2010-04-22 21:03:54 +04:00
|
|
|
<?php
|
|
|
|
/**
|
2011-04-15 19:14:02 +04:00
|
|
|
* ownCloud
|
|
|
|
*
|
|
|
|
* @author Frank Karlitschek
|
|
|
|
* @copyright 2010 Frank Karlitschek karlitschek@kde.org
|
|
|
|
*
|
|
|
|
* This library is free software; you can redistribute it and/or
|
|
|
|
* modify it under the terms of the GNU AFFERO GENERAL PUBLIC LICENSE
|
|
|
|
* License as published by the Free Software Foundation; either
|
|
|
|
* version 3 of the License, or any later version.
|
|
|
|
*
|
|
|
|
* This library is distributed in the hope that it will be useful,
|
|
|
|
* but WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
|
|
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
|
|
|
* GNU AFFERO GENERAL PUBLIC LICENSE for more details.
|
|
|
|
*
|
|
|
|
* You should have received a copy of the GNU Affero General Public
|
|
|
|
* License along with this library. If not, see <http://www.gnu.org/licenses/>.
|
|
|
|
*
|
|
|
|
*/
|
2010-04-24 14:40:20 +04:00
|
|
|
|
2011-04-16 14:18:42 +04:00
|
|
|
if( !OC_CONFIG::getValue( "installed", false )){
|
2011-04-15 19:14:02 +04:00
|
|
|
$_SESSION['user_id'] = '';
|
2010-06-22 03:27:44 +04:00
|
|
|
}
|
|
|
|
|
2010-04-22 21:03:54 +04:00
|
|
|
/**
|
2011-04-15 19:14:02 +04:00
|
|
|
* This class provides all methods for user management.
|
2011-04-18 13:39:29 +04:00
|
|
|
*
|
|
|
|
* Hooks provided:
|
|
|
|
* pre_createUser(&run, uid, password)
|
|
|
|
* post_createUser(uid, password)
|
|
|
|
* pre_deleteUser(&run, uid)
|
|
|
|
* post_deleteUser(uid)
|
|
|
|
* pre_setPassword(&run, uid, password)
|
|
|
|
* post_setPassword(uid, password)
|
|
|
|
* pre_login(&run, uid)
|
|
|
|
* post_login(uid)
|
|
|
|
* logout()
|
2010-04-22 21:03:54 +04:00
|
|
|
*/
|
2010-07-21 19:53:51 +04:00
|
|
|
class OC_USER {
|
|
|
|
// The backend used for user management
|
2011-04-15 19:14:02 +04:00
|
|
|
private static $_backend = null;
|
|
|
|
|
|
|
|
// Backends available (except database)
|
|
|
|
private static $_backends = array();
|
2010-07-21 19:53:51 +04:00
|
|
|
|
|
|
|
/**
|
2011-04-15 19:14:02 +04:00
|
|
|
* @brief registers backend
|
|
|
|
* @param $name name of the backend
|
|
|
|
* @returns true/false
|
2010-07-23 01:42:18 +04:00
|
|
|
*
|
2011-04-15 19:14:02 +04:00
|
|
|
* Makes a list of backends that can be used by other modules
|
2010-07-23 01:42:18 +04:00
|
|
|
*/
|
2011-04-15 19:14:02 +04:00
|
|
|
public static function registerBackend( $name ){
|
|
|
|
self::$_backends[] = $name;
|
|
|
|
return true;
|
|
|
|
}
|
|
|
|
|
|
|
|
/**
|
|
|
|
* @brief gets available backends
|
|
|
|
* @returns array of backends
|
|
|
|
*
|
|
|
|
* Returns the names of all backends.
|
|
|
|
*/
|
|
|
|
public static function getBackends(){
|
|
|
|
return self::$_backends;
|
|
|
|
}
|
|
|
|
|
|
|
|
/**
|
|
|
|
* @brief Sets the backend
|
|
|
|
* @param $backend default: database The backend to use for user managment
|
|
|
|
* @returns true/false
|
|
|
|
*
|
|
|
|
* Set the User Authentication Module
|
|
|
|
*/
|
|
|
|
public static function setBackend( $backend = 'database' ){
|
|
|
|
// You'll never know what happens
|
|
|
|
if( null === $backend OR !is_string( $backend )){
|
2010-07-21 19:53:51 +04:00
|
|
|
$backend = 'database';
|
|
|
|
}
|
|
|
|
|
2011-04-15 19:14:02 +04:00
|
|
|
// Load backend
|
|
|
|
switch( $backend ){
|
2010-07-23 02:48:45 +04:00
|
|
|
case 'database':
|
2010-07-21 19:53:51 +04:00
|
|
|
case 'mysql':
|
|
|
|
case 'sqlite':
|
2011-04-16 12:12:53 +04:00
|
|
|
require_once('User/database.php');
|
2010-07-21 19:53:51 +04:00
|
|
|
self::$_backend = new OC_USER_DATABASE();
|
|
|
|
break;
|
|
|
|
default:
|
2010-07-23 02:48:45 +04:00
|
|
|
$className = 'OC_USER_' . strToUpper($backend);
|
|
|
|
self::$_backend = new $className();
|
2010-07-21 19:53:51 +04:00
|
|
|
break;
|
|
|
|
}
|
2010-07-19 20:52:49 +04:00
|
|
|
|
2011-04-15 19:14:02 +04:00
|
|
|
true;
|
2010-07-21 19:53:51 +04:00
|
|
|
}
|
2010-07-19 20:52:49 +04:00
|
|
|
|
2010-04-22 21:03:54 +04:00
|
|
|
/**
|
2011-04-18 12:41:01 +04:00
|
|
|
* @brief Create a new user
|
2011-04-18 13:39:29 +04:00
|
|
|
* @param $uid The username of the user to create
|
2011-04-15 19:14:02 +04:00
|
|
|
* @param $password The password of the new user
|
2011-04-18 12:41:01 +04:00
|
|
|
* @returns true/false
|
|
|
|
*
|
2011-04-18 13:39:29 +04:00
|
|
|
* Creates a new user. Basic checking of username is done in OC_USER
|
|
|
|
* itself, not in its subclasses.
|
|
|
|
*
|
|
|
|
* Allowed characters in the username are: "a-z", "A-Z", "0-9" and "_.@-"
|
2010-07-23 01:42:18 +04:00
|
|
|
*/
|
2011-04-18 13:39:29 +04:00
|
|
|
public static function createUser( $uid, $password ){
|
|
|
|
// Check the name for bad characters
|
|
|
|
// Allowed are: "a-z", "A-Z", "0-9" and "_.@-"
|
|
|
|
if( preg_match( '/[^a-zA-Z0-9 _\.@\-]/', $uid )){
|
|
|
|
return false;
|
|
|
|
}
|
2011-04-18 13:48:52 +04:00
|
|
|
// No empty username
|
|
|
|
if( !$uid ){
|
|
|
|
return false;
|
|
|
|
}
|
2011-04-18 14:39:28 +04:00
|
|
|
// Check if user already exists
|
|
|
|
if( in_array( $uid, self::getUsers())){
|
|
|
|
return false;
|
|
|
|
}
|
|
|
|
|
2011-04-18 13:48:52 +04:00
|
|
|
|
2011-04-18 13:39:29 +04:00
|
|
|
$run = true;
|
|
|
|
OC_HOOK::emit( "OC_USER", "pre_createUser", array( "run" => &$run, "uid" => $uid, "password" => $password ));
|
|
|
|
|
|
|
|
if( $run && self::$_backend->createUser( $uid, $password )){
|
|
|
|
OC_HOOK::emit( "OC_USER", "post_createUser", array( "uid" => $uid, "password" => $password ));
|
|
|
|
return true;
|
|
|
|
}
|
|
|
|
else{
|
|
|
|
return false;
|
|
|
|
}
|
2010-07-21 19:53:51 +04:00
|
|
|
}
|
2010-07-19 20:52:49 +04:00
|
|
|
|
2011-04-17 03:04:23 +04:00
|
|
|
/**
|
2011-04-18 12:41:01 +04:00
|
|
|
* @brief delete a user
|
|
|
|
* @param $uid The username of the user to delete
|
|
|
|
* @returns true/false
|
|
|
|
*
|
|
|
|
* Deletes a user
|
2011-04-17 03:04:23 +04:00
|
|
|
*/
|
2011-04-18 12:41:01 +04:00
|
|
|
public static function deleteUser( $uid ){
|
2011-04-18 13:39:29 +04:00
|
|
|
$run = true;
|
|
|
|
OC_HOOK::emit( "OC_USER", "pre_deleteUser", array( "run" => &$run, "uid" => $uid ));
|
|
|
|
|
|
|
|
if( $run && self::$_backend->deleteUser( $uid )){
|
2011-04-18 13:48:52 +04:00
|
|
|
// We have to delete the user from all groups
|
|
|
|
foreach( OC_GROUP::getUserGroups( $uid ) as $i ){
|
|
|
|
OC_GROUP::removeFromGroup( $uid, $i );
|
|
|
|
}
|
|
|
|
|
|
|
|
// Emit and exit
|
2011-04-18 13:39:29 +04:00
|
|
|
OC_HOOK::emit( "OC_USER", "post_deleteUser", array( "uid" => $uid ));
|
|
|
|
return true;
|
|
|
|
}
|
|
|
|
else{
|
|
|
|
return false;
|
|
|
|
}
|
2011-04-17 03:04:23 +04:00
|
|
|
}
|
|
|
|
|
2010-04-22 21:03:54 +04:00
|
|
|
/**
|
2011-04-18 12:41:01 +04:00
|
|
|
* @brief Try to login a user
|
|
|
|
* @param $uid The username of the user to log in
|
2011-04-15 19:14:02 +04:00
|
|
|
* @param $password The password of the user
|
2011-04-18 12:41:01 +04:00
|
|
|
* @returns true/false
|
|
|
|
*
|
|
|
|
* Log in a user - if the password is ok
|
2010-07-23 01:42:18 +04:00
|
|
|
*/
|
2011-04-18 12:41:01 +04:00
|
|
|
public static function login( $uid, $password ){
|
2011-04-18 13:39:29 +04:00
|
|
|
$run = true;
|
|
|
|
OC_HOOK::emit( "OC_USER", "pre_login", array( "run" => &$run, "uid" => $uid ));
|
|
|
|
|
|
|
|
if( $run && self::$_backend->login( $uid, $password )){
|
|
|
|
OC_HOOK::emit( "OC_USER", "post_login", array( "uid" => $uid ));
|
|
|
|
return true;
|
|
|
|
}
|
|
|
|
else{
|
|
|
|
return false;
|
|
|
|
}
|
2010-07-21 19:53:51 +04:00
|
|
|
}
|
2010-07-19 20:52:49 +04:00
|
|
|
|
2011-03-02 01:20:16 +03:00
|
|
|
/**
|
2011-04-15 19:14:02 +04:00
|
|
|
* @brief Kick the user
|
2011-04-18 12:41:01 +04:00
|
|
|
* @returns true
|
|
|
|
*
|
|
|
|
* Logout, destroys session
|
2011-03-02 01:20:16 +03:00
|
|
|
*/
|
2011-04-15 19:14:02 +04:00
|
|
|
public static function logout(){
|
2011-04-18 13:39:29 +04:00
|
|
|
OC_HOOK::emit( "OC_USER", "logout", array());
|
2011-03-02 01:20:16 +03:00
|
|
|
return self::$_backend->logout();
|
|
|
|
}
|
|
|
|
|
2010-04-22 21:03:54 +04:00
|
|
|
/**
|
2011-04-15 19:14:02 +04:00
|
|
|
* @brief Check if the user is logged in
|
2011-04-18 12:41:01 +04:00
|
|
|
* @returns true/false
|
|
|
|
*
|
|
|
|
* Checks if the user is logged in
|
2010-07-23 01:42:18 +04:00
|
|
|
*/
|
2011-04-15 19:14:02 +04:00
|
|
|
public static function isLoggedIn(){
|
2010-07-21 19:53:51 +04:00
|
|
|
return self::$_backend->isLoggedIn();
|
|
|
|
}
|
2010-07-19 20:52:49 +04:00
|
|
|
|
2010-04-22 21:03:54 +04:00
|
|
|
/**
|
2011-04-18 12:41:01 +04:00
|
|
|
* @brief Autogenerate a password
|
|
|
|
* @returns string
|
|
|
|
*
|
|
|
|
* generates a password
|
2010-07-23 01:42:18 +04:00
|
|
|
*/
|
2011-04-15 19:14:02 +04:00
|
|
|
public static function generatePassword(){
|
|
|
|
return substr( md5( uniqId().time()), 0, 10 );
|
2010-07-21 19:53:51 +04:00
|
|
|
}
|
2010-07-19 20:52:49 +04:00
|
|
|
|
2010-04-22 21:03:54 +04:00
|
|
|
/**
|
2011-04-18 12:41:01 +04:00
|
|
|
* @brief Set password
|
|
|
|
* @param $uid The username
|
|
|
|
* @param $password The new password
|
|
|
|
* @returns true/false
|
|
|
|
*
|
|
|
|
* Change the password of a user
|
2010-07-23 01:42:18 +04:00
|
|
|
*/
|
2011-04-18 12:41:01 +04:00
|
|
|
public static function setPassword( $uid, $password ){
|
2011-04-18 13:39:29 +04:00
|
|
|
$run = true;
|
|
|
|
OC_HOOK::emit( "OC_USER", "pre_setPassword", array( "run" => &$run, "uid" => $uid, "password" => $password ));
|
|
|
|
|
|
|
|
if( $run && self::$_backend->setPassword( $uid, $password )){
|
|
|
|
OC_HOOK::emit( "OC_USER", "post_setPassword", array( "uid" => $uid, "password" => $password ));
|
|
|
|
return true;
|
|
|
|
}
|
|
|
|
else{
|
|
|
|
return false;
|
|
|
|
}
|
2010-07-21 19:53:51 +04:00
|
|
|
}
|
2010-07-19 20:52:49 +04:00
|
|
|
|
2010-04-22 21:03:54 +04:00
|
|
|
/**
|
2011-04-18 12:41:01 +04:00
|
|
|
* @brief Check if the password is correct
|
|
|
|
* @param $uid The username
|
|
|
|
* @param $password The password
|
|
|
|
* @returns true/false
|
|
|
|
*
|
|
|
|
* Check if the password is correct without logging in the user
|
2010-07-23 01:42:18 +04:00
|
|
|
*/
|
2011-04-18 12:41:01 +04:00
|
|
|
public static function checkPassword( $uid, $password ){
|
|
|
|
return self::$_backend->checkPassword( $uid, $password );
|
2010-07-21 19:53:51 +04:00
|
|
|
}
|
2010-07-15 21:10:20 +04:00
|
|
|
|
2010-09-15 20:24:14 +04:00
|
|
|
/**
|
2011-04-18 12:41:01 +04:00
|
|
|
* @brief Get a list of all users
|
|
|
|
* @returns array with all uids
|
|
|
|
*
|
|
|
|
* Get a list of all users.
|
2010-09-15 20:24:14 +04:00
|
|
|
*/
|
2011-04-15 19:14:02 +04:00
|
|
|
public static function getUsers(){
|
2010-09-15 20:24:14 +04:00
|
|
|
return self::$_backend->getUsers();
|
|
|
|
}
|
2010-04-22 21:03:54 +04:00
|
|
|
}
|