LDAP: get user photo from LDAP and set it as avatar if available
This commit is contained in:
parent
c503588827
commit
54f0deff2a
|
@ -72,6 +72,7 @@ class Configuration {
|
||||||
'ldapExpertUsernameAttr' => null,
|
'ldapExpertUsernameAttr' => null,
|
||||||
'ldapExpertUUIDUserAttr' => null,
|
'ldapExpertUUIDUserAttr' => null,
|
||||||
'ldapExpertUUIDGroupAttr' => null,
|
'ldapExpertUUIDGroupAttr' => null,
|
||||||
|
'lastJpegPhotoLookup' => null,
|
||||||
);
|
);
|
||||||
|
|
||||||
public function __construct($configPrefix, $autoread = true) {
|
public function __construct($configPrefix, $autoread = true) {
|
||||||
|
@ -330,6 +331,7 @@ class Configuration {
|
||||||
'ldap_expert_uuid_user_attr' => '',
|
'ldap_expert_uuid_user_attr' => '',
|
||||||
'ldap_expert_uuid_group_attr' => '',
|
'ldap_expert_uuid_group_attr' => '',
|
||||||
'has_memberof_filter_support' => 0,
|
'has_memberof_filter_support' => 0,
|
||||||
|
'last_jpegPhoto_lookup' => 0,
|
||||||
);
|
);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -377,6 +379,7 @@ class Configuration {
|
||||||
'ldap_expert_uuid_user_attr' => 'ldapExpertUUIDUserAttr',
|
'ldap_expert_uuid_user_attr' => 'ldapExpertUUIDUserAttr',
|
||||||
'ldap_expert_uuid_group_attr' => 'ldapExpertUUIDGroupAttr',
|
'ldap_expert_uuid_group_attr' => 'ldapExpertUUIDGroupAttr',
|
||||||
'has_memberof_filter_support' => 'hasMemberOfFilterSupport',
|
'has_memberof_filter_support' => 'hasMemberOfFilterSupport',
|
||||||
|
'last_jpegPhoto_lookup' => 'lastJpegPhotoLookup',
|
||||||
);
|
);
|
||||||
return $array;
|
return $array;
|
||||||
}
|
}
|
||||||
|
|
|
@ -69,6 +69,65 @@ class USER_LDAP extends BackendUtility implements \OCP\UserInterface {
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* @brief reads jpegPhoto and set is as avatar if available
|
||||||
|
* @param $uid string ownCloud user name
|
||||||
|
* @param $dn string the user's LDAP DN
|
||||||
|
* @return void
|
||||||
|
*/
|
||||||
|
private function updateAvatar($uid, $dn) {
|
||||||
|
$lastChecked = $this->access->connection->lastJpegPhotoLookup;
|
||||||
|
if((time() - $lastChecked) < 86400 ) {
|
||||||
|
//update only once a day
|
||||||
|
return;
|
||||||
|
}
|
||||||
|
|
||||||
|
$jpegPhoto = $this->access->readAttribute($dn, 'jpegPhoto');
|
||||||
|
$this->access->connection->lastJpegPhotoLookup = time();
|
||||||
|
if(!$jpegPhoto || !is_array($jpegPhoto) || !isset($jpegPhoto[0])) {
|
||||||
|
//not set, nothing left to do;
|
||||||
|
return;
|
||||||
|
}
|
||||||
|
|
||||||
|
$image = new \OCP\Image($jpegPhoto[0]);
|
||||||
|
if(!$image->valid()) {
|
||||||
|
\OCP\Util::writeLog('user_ldap', 'jpegPhoto data invalid for '.$dn,
|
||||||
|
\OCP\Util::ERROR);
|
||||||
|
return;
|
||||||
|
}
|
||||||
|
//make sure it is a square and not bigger than 128x128
|
||||||
|
$size = min(array($image->width(), $image->height(), 128));
|
||||||
|
if(!$image->centerCrop($size)) {
|
||||||
|
\OCP\Util::writeLog('user_ldap',
|
||||||
|
'croping image for avatar failed for '.$dn,
|
||||||
|
\OCP\Util::ERROR);
|
||||||
|
return;
|
||||||
|
}
|
||||||
|
|
||||||
|
$avatarManager = \OC::$server->getAvatarManager();
|
||||||
|
$avatar = $avatarManager->getAvatar($uid);
|
||||||
|
$avatar->set($image->data());
|
||||||
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* @brief checks whether the user is allowed to change his avatar in ownCloud
|
||||||
|
* @param $uid string the ownCloud user name
|
||||||
|
* @return boolean either the user can or cannot
|
||||||
|
*/
|
||||||
|
public function canChangeAvatar($uid) {
|
||||||
|
$dn = $this->access->username2dn($uid);
|
||||||
|
if(!$dn) {
|
||||||
|
return false;
|
||||||
|
}
|
||||||
|
$jpegPhoto = $this->access->readAttribute($dn, 'jpegPhoto');
|
||||||
|
if(!$jpegPhoto || !is_array($jpegPhoto) || !isset($jpegPhoto[0])) {
|
||||||
|
//The user is allowed to change his avatar in ownCloud only if no
|
||||||
|
//avatar is provided by LDAP
|
||||||
|
return true;
|
||||||
|
}
|
||||||
|
return false;
|
||||||
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* @brief Check if the password is correct
|
* @brief Check if the password is correct
|
||||||
* @param $uid The username
|
* @param $uid The username
|
||||||
|
@ -173,6 +232,7 @@ class USER_LDAP extends BackendUtility implements \OCP\UserInterface {
|
||||||
|
|
||||||
$this->access->connection->writeToCache('userExists'.$uid, true);
|
$this->access->connection->writeToCache('userExists'.$uid, true);
|
||||||
$this->updateQuota($dn);
|
$this->updateQuota($dn);
|
||||||
|
$this->updateAvatar($uid, $dn);
|
||||||
return true;
|
return true;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -289,7 +349,8 @@ class USER_LDAP extends BackendUtility implements \OCP\UserInterface {
|
||||||
public function implementsActions($actions) {
|
public function implementsActions($actions) {
|
||||||
return (bool)((OC_USER_BACKEND_CHECK_PASSWORD
|
return (bool)((OC_USER_BACKEND_CHECK_PASSWORD
|
||||||
| OC_USER_BACKEND_GET_HOME
|
| OC_USER_BACKEND_GET_HOME
|
||||||
| OC_USER_BACKEND_GET_DISPLAYNAME)
|
| OC_USER_BACKEND_GET_DISPLAYNAME
|
||||||
|
| OC_USER_BACKEND_PROVIDE_AVATAR)
|
||||||
& $actions);
|
& $actions);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
Loading…
Reference in New Issue