LDAP: put app under the OCA\user_ldap\ namespace
This commit is contained in:
Arthur Schiwon
parent
57c375ea24
commit
42492338fc
|
|
@ -22,15 +22,13 @@
|
||||||
*/
|
*/
|
||||||
|
|
||||||
require_once('apps/user_ldap/lib_ldap.php');
|
require_once('apps/user_ldap/lib_ldap.php');
|
||||||
require_once('apps/user_ldap/user_ldap.php');
|
// require_once('apps/user_ldap/group_ldap.php');
|
||||||
require_once('apps/user_ldap/group_ldap.php');
|
|
||||||
// OC::$CLASSPATH['OCA\user_ldap\LDAP_Access']='apps/user_ldap/lib/access.php';
|
|
||||||
|
|
||||||
OCP\App::registerAdmin('user_ldap','settings');
|
OCP\App::registerAdmin('user_ldap','settings');
|
||||||
|
|
||||||
// register user backend
|
// register user backend
|
||||||
OC_User::useBackend( new OC_USER_LDAP() );
|
OC_User::useBackend(new OCA\user_ldap\USER_LDAP());
|
||||||
OC_Group::useBackend( new OC_GROUP_LDAP() );
|
OC_Group::useBackend(new OCA\user_ldap\GROUP_LDAP());
|
||||||
|
|
||||||
// add settings page to navigation
|
// add settings page to navigation
|
||||||
$entry = array(
|
$entry = array(
|
||||||
|
|
|
||||||
|
|
@ -21,7 +21,9 @@
|
||||||
*
|
*
|
||||||
*/
|
*/
|
||||||
|
|
||||||
class OC_GROUP_LDAP extends OC_Group_Backend {
|
namespace OCA\user_ldap;
|
||||||
|
|
||||||
|
class GROUP_LDAP extends \OC_Group_Backend {
|
||||||
// //group specific settings
|
// //group specific settings
|
||||||
protected $ldapGroupFilter;
|
protected $ldapGroupFilter;
|
||||||
protected $ldapGroupMemberAssocAttr;
|
protected $ldapGroupMemberAssocAttr;
|
||||||
|
|
@ -33,8 +35,8 @@ class OC_GROUP_LDAP extends OC_Group_Backend {
|
||||||
protected $_groups = array();
|
protected $_groups = array();
|
||||||
|
|
||||||
public function __construct() {
|
public function __construct() {
|
||||||
$this->ldapGroupFilter = OCP\Config::getAppValue('user_ldap', 'ldap_group_filter', '(objectClass=posixGroup)');
|
$this->ldapGroupFilter = \OCP\Config::getAppValue('user_ldap', 'ldap_group_filter', '(objectClass=posixGroup)');
|
||||||
$this->ldapGroupMemberAssocAttr = OCP\Config::getAppValue('user_ldap', 'ldap_group_member_assoc_attribute', 'uniqueMember');
|
$this->ldapGroupMemberAssocAttr = \OCP\Config::getAppValue('user_ldap', 'ldap_group_member_assoc_attribute', 'uniqueMember');
|
||||||
|
|
||||||
if(!empty($this->ldapGroupFilter) && !empty($this->ldapGroupMemberAssocAttr)) {
|
if(!empty($this->ldapGroupFilter) && !empty($this->ldapGroupMemberAssocAttr)) {
|
||||||
$this->configured = true;
|
$this->configured = true;
|
||||||
|
|
@ -56,14 +58,14 @@ class OC_GROUP_LDAP extends OC_Group_Backend {
|
||||||
if(isset($this->_group_user[$gid][$uid])) {
|
if(isset($this->_group_user[$gid][$uid])) {
|
||||||
return $this->_group_user[$gid][$uid];
|
return $this->_group_user[$gid][$uid];
|
||||||
}
|
}
|
||||||
$dn_user = OC_LDAP::username2dn($uid);
|
$dn_user = \OC_LDAP::username2dn($uid);
|
||||||
$dn_group = OC_LDAP::groupname2dn($gid);
|
$dn_group = \OC_LDAP::groupname2dn($gid);
|
||||||
// just in case
|
// just in case
|
||||||
if(!$dn_group || !$dn_user) {
|
if(!$dn_group || !$dn_user) {
|
||||||
return false;
|
return false;
|
||||||
}
|
}
|
||||||
//usually, LDAP attributes are said to be case insensitive. But there are exceptions of course.
|
//usually, LDAP attributes are said to be case insensitive. But there are exceptions of course.
|
||||||
$members = OC_LDAP::readAttribute($dn_group, $this->ldapGroupMemberAssocAttr);
|
$members = \OC_LDAP::readAttribute($dn_group, $this->ldapGroupMemberAssocAttr);
|
||||||
if(!$members) {
|
if(!$members) {
|
||||||
return false;
|
return false;
|
||||||
}
|
}
|
||||||
|
|
@ -73,8 +75,8 @@ class OC_GROUP_LDAP extends OC_Group_Backend {
|
||||||
if(strtolower($this->ldapGroupMemberAssocAttr) == 'memberuid') {
|
if(strtolower($this->ldapGroupMemberAssocAttr) == 'memberuid') {
|
||||||
$dns = array();
|
$dns = array();
|
||||||
foreach($members as $mid) {
|
foreach($members as $mid) {
|
||||||
$filter = str_replace('%uid', $mid, OC_LDAP::conf('ldapLoginFilter'));
|
$filter = str_replace('%uid', $mid, \OC_LDAP::conf('ldapLoginFilter'));
|
||||||
$ldap_users = OC_LDAP::fetchListOfUsers($filter, 'dn');
|
$ldap_users = \OC_LDAP::fetchListOfUsers($filter, 'dn');
|
||||||
if(count($ldap_users) < 1) {
|
if(count($ldap_users) < 1) {
|
||||||
continue;
|
continue;
|
||||||
}
|
}
|
||||||
|
|
@ -102,7 +104,7 @@ class OC_GROUP_LDAP extends OC_Group_Backend {
|
||||||
if(isset($this->_user_groups[$uid])) {
|
if(isset($this->_user_groups[$uid])) {
|
||||||
return $this->_user_groups[$uid];
|
return $this->_user_groups[$uid];
|
||||||
}
|
}
|
||||||
$userDN = OC_LDAP::username2dn($uid);
|
$userDN = \OC_LDAP::username2dn($uid);
|
||||||
if(!$userDN) {
|
if(!$userDN) {
|
||||||
$this->_user_groups[$uid] = array();
|
$this->_user_groups[$uid] = array();
|
||||||
return array();
|
return array();
|
||||||
|
|
@ -113,19 +115,19 @@ class OC_GROUP_LDAP extends OC_Group_Backend {
|
||||||
|| (strtolower($this->ldapGroupMemberAssocAttr) == 'member')) {
|
|| (strtolower($this->ldapGroupMemberAssocAttr) == 'member')) {
|
||||||
$uid = $userDN;
|
$uid = $userDN;
|
||||||
} else if(strtolower($this->ldapGroupMemberAssocAttr) == 'memberuid') {
|
} else if(strtolower($this->ldapGroupMemberAssocAttr) == 'memberuid') {
|
||||||
$result = OC_LDAP::readAttribute($userDN, 'uid');
|
$result = \OC_LDAP::readAttribute($userDN, 'uid');
|
||||||
$uid = $result[0];
|
$uid = $result[0];
|
||||||
} else {
|
} else {
|
||||||
// just in case
|
// just in case
|
||||||
$uid = $userDN;
|
$uid = $userDN;
|
||||||
}
|
}
|
||||||
|
|
||||||
$filter = OC_LDAP::combineFilterWithAnd(array(
|
$filter = \OC_LDAP::combineFilterWithAnd(array(
|
||||||
$this->ldapGroupFilter,
|
$this->ldapGroupFilter,
|
||||||
$this->ldapGroupMemberAssocAttr.'='.$uid
|
$this->ldapGroupMemberAssocAttr.'='.$uid
|
||||||
));
|
));
|
||||||
$groups = OC_LDAP::fetchListOfGroups($filter, array(OC_LDAP::conf('ldapGroupDisplayName'),'dn'));
|
$groups = \OC_LDAP::fetchListOfGroups($filter, array(\OC_LDAP::conf('ldapGroupDisplayName'),'dn'));
|
||||||
$this->_user_groups[$uid] = array_unique(OC_LDAP::ownCloudGroupNames($groups), SORT_LOCALE_STRING);
|
$this->_user_groups[$uid] = array_unique(\OC_LDAP::ownCloudGroupNames($groups), SORT_LOCALE_STRING);
|
||||||
|
|
||||||
return $this->_user_groups[$uid];
|
return $this->_user_groups[$uid];
|
||||||
}
|
}
|
||||||
|
|
@ -142,13 +144,13 @@ class OC_GROUP_LDAP extends OC_Group_Backend {
|
||||||
return $this->_group_users[$gid];
|
return $this->_group_users[$gid];
|
||||||
}
|
}
|
||||||
|
|
||||||
$groupDN = OC_LDAP::groupname2dn($gid);
|
$groupDN = \OC_LDAP::groupname2dn($gid);
|
||||||
if(!$groupDN) {
|
if(!$groupDN) {
|
||||||
$this->_group_users[$gid] = array();
|
$this->_group_users[$gid] = array();
|
||||||
return array();
|
return array();
|
||||||
}
|
}
|
||||||
|
|
||||||
$members = OC_LDAP::readAttribute($groupDN, $this->ldapGroupMemberAssocAttr);
|
$members = \OC_LDAP::readAttribute($groupDN, $this->ldapGroupMemberAssocAttr);
|
||||||
if(!$members) {
|
if(!$members) {
|
||||||
$this->_group_users[$gid] = array();
|
$this->_group_users[$gid] = array();
|
||||||
return array();
|
return array();
|
||||||
|
|
@ -158,21 +160,21 @@ class OC_GROUP_LDAP extends OC_Group_Backend {
|
||||||
$isMemberUid = (strtolower($this->ldapGroupMemberAssocAttr) == 'memberuid');
|
$isMemberUid = (strtolower($this->ldapGroupMemberAssocAttr) == 'memberuid');
|
||||||
foreach($members as $member) {
|
foreach($members as $member) {
|
||||||
if($isMemberUid) {
|
if($isMemberUid) {
|
||||||
$filter = OCP\Util::mb_str_replace('%uid', $member, OC_LDAP::conf('ldapLoginFilter'), 'UTF-8');
|
$filter = \OCP\Util::mb_str_replace('%uid', $member, \OC_LDAP::conf('ldapLoginFilter'), 'UTF-8');
|
||||||
$ldap_users = OC_LDAP::fetchListOfUsers($filter, 'dn');
|
$ldap_users = \OC_LDAP::fetchListOfUsers($filter, 'dn');
|
||||||
if(count($ldap_users) < 1) {
|
if(count($ldap_users) < 1) {
|
||||||
continue;
|
continue;
|
||||||
}
|
}
|
||||||
$result[] = OC_LDAP::dn2username($ldap_users[0]);
|
$result[] = \OC_LDAP::dn2username($ldap_users[0]);
|
||||||
continue;
|
continue;
|
||||||
} else {
|
} else {
|
||||||
if($ocname = OC_LDAP::dn2username($member)){
|
if($ocname = \OC_LDAP::dn2username($member)){
|
||||||
$result[] = $ocname;
|
$result[] = $ocname;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
if(!$isMemberUid) {
|
if(!$isMemberUid) {
|
||||||
$result = array_intersect($result, OCP\User::getUsers());
|
$result = array_intersect($result, \OCP\User::getUsers());
|
||||||
}
|
}
|
||||||
$this->_group_users[$gid] = array_unique($result, SORT_LOCALE_STRING);
|
$this->_group_users[$gid] = array_unique($result, SORT_LOCALE_STRING);
|
||||||
return $this->_group_users[$gid];
|
return $this->_group_users[$gid];
|
||||||
|
|
@ -189,8 +191,8 @@ class OC_GROUP_LDAP extends OC_Group_Backend {
|
||||||
return array();
|
return array();
|
||||||
}
|
}
|
||||||
if(empty($this->_groups)) {
|
if(empty($this->_groups)) {
|
||||||
$ldap_groups = OC_LDAP::fetchListOfGroups($this->ldapGroupFilter, array(OC_LDAP::conf('ldapGroupDisplayName'), 'dn'));
|
$ldap_groups = \OC_LDAP::fetchListOfGroups($this->ldapGroupFilter, array(\OC_LDAP::conf('ldapGroupDisplayName'), 'dn'));
|
||||||
$this->_groups = OC_LDAP::ownCloudGroupNames($ldap_groups);
|
$this->_groups = \OC_LDAP::ownCloudGroupNames($ldap_groups);
|
||||||
}
|
}
|
||||||
return $this->_groups;
|
return $this->_groups;
|
||||||
}
|
}
|
||||||
|
|
|
||||||
|
|
@ -23,7 +23,9 @@
|
||||||
*
|
*
|
||||||
*/
|
*/
|
||||||
|
|
||||||
class OC_USER_LDAP extends OCA\user_ldap\LDAP_Access implements OCP\UserInterface {
|
namespace OCA\user_ldap;
|
||||||
|
|
||||||
|
class USER_LDAP extends lib\Access implements \OCP\UserInterface {
|
||||||
|
|
||||||
// cached settings
|
// cached settings
|
||||||
protected $ldapUserFilter;
|
protected $ldapUserFilter;
|
||||||
|
|
@ -38,10 +40,10 @@ class OC_USER_LDAP extends OCA\user_ldap\LDAP_Access implements OCP\UserInterfac
|
||||||
protected $_users = null;
|
protected $_users = null;
|
||||||
|
|
||||||
public function __construct() {
|
public function __construct() {
|
||||||
$this->ldapUserFilter = OCP\Config::getAppValue('user_ldap', 'ldap_userlist_filter', '(objectClass=posixAccount)');
|
$this->ldapUserFilter = \OCP\Config::getAppValue('user_ldap', 'ldap_userlist_filter', '(objectClass=posixAccount)');
|
||||||
$this->ldapQuotaAttribute = OCP\Config::getAppValue('user_ldap', 'ldap_quota_attr', '');
|
$this->ldapQuotaAttribute = \OCP\Config::getAppValue('user_ldap', 'ldap_quota_attr', '');
|
||||||
$this->ldapQuotaDefault = OCP\Config::getAppValue('user_ldap', 'ldap_quota_def', '');
|
$this->ldapQuotaDefault = \OCP\Config::getAppValue('user_ldap', 'ldap_quota_def', '');
|
||||||
$this->ldapEmailAttribute = OCP\Config::getAppValue('user_ldap', 'ldap_email_attr', '');
|
$this->ldapEmailAttribute = \OCP\Config::getAppValue('user_ldap', 'ldap_email_attr', '');
|
||||||
}
|
}
|
||||||
|
|
||||||
private function updateQuota($dn) {
|
private function updateQuota($dn) {
|
||||||
|
|
@ -50,26 +52,26 @@ class OC_USER_LDAP extends OCA\user_ldap\LDAP_Access implements OCP\UserInterfac
|
||||||
$quota = $this->ldapQuotaDefault;
|
$quota = $this->ldapQuotaDefault;
|
||||||
}
|
}
|
||||||
if(!empty($this->ldapQuotaAttribute)) {
|
if(!empty($this->ldapQuotaAttribute)) {
|
||||||
$aQuota = OC_LDAP::readAttribute($dn, $this->ldapQuotaAttribute);
|
$aQuota = \OC_LDAP::readAttribute($dn, $this->ldapQuotaAttribute);
|
||||||
|
|
||||||
if($aQuota && (count($aQuota) > 0)) {
|
if($aQuota && (count($aQuota) > 0)) {
|
||||||
$quota = $aQuota[0];
|
$quota = $aQuota[0];
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
if(!is_null($quota)) {
|
if(!is_null($quota)) {
|
||||||
OCP\Config::setUserValue(OC_LDAP::dn2username($dn), 'files', 'quota', OCP\Util::computerFileSize($quota));
|
\OCP\Config::setUserValue(\OC_LDAP::dn2username($dn), 'files', 'quota', \OCP\Util::computerFileSize($quota));
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
private function updateEmail($dn) {
|
private function updateEmail($dn) {
|
||||||
$email = null;
|
$email = null;
|
||||||
if(!empty($this->ldapEmailAttribute)) {
|
if(!empty($this->ldapEmailAttribute)) {
|
||||||
$aEmail = OC_LDAP::readAttribute($dn, $this->ldapEmailAttribute);
|
$aEmail = \OC_LDAP::readAttribute($dn, $this->ldapEmailAttribute);
|
||||||
if($aEmail && (count($aEmail) > 0)) {
|
if($aEmail && (count($aEmail) > 0)) {
|
||||||
$email = $aEmail[0];
|
$email = $aEmail[0];
|
||||||
}
|
}
|
||||||
if(!is_null($email)){
|
if(!is_null($email)){
|
||||||
OCP\Config::setUserValue(OC_LDAP::dn2username($dn), 'settings', 'email', $email);
|
\OCP\Config::setUserValue(\OC_LDAP::dn2username($dn), 'settings', 'email', $email);
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
@ -84,15 +86,15 @@ class OC_USER_LDAP extends OCA\user_ldap\LDAP_Access implements OCP\UserInterfac
|
||||||
*/
|
*/
|
||||||
public function checkPassword($uid, $password){
|
public function checkPassword($uid, $password){
|
||||||
//find out dn of the user name
|
//find out dn of the user name
|
||||||
$filter = OCP\Util::mb_str_replace('%uid', $uid, OC_LDAP::conf('ldapLoginFilter'), 'UTF-8');
|
$filter = \OCP\Util::mb_str_replace('%uid', $uid, \OC_LDAP::conf('ldapLoginFilter'), 'UTF-8');
|
||||||
$ldap_users = OC_LDAP::fetchListOfUsers($filter, 'dn');
|
$ldap_users = \OC_LDAP::fetchListOfUsers($filter, 'dn');
|
||||||
if(count($ldap_users) < 1) {
|
if(count($ldap_users) < 1) {
|
||||||
return false;
|
return false;
|
||||||
}
|
}
|
||||||
$dn = $ldap_users[0];
|
$dn = $ldap_users[0];
|
||||||
|
|
||||||
//are the credentials OK?
|
//are the credentials OK?
|
||||||
if(!OC_LDAP::areCredentialsValid($dn, $password)) {
|
if(!\OC_LDAP::areCredentialsValid($dn, $password)) {
|
||||||
return false;
|
return false;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
@ -101,7 +103,7 @@ class OC_USER_LDAP extends OCA\user_ldap\LDAP_Access implements OCP\UserInterfac
|
||||||
$this->updateEmail($dn);
|
$this->updateEmail($dn);
|
||||||
|
|
||||||
//give back the display name
|
//give back the display name
|
||||||
return OC_LDAP::dn2username($dn);
|
return \OC_LDAP::dn2username($dn);
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
|
|
@ -112,8 +114,8 @@ class OC_USER_LDAP extends OCA\user_ldap\LDAP_Access implements OCP\UserInterfac
|
||||||
*/
|
*/
|
||||||
public function getUsers(){
|
public function getUsers(){
|
||||||
if(is_null($this->_users)) {
|
if(is_null($this->_users)) {
|
||||||
$ldap_users = OC_LDAP::fetchListOfUsers($this->ldapUserFilter, array(OC_LDAP::conf('ldapUserDisplayName'), 'dn'));
|
$ldap_users = \OC_LDAP::fetchListOfUsers($this->ldapUserFilter, array(\OC_LDAP::conf('ldapUserDisplayName'), 'dn'));
|
||||||
$this->_users = OC_LDAP::ownCloudUserNames($ldap_users);
|
$this->_users = \OC_LDAP::ownCloudUserNames($ldap_users);
|
||||||
}
|
}
|
||||||
return $this->_users;
|
return $this->_users;
|
||||||
}
|
}
|
||||||
|
|
@ -125,13 +127,13 @@ class OC_USER_LDAP extends OCA\user_ldap\LDAP_Access implements OCP\UserInterfac
|
||||||
*/
|
*/
|
||||||
public function userExists($uid){
|
public function userExists($uid){
|
||||||
//getting dn, if false the user does not exist. If dn, he may be mapped only, requires more checking.
|
//getting dn, if false the user does not exist. If dn, he may be mapped only, requires more checking.
|
||||||
$dn = OC_LDAP::username2dn($uid);
|
$dn = \OC_LDAP::username2dn($uid);
|
||||||
if(!$dn) {
|
if(!$dn) {
|
||||||
return false;
|
return false;
|
||||||
}
|
}
|
||||||
|
|
||||||
//if user really still exists, we will be able to read his cn
|
//if user really still exists, we will be able to read his cn
|
||||||
$cn = OC_LDAP::readAttribute($dn, 'cn');
|
$cn = \OC_LDAP::readAttribute($dn, 'cn');
|
||||||
if(!$cn || empty($cn)) {
|
if(!$cn || empty($cn)) {
|
||||||
return false;
|
return false;
|
||||||
}
|
}
|
||||||
|
|
|
||||||
Loading…
Reference in New Issue