|
* Return a new LDAP connection for the specified user.
|
|
|
|
* The connection needs to be closed manually.
|
|
|
|
* @param string $uid
|
|
|
|
* @return resource of the LDAP connection
|
|
|
|
*/
|
|
|
|
public function getNewLDAPConnection($uid) {
|
2020-03-26 11:30:18 +03:00
|
|
|
return $this->handleRequest($uid, 'getNewLDAPConnection', [$uid]);
|
2016-07-22 11:46:29 +03:00
|
|
|
}
|
2017-11-02 15:40:38 +03:00
|
|
|
|
|
|
|
/**
|
|
|
|
* Creates a new user in LDAP
|
|
|
|
* @param $username
|
|
|
|
* @param $password
|
|
|
|
* @return bool
|
|
|
|
*/
|
|
|
|
public function createUser($username, $password) {
|
2020-03-26 11:30:18 +03:00
|
|
|
return $this->handleRequest($username, 'createUser', [$username,$password]);
|
2017-11-02 15:40:38 +03:00
|
|
|
}
|
2013-08-18 13:02:08 +04:00
|
|
|
}
|