diff --git a/apps/user_ldap/appinfo/routes.php b/apps/user_ldap/appinfo/routes.php index f08ec195ad..45b43c2140 100644 --- a/apps/user_ldap/appinfo/routes.php +++ b/apps/user_ldap/appinfo/routes.php @@ -41,6 +41,7 @@ $application = new \OCP\AppFramework\App('user_ldap'); $application->registerRoutes($this, [ 'ocs' => [ ['name' => 'ConfigAPI#create', 'url' => '/api/v1/config', 'verb' => 'POST'], + ['name' => 'ConfigAPI#show', 'url' => '/api/v1/config/{configID}', 'verb' => 'GET'], ['name' => 'ConfigAPI#modify', 'url' => '/api/v1/config/{configID}', 'verb' => 'PUT'], ['name' => 'ConfigAPI#delete', 'url' => '/api/v1/config/{configID}', 'verb' => 'DELETE'], ] diff --git a/apps/user_ldap/lib/Controller/ConfigAPIController.php b/apps/user_ldap/lib/Controller/ConfigAPIController.php index 371ca899c2..5256b0d8aa 100644 --- a/apps/user_ldap/lib/Controller/ConfigAPIController.php +++ b/apps/user_ldap/lib/Controller/ConfigAPIController.php @@ -213,6 +213,100 @@ class ConfigAPIController extends OCSController { return new DataResponse(); } + /** + * retrieves a configuration + * + * + * + * + * ok + * 200 + * OK + * + * + * ldaps://my.ldap.server + * 7770 + * + * + * ou=small,dc=my,dc=ldap,dc=server + * ou=users,ou=small,dc=my,dc=ldap,dc=server + * ou=small,dc=my,dc=ldap,dc=server + * cn=root,dc=my,dc=ldap,dc=server + * clearTextWithShowPassword=1 + * 1 + * 0 + * + * displayname + * uid + * inetOrgPerson + * + * (&(objectclass=nextcloudUser)(nextcloudEnabled=TRUE)) + * 1 + * (&(|(objectclass=nextcloudGroup))) + * 0 + * nextcloudGroup + * + * cn + * memberUid + * (&(|(objectclass=inetOrgPerson))(uid=%uid)) + * 0 + * 0 + * 1 + * + * + * + * mail + * 20 + * auto + * auto + * + * 1 + * uid;sn;givenname + * + * 0 + * + * + * + * 1 + * uid + * uid + * + * 0 + * 0 + * 500 + * 1 + * + * + * + * + * @param string $configID + * @param bool|string $showPassword + * @return DataResponse + * @throws OCSException + */ + public function show($configID, $showPassword = false) { + $this->ensureConfigIDExists($configID); + + try { + $config = new Configuration($configID); + $data = $config->getConfiguration(); + if(!boolval(intval($showPassword))) { + $data['ldapAgentPassword'] = '***'; + } + foreach ($data as $key => $value) { + if(is_array($value)) { + $value = implode(';', $value); + $data[$key] = $value; + } + } + } catch (\Exception $e) { + $this->logger->logException($e); + throw new OCSException('An issue occurred when modifying the config.'); + } + + return new DataResponse($data); + } + /** * if the given config ID is not available, an exception is thrown * diff --git a/build/integration/features/bootstrap/LDAPContext.php b/build/integration/features/bootstrap/LDAPContext.php index 3a66641685..5d1f75ceff 100644 --- a/build/integration/features/bootstrap/LDAPContext.php +++ b/build/integration/features/bootstrap/LDAPContext.php @@ -66,4 +66,23 @@ class LDAPContext implements Context { new \Behat\Gherkin\Node\TableNode([['key', $key], ['value', $value]]) ); } + + /** + * @Given /^the response should contain a tag "([^"]*)" with value "([^"]*)"$/ + */ + public function theResponseShouldContainATagWithValue($tagName, $expectedValue) { + $data = $this->response->xml()->data[0]->$tagName; + PHPUnit_Framework_Assert::assertEquals($expectedValue, $data[0]); + } + + /** + * @When /^getting the LDAP configuration with showPassword "([^"]*)"$/ + */ + public function gettingTheLDAPConfigurationWithShowPassword($showPassword) { + $this->sendingToWith( + 'GET', + $this->apiUrl . '/' . $this->configID . '?showPassword=' . $showPassword, + null + ); + } } diff --git a/build/integration/ldap_features/ldap-ocs.feature b/build/integration/ldap_features/ldap-ocs.feature index d925df3256..df643b8a01 100644 --- a/build/integration/ldap_features/ldap-ocs.feature +++ b/build/integration/ldap_features/ldap-ocs.feature @@ -46,3 +46,25 @@ Feature: LDAP | value | ldaps://my.ldap.server | Then the OCS status code should be "404" And the HTTP status code should be "404" + + Scenario: create, modify and get a configuration + Given As an "admin" + And creating an LDAP configuration at "/apps/user_ldap/api/v1/config" + And setting "ldapHost" of the LDAP configuration to "ldaps://my.ldap.server" + And setting "ldapLoginFilter" of the LDAP configuration to "(&(|(objectclass=inetOrgPerson))(uid=%uid))" + And setting "ldapAgentPassword" of the LDAP configuration to "psst,secret" + When getting the LDAP configuration with showPassword "0" + Then the OCS status code should be "200" + And the HTTP status code should be "200" + And the response should contain a tag "ldapHost" with value "ldaps://my.ldap.server" + And the response should contain a tag "ldapLoginFilter" with value "(&(|(objectclass=inetOrgPerson))(uid=%uid))" + And the response should contain a tag "ldapAgentPassword" with value "***" + + Scenario: receiving password in plain text + Given As an "admin" + And creating an LDAP configuration at "/apps/user_ldap/api/v1/config" + And setting "ldapAgentPassword" of the LDAP configuration to "psst,secret" + When getting the LDAP configuration with showPassword "1" + Then the OCS status code should be "200" + And the HTTP status code should be "200" + And the response should contain a tag "ldapAgentPassword" with value "psst,secret"