LDAP OCS Api for show config

Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
This commit is contained in:
Arthur Schiwon 2017-01-19 15:19:20 +01:00
parent f2c9d04eac
commit 1f7b08bd19
No known key found for this signature in database
GPG Key ID: 7424F1874854DF23
4 changed files with 136 additions and 0 deletions

View File

@ -41,6 +41,7 @@ $application = new \OCP\AppFramework\App('user_ldap');
$application->registerRoutes($this, [ $application->registerRoutes($this, [
'ocs' => [ 'ocs' => [
['name' => 'ConfigAPI#create', 'url' => '/api/v1/config', 'verb' => 'POST'], ['name' => 'ConfigAPI#create', 'url' => '/api/v1/config', 'verb' => 'POST'],
['name' => 'ConfigAPI#show', 'url' => '/api/v1/config/{configID}', 'verb' => 'GET'],
['name' => 'ConfigAPI#modify', 'url' => '/api/v1/config/{configID}', 'verb' => 'PUT'], ['name' => 'ConfigAPI#modify', 'url' => '/api/v1/config/{configID}', 'verb' => 'PUT'],
['name' => 'ConfigAPI#delete', 'url' => '/api/v1/config/{configID}', 'verb' => 'DELETE'], ['name' => 'ConfigAPI#delete', 'url' => '/api/v1/config/{configID}', 'verb' => 'DELETE'],
] ]

View File

@ -213,6 +213,100 @@ class ConfigAPIController extends OCSController {
return new DataResponse(); return new DataResponse();
} }
/**
* retrieves a configuration
*
* <?xml version="1.0"?>
* <ocs>
* <meta>
* <status>ok</status>
* <statuscode>200</statuscode>
* <message>OK</message>
* </meta>
* <data>
* <ldapHost>ldaps://my.ldap.server</ldapHost>
* <ldapPort>7770</ldapPort>
* <ldapBackupHost></ldapBackupHost>
* <ldapBackupPort></ldapBackupPort>
* <ldapBase>ou=small,dc=my,dc=ldap,dc=server</ldapBase>
* <ldapBaseUsers>ou=users,ou=small,dc=my,dc=ldap,dc=server</ldapBaseUsers>
* <ldapBaseGroups>ou=small,dc=my,dc=ldap,dc=server</ldapBaseGroups>
* <ldapAgentName>cn=root,dc=my,dc=ldap,dc=server</ldapAgentName>
* <ldapAgentPassword>clearTextWithShowPassword=1</ldapAgentPassword>
* <ldapTLS>1</ldapTLS>
* <turnOffCertCheck>0</turnOffCertCheck>
* <ldapIgnoreNamingRules/>
* <ldapUserDisplayName>displayname</ldapUserDisplayName>
* <ldapUserDisplayName2>uid</ldapUserDisplayName2>
* <ldapUserFilterObjectclass>inetOrgPerson</ldapUserFilterObjectclass>
* <ldapUserFilterGroups></ldapUserFilterGroups>
* <ldapUserFilter>(&amp;(objectclass=nextcloudUser)(nextcloudEnabled=TRUE))</ldapUserFilter>
* <ldapUserFilterMode>1</ldapUserFilterMode>
* <ldapGroupFilter>(&amp;(|(objectclass=nextcloudGroup)))</ldapGroupFilter>
* <ldapGroupFilterMode>0</ldapGroupFilterMode>
* <ldapGroupFilterObjectclass>nextcloudGroup</ldapGroupFilterObjectclass>
* <ldapGroupFilterGroups></ldapGroupFilterGroups>
* <ldapGroupDisplayName>cn</ldapGroupDisplayName>
* <ldapGroupMemberAssocAttr>memberUid</ldapGroupMemberAssocAttr>
* <ldapLoginFilter>(&amp;(|(objectclass=inetOrgPerson))(uid=%uid))</ldapLoginFilter>
* <ldapLoginFilterMode>0</ldapLoginFilterMode>
* <ldapLoginFilterEmail>0</ldapLoginFilterEmail>
* <ldapLoginFilterUsername>1</ldapLoginFilterUsername>
* <ldapLoginFilterAttributes></ldapLoginFilterAttributes>
* <ldapQuotaAttribute></ldapQuotaAttribute>
* <ldapQuotaDefault></ldapQuotaDefault>
* <ldapEmailAttribute>mail</ldapEmailAttribute>
* <ldapCacheTTL>20</ldapCacheTTL>
* <ldapUuidUserAttribute>auto</ldapUuidUserAttribute>
* <ldapUuidGroupAttribute>auto</ldapUuidGroupAttribute>
* <ldapOverrideMainServer></ldapOverrideMainServer>
* <ldapConfigurationActive>1</ldapConfigurationActive>
* <ldapAttributesForUserSearch>uid;sn;givenname</ldapAttributesForUserSearch>
* <ldapAttributesForGroupSearch></ldapAttributesForGroupSearch>
* <ldapExperiencedAdmin>0</ldapExperiencedAdmin>
* <homeFolderNamingRule></homeFolderNamingRule>
* <hasPagedResultSupport></hasPagedResultSupport>
* <hasMemberOfFilterSupport></hasMemberOfFilterSupport>
* <useMemberOfToDetectMembership>1</useMemberOfToDetectMembership>
* <ldapExpertUsernameAttr>uid</ldapExpertUsernameAttr>
* <ldapExpertUUIDUserAttr>uid</ldapExpertUUIDUserAttr>
* <ldapExpertUUIDGroupAttr></ldapExpertUUIDGroupAttr>
* <lastJpegPhotoLookup>0</lastJpegPhotoLookup>
* <ldapNestedGroups>0</ldapNestedGroups>
* <ldapPagingSize>500</ldapPagingSize>
* <turnOnPasswordChange>1</turnOnPasswordChange>
* <ldapDynamicGroupMemberURL></ldapDynamicGroupMemberURL>
* </data>
* </ocs>
*
* @param string $configID
* @param bool|string $showPassword
* @return DataResponse
* @throws OCSException
*/
public function show($configID, $showPassword = false) {
$this->ensureConfigIDExists($configID);
try {
$config = new Configuration($configID);
$data = $config->getConfiguration();
if(!boolval(intval($showPassword))) {
$data['ldapAgentPassword'] = '***';
}
foreach ($data as $key => $value) {
if(is_array($value)) {
$value = implode(';', $value);
$data[$key] = $value;
}
}
} catch (\Exception $e) {
$this->logger->logException($e);
throw new OCSException('An issue occurred when modifying the config.');
}
return new DataResponse($data);
}
/** /**
* if the given config ID is not available, an exception is thrown * if the given config ID is not available, an exception is thrown
* *

View File

@ -66,4 +66,23 @@ class LDAPContext implements Context {
new \Behat\Gherkin\Node\TableNode([['key', $key], ['value', $value]]) new \Behat\Gherkin\Node\TableNode([['key', $key], ['value', $value]])
); );
} }
/**
* @Given /^the response should contain a tag "([^"]*)" with value "([^"]*)"$/
*/
public function theResponseShouldContainATagWithValue($tagName, $expectedValue) {
$data = $this->response->xml()->data[0]->$tagName;
PHPUnit_Framework_Assert::assertEquals($expectedValue, $data[0]);
}
/**
* @When /^getting the LDAP configuration with showPassword "([^"]*)"$/
*/
public function gettingTheLDAPConfigurationWithShowPassword($showPassword) {
$this->sendingToWith(
'GET',
$this->apiUrl . '/' . $this->configID . '?showPassword=' . $showPassword,
null
);
}
} }

View File

@ -46,3 +46,25 @@ Feature: LDAP
| value | ldaps://my.ldap.server | | value | ldaps://my.ldap.server |
Then the OCS status code should be "404" Then the OCS status code should be "404"
And the HTTP status code should be "404" And the HTTP status code should be "404"
Scenario: create, modify and get a configuration
Given As an "admin"
And creating an LDAP configuration at "/apps/user_ldap/api/v1/config"
And setting "ldapHost" of the LDAP configuration to "ldaps://my.ldap.server"
And setting "ldapLoginFilter" of the LDAP configuration to "(&(|(objectclass=inetOrgPerson))(uid=%uid))"
And setting "ldapAgentPassword" of the LDAP configuration to "psst,secret"
When getting the LDAP configuration with showPassword "0"
Then the OCS status code should be "200"
And the HTTP status code should be "200"
And the response should contain a tag "ldapHost" with value "ldaps://my.ldap.server"
And the response should contain a tag "ldapLoginFilter" with value "(&(|(objectclass=inetOrgPerson))(uid=%uid))"
And the response should contain a tag "ldapAgentPassword" with value "***"
Scenario: receiving password in plain text
Given As an "admin"
And creating an LDAP configuration at "/apps/user_ldap/api/v1/config"
And setting "ldapAgentPassword" of the LDAP configuration to "psst,secret"
When getting the LDAP configuration with showPassword "1"
Then the OCS status code should be "200"
And the HTTP status code should be "200"
And the response should contain a tag "ldapAgentPassword" with value "psst,secret"