LDAP OCS API (Part 1)
LDAP OCS Api for create config Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de> LDAP OCS Api for delete config Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de> fix and extend behat tests Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de> add LDAP OCS Api for modifying a configuration Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de> test against OCS v2 instead Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de> LDAP OCS Api for show config Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de> also, let ldap integration tests run Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de> fix indentation Signed-off-by: Morris Jobke <hey@morrisjobke.de> enable user_ldap app for tests Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de> LDAP PUT command now supports setting multiple keys at once Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de> fix deletion for configIDs < s10 Also move ensureConfigIDExists checks into try, it might throw DB related exceptions Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de> remove outdated scenario covered by "Delete a non-existing configuration" Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
This commit is contained in:
parent
275db05a46
commit
9299c9fc79
11
.drone.yml
11
.drone.yml
|
@ -365,6 +365,16 @@ pipeline:
|
||||||
when:
|
when:
|
||||||
matrix:
|
matrix:
|
||||||
TESTS: integration-filesdrop-features
|
TESTS: integration-filesdrop-features
|
||||||
|
integration-ldap-features:
|
||||||
|
image: nextcloudci/integration-php7.0:integration-php7.0-3
|
||||||
|
commands:
|
||||||
|
- ./occ maintenance:install --admin-pass=admin
|
||||||
|
- ./occ app:enable user_ldap
|
||||||
|
- cd build/integration
|
||||||
|
- ./run.sh ldap_features/ldap-ocs.feature
|
||||||
|
when:
|
||||||
|
matrix:
|
||||||
|
TESTS: integration-ldap-features
|
||||||
nodb-codecov:
|
nodb-codecov:
|
||||||
image: nextcloudci/php7.0:php7.0-7
|
image: nextcloudci/php7.0:php7.0-7
|
||||||
commands:
|
commands:
|
||||||
|
@ -410,6 +420,7 @@ matrix:
|
||||||
- TESTS: integration-sharees-features
|
- TESTS: integration-sharees-features
|
||||||
- TESTS: integration-setup-features
|
- TESTS: integration-setup-features
|
||||||
- TESTS: integration-filesdrop-features
|
- TESTS: integration-filesdrop-features
|
||||||
|
- TESTS: integration-ldap-features
|
||||||
- TESTS: jsunit
|
- TESTS: jsunit
|
||||||
- TESTS: check-autoloader
|
- TESTS: check-autoloader
|
||||||
- TESTS: app-check-code
|
- TESTS: app-check-code
|
||||||
|
|
|
@ -36,3 +36,13 @@ $this->create('user_ldap_ajax_testConfiguration', 'ajax/testConfiguration.php')
|
||||||
->actionInclude('user_ldap/ajax/testConfiguration.php');
|
->actionInclude('user_ldap/ajax/testConfiguration.php');
|
||||||
$this->create('user_ldap_ajax_wizard', 'ajax/wizard.php')
|
$this->create('user_ldap_ajax_wizard', 'ajax/wizard.php')
|
||||||
->actionInclude('user_ldap/ajax/wizard.php');
|
->actionInclude('user_ldap/ajax/wizard.php');
|
||||||
|
|
||||||
|
$application = new \OCP\AppFramework\App('user_ldap');
|
||||||
|
$application->registerRoutes($this, [
|
||||||
|
'ocs' => [
|
||||||
|
['name' => 'ConfigAPI#create', 'url' => '/api/v1/config', 'verb' => 'POST'],
|
||||||
|
['name' => 'ConfigAPI#show', 'url' => '/api/v1/config/{configID}', 'verb' => 'GET'],
|
||||||
|
['name' => 'ConfigAPI#modify', 'url' => '/api/v1/config/{configID}', 'verb' => 'PUT'],
|
||||||
|
['name' => 'ConfigAPI#delete', 'url' => '/api/v1/config/{configID}', 'verb' => 'DELETE'],
|
||||||
|
]
|
||||||
|
]);
|
||||||
|
|
|
@ -29,6 +29,7 @@ use OCA\User_LDAP\Configuration;
|
||||||
use OCA\User_LDAP\Helper;
|
use OCA\User_LDAP\Helper;
|
||||||
use Symfony\Component\Console\Command\Command;
|
use Symfony\Component\Console\Command\Command;
|
||||||
use Symfony\Component\Console\Input\InputInterface;
|
use Symfony\Component\Console\Input\InputInterface;
|
||||||
|
use Symfony\Component\Console\Input\InputOption;
|
||||||
use Symfony\Component\Console\Output\OutputInterface;
|
use Symfony\Component\Console\Output\OutputInterface;
|
||||||
|
|
||||||
class CreateEmptyConfig extends Command {
|
class CreateEmptyConfig extends Command {
|
||||||
|
@ -47,29 +48,24 @@ class CreateEmptyConfig extends Command {
|
||||||
$this
|
$this
|
||||||
->setName('ldap:create-empty-config')
|
->setName('ldap:create-empty-config')
|
||||||
->setDescription('creates an empty LDAP configuration')
|
->setDescription('creates an empty LDAP configuration')
|
||||||
|
->addOption(
|
||||||
|
'only-print-prefix',
|
||||||
|
'p',
|
||||||
|
InputOption::VALUE_NONE,
|
||||||
|
'outputs only the prefix'
|
||||||
|
)
|
||||||
;
|
;
|
||||||
}
|
}
|
||||||
|
|
||||||
protected function execute(InputInterface $input, OutputInterface $output) {
|
protected function execute(InputInterface $input, OutputInterface $output) {
|
||||||
$configPrefix = $this->getNewConfigurationPrefix();
|
$configPrefix = $this->helper->getNextServerConfigurationPrefix();
|
||||||
$output->writeln("Created new configuration with configID '{$configPrefix}'");
|
|
||||||
|
|
||||||
$configHolder = new Configuration($configPrefix);
|
$configHolder = new Configuration($configPrefix);
|
||||||
$configHolder->saveConfiguration();
|
$configHolder->saveConfiguration();
|
||||||
}
|
|
||||||
|
|
||||||
protected function getNewConfigurationPrefix() {
|
$prose = '';
|
||||||
$serverConnections = $this->helper->getServerConfigurationPrefixes();
|
if(!$input->getOption('only-print-prefix')) {
|
||||||
|
$prose = 'Created new configuration with configID ';
|
||||||
// first connection uses no prefix
|
|
||||||
if(sizeof($serverConnections) == 0) {
|
|
||||||
return '';
|
|
||||||
}
|
}
|
||||||
|
$output->writeln($prose . "{$configPrefix}");
|
||||||
sort($serverConnections);
|
|
||||||
$lastKey = array_pop($serverConnections);
|
|
||||||
$lastNumber = intval(str_replace('s', '', $lastKey));
|
|
||||||
$nextPrefix = 's' . str_pad($lastNumber + 1, 2, '0', STR_PAD_LEFT);
|
|
||||||
return $nextPrefix;
|
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
|
@ -393,9 +393,12 @@ class Configuration {
|
||||||
* @return bool
|
* @return bool
|
||||||
*/
|
*/
|
||||||
protected function saveValue($varName, $value) {
|
protected function saveValue($varName, $value) {
|
||||||
return \OCP\Config::setAppValue('user_ldap',
|
\OC::$server->getConfig()->setAppValue(
|
||||||
$this->configPrefix.$varName,
|
'user_ldap',
|
||||||
$value);
|
$this->configPrefix.$varName,
|
||||||
|
$value
|
||||||
|
);
|
||||||
|
return true;
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
|
|
|
@ -0,0 +1,322 @@
|
||||||
|
<?php
|
||||||
|
/**
|
||||||
|
* @copyright Copyright (c) 2017 Arthur Schiwon <blizzz@arthur-schiwon.de>
|
||||||
|
*
|
||||||
|
* @author Arthur Schiwon <blizzz@arthur-schiwon.de>
|
||||||
|
*
|
||||||
|
* @license GNU AGPL version 3 or any later version
|
||||||
|
*
|
||||||
|
* This program is free software: you can redistribute it and/or modify
|
||||||
|
* it under the terms of the GNU Affero General Public License as
|
||||||
|
* published by the Free Software Foundation, either version 3 of the
|
||||||
|
* License, or (at your option) any later version.
|
||||||
|
*
|
||||||
|
* This program is distributed in the hope that it will be useful,
|
||||||
|
* but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||||
|
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||||
|
* GNU Affero General Public License for more details.
|
||||||
|
*
|
||||||
|
* You should have received a copy of the GNU Affero General Public License
|
||||||
|
* along with this program. If not, see <http://www.gnu.org/licenses/>.
|
||||||
|
*
|
||||||
|
*/
|
||||||
|
|
||||||
|
namespace OCA\User_LDAP\Controller;
|
||||||
|
|
||||||
|
use OC\CapabilitiesManager;
|
||||||
|
use OC\Core\Controller\OCSController;
|
||||||
|
use OC\Security\Bruteforce\Throttler;
|
||||||
|
use OC\Security\IdentityProof\Manager;
|
||||||
|
use OCA\User_LDAP\Configuration;
|
||||||
|
use OCA\User_LDAP\Helper;
|
||||||
|
use OCP\AppFramework\Http\DataResponse;
|
||||||
|
use OCP\AppFramework\OCS\OCSBadRequestException;
|
||||||
|
use OCP\AppFramework\OCS\OCSException;
|
||||||
|
use OCP\AppFramework\OCS\OCSNotFoundException;
|
||||||
|
use OCP\ILogger;
|
||||||
|
use OCP\IRequest;
|
||||||
|
use OCP\IUserManager;
|
||||||
|
use OCP\IUserSession;
|
||||||
|
|
||||||
|
class ConfigAPIController extends OCSController {
|
||||||
|
|
||||||
|
/** @var Helper */
|
||||||
|
private $ldapHelper;
|
||||||
|
|
||||||
|
/** @var ILogger */
|
||||||
|
private $logger;
|
||||||
|
|
||||||
|
public function __construct(
|
||||||
|
$appName,
|
||||||
|
IRequest $request,
|
||||||
|
CapabilitiesManager $capabilitiesManager,
|
||||||
|
IUserSession $userSession,
|
||||||
|
IUserManager $userManager,
|
||||||
|
Throttler $throttler,
|
||||||
|
Manager $keyManager,
|
||||||
|
Helper $ldapHelper,
|
||||||
|
ILogger $logger
|
||||||
|
) {
|
||||||
|
parent::__construct(
|
||||||
|
$appName,
|
||||||
|
$request,
|
||||||
|
$capabilitiesManager,
|
||||||
|
$userSession,
|
||||||
|
$userManager,
|
||||||
|
$throttler,
|
||||||
|
$keyManager
|
||||||
|
);
|
||||||
|
|
||||||
|
|
||||||
|
$this->ldapHelper = $ldapHelper;
|
||||||
|
$this->logger = $logger;
|
||||||
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* creates a new (empty) configuration and returns the resulting prefix
|
||||||
|
*
|
||||||
|
* Example: curl -X POST -H "OCS-APIREQUEST: true" -u $admin:$password \
|
||||||
|
* https://nextcloud.server/ocs/v2.php/apps/user_ldap/api/v1/config
|
||||||
|
*
|
||||||
|
* results in:
|
||||||
|
*
|
||||||
|
* <?xml version="1.0"?>
|
||||||
|
* <ocs>
|
||||||
|
* <meta>
|
||||||
|
* <status>ok</status>
|
||||||
|
* <statuscode>200</statuscode>
|
||||||
|
* <message>OK</message>
|
||||||
|
* </meta>
|
||||||
|
* <data>
|
||||||
|
* <configID>s40</configID>
|
||||||
|
* </data>
|
||||||
|
* </ocs>
|
||||||
|
*
|
||||||
|
* Failing example: if an exception is thrown (e.g. Database connection lost)
|
||||||
|
* the detailed error will be logged. The output will then look like:
|
||||||
|
*
|
||||||
|
* <?xml version="1.0"?>
|
||||||
|
* <ocs>
|
||||||
|
* <meta>
|
||||||
|
* <status>failure</status>
|
||||||
|
* <statuscode>999</statuscode>
|
||||||
|
* <message>An issue occurred when creating the new config.</message>
|
||||||
|
* </meta>
|
||||||
|
* <data/>
|
||||||
|
* </ocs>
|
||||||
|
*
|
||||||
|
* For JSON output provide the format=json parameter
|
||||||
|
*
|
||||||
|
* @return DataResponse
|
||||||
|
* @throws OCSException
|
||||||
|
*/
|
||||||
|
public function create() {
|
||||||
|
try {
|
||||||
|
$configPrefix = $this->ldapHelper->getNextServerConfigurationPrefix();
|
||||||
|
$configHolder = new Configuration($configPrefix);
|
||||||
|
$configHolder->saveConfiguration();
|
||||||
|
} catch (\Exception $e) {
|
||||||
|
$this->logger->logException($e);
|
||||||
|
throw new OCSException('An issue occurred when creating the new config.');
|
||||||
|
}
|
||||||
|
return new DataResponse(['configID' => $configPrefix]);
|
||||||
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Deletes a LDAP configuration, if present.
|
||||||
|
*
|
||||||
|
* Example:
|
||||||
|
* curl -X DELETE -H "OCS-APIREQUEST: true" -u $admin:$password \
|
||||||
|
* https://nextcloud.server/ocs/v2.php/apps/user_ldap/api/v1/config/s60
|
||||||
|
*
|
||||||
|
* <?xml version="1.0"?>
|
||||||
|
* <ocs>
|
||||||
|
* <meta>
|
||||||
|
* <status>ok</status>
|
||||||
|
* <statuscode>200</statuscode>
|
||||||
|
* <message>OK</message>
|
||||||
|
* </meta>
|
||||||
|
* <data/>
|
||||||
|
* </ocs>
|
||||||
|
*
|
||||||
|
* @param string $configID
|
||||||
|
* @return DataResponse
|
||||||
|
* @throws OCSBadRequestException
|
||||||
|
* @throws OCSException
|
||||||
|
*/
|
||||||
|
public function delete($configID) {
|
||||||
|
try {
|
||||||
|
$this->ensureConfigIDExists($configID);
|
||||||
|
if(!$this->ldapHelper->deleteServerConfiguration($configID)) {
|
||||||
|
throw new OCSException('Could not delete configuration');
|
||||||
|
}
|
||||||
|
} catch(OCSException $e) {
|
||||||
|
throw $e;
|
||||||
|
} catch(\Exception $e) {
|
||||||
|
$this->logger->logException($e);
|
||||||
|
throw new OCSException('An issue occurred when deleting the config.');
|
||||||
|
}
|
||||||
|
|
||||||
|
return new DataResponse();
|
||||||
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* modifies a configuration
|
||||||
|
*
|
||||||
|
* Example:
|
||||||
|
* curl -X PUT -d "configData[ldapHost]=ldaps://my.ldap.server&configData[ldapPort]=636" \
|
||||||
|
* -H "OCS-APIREQUEST: true" -u $admin:$password \
|
||||||
|
* https://nextcloud.server/ocs/v2.php/apps/user_ldap/api/v1/config/s60
|
||||||
|
*
|
||||||
|
* <?xml version="1.0"?>
|
||||||
|
* <ocs>
|
||||||
|
* <meta>
|
||||||
|
* <status>ok</status>
|
||||||
|
* <statuscode>200</statuscode>
|
||||||
|
* <message>OK</message>
|
||||||
|
* </meta>
|
||||||
|
* <data/>
|
||||||
|
* </ocs>
|
||||||
|
*
|
||||||
|
* @param string $configID
|
||||||
|
* @param array $configData
|
||||||
|
* @return DataResponse
|
||||||
|
* @throws OCSException
|
||||||
|
*/
|
||||||
|
public function modify($configID, $configData) {
|
||||||
|
try {
|
||||||
|
$this->ensureConfigIDExists($configID);
|
||||||
|
|
||||||
|
if(!is_array($configData)) {
|
||||||
|
throw new OCSBadRequestException('configData is not properly set');
|
||||||
|
}
|
||||||
|
|
||||||
|
$configuration = new Configuration($configID);
|
||||||
|
$configKeys = $configuration->getConfigTranslationArray();
|
||||||
|
|
||||||
|
foreach ($configKeys as $i => $key) {
|
||||||
|
if(isset($configData[$key])) {
|
||||||
|
$configuration->$key = $configData[$key];
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
$configuration->saveConfiguration();
|
||||||
|
} catch(OCSException $e) {
|
||||||
|
throw $e;
|
||||||
|
} catch (\Exception $e) {
|
||||||
|
$this->logger->logException($e);
|
||||||
|
throw new OCSException('An issue occurred when modifying the config.');
|
||||||
|
}
|
||||||
|
|
||||||
|
return new DataResponse();
|
||||||
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* retrieves a configuration
|
||||||
|
*
|
||||||
|
* <?xml version="1.0"?>
|
||||||
|
* <ocs>
|
||||||
|
* <meta>
|
||||||
|
* <status>ok</status>
|
||||||
|
* <statuscode>200</statuscode>
|
||||||
|
* <message>OK</message>
|
||||||
|
* </meta>
|
||||||
|
* <data>
|
||||||
|
* <ldapHost>ldaps://my.ldap.server</ldapHost>
|
||||||
|
* <ldapPort>7770</ldapPort>
|
||||||
|
* <ldapBackupHost></ldapBackupHost>
|
||||||
|
* <ldapBackupPort></ldapBackupPort>
|
||||||
|
* <ldapBase>ou=small,dc=my,dc=ldap,dc=server</ldapBase>
|
||||||
|
* <ldapBaseUsers>ou=users,ou=small,dc=my,dc=ldap,dc=server</ldapBaseUsers>
|
||||||
|
* <ldapBaseGroups>ou=small,dc=my,dc=ldap,dc=server</ldapBaseGroups>
|
||||||
|
* <ldapAgentName>cn=root,dc=my,dc=ldap,dc=server</ldapAgentName>
|
||||||
|
* <ldapAgentPassword>clearTextWithShowPassword=1</ldapAgentPassword>
|
||||||
|
* <ldapTLS>1</ldapTLS>
|
||||||
|
* <turnOffCertCheck>0</turnOffCertCheck>
|
||||||
|
* <ldapIgnoreNamingRules/>
|
||||||
|
* <ldapUserDisplayName>displayname</ldapUserDisplayName>
|
||||||
|
* <ldapUserDisplayName2>uid</ldapUserDisplayName2>
|
||||||
|
* <ldapUserFilterObjectclass>inetOrgPerson</ldapUserFilterObjectclass>
|
||||||
|
* <ldapUserFilterGroups></ldapUserFilterGroups>
|
||||||
|
* <ldapUserFilter>(&(objectclass=nextcloudUser)(nextcloudEnabled=TRUE))</ldapUserFilter>
|
||||||
|
* <ldapUserFilterMode>1</ldapUserFilterMode>
|
||||||
|
* <ldapGroupFilter>(&(|(objectclass=nextcloudGroup)))</ldapGroupFilter>
|
||||||
|
* <ldapGroupFilterMode>0</ldapGroupFilterMode>
|
||||||
|
* <ldapGroupFilterObjectclass>nextcloudGroup</ldapGroupFilterObjectclass>
|
||||||
|
* <ldapGroupFilterGroups></ldapGroupFilterGroups>
|
||||||
|
* <ldapGroupDisplayName>cn</ldapGroupDisplayName>
|
||||||
|
* <ldapGroupMemberAssocAttr>memberUid</ldapGroupMemberAssocAttr>
|
||||||
|
* <ldapLoginFilter>(&(|(objectclass=inetOrgPerson))(uid=%uid))</ldapLoginFilter>
|
||||||
|
* <ldapLoginFilterMode>0</ldapLoginFilterMode>
|
||||||
|
* <ldapLoginFilterEmail>0</ldapLoginFilterEmail>
|
||||||
|
* <ldapLoginFilterUsername>1</ldapLoginFilterUsername>
|
||||||
|
* <ldapLoginFilterAttributes></ldapLoginFilterAttributes>
|
||||||
|
* <ldapQuotaAttribute></ldapQuotaAttribute>
|
||||||
|
* <ldapQuotaDefault></ldapQuotaDefault>
|
||||||
|
* <ldapEmailAttribute>mail</ldapEmailAttribute>
|
||||||
|
* <ldapCacheTTL>20</ldapCacheTTL>
|
||||||
|
* <ldapUuidUserAttribute>auto</ldapUuidUserAttribute>
|
||||||
|
* <ldapUuidGroupAttribute>auto</ldapUuidGroupAttribute>
|
||||||
|
* <ldapOverrideMainServer></ldapOverrideMainServer>
|
||||||
|
* <ldapConfigurationActive>1</ldapConfigurationActive>
|
||||||
|
* <ldapAttributesForUserSearch>uid;sn;givenname</ldapAttributesForUserSearch>
|
||||||
|
* <ldapAttributesForGroupSearch></ldapAttributesForGroupSearch>
|
||||||
|
* <ldapExperiencedAdmin>0</ldapExperiencedAdmin>
|
||||||
|
* <homeFolderNamingRule></homeFolderNamingRule>
|
||||||
|
* <hasPagedResultSupport></hasPagedResultSupport>
|
||||||
|
* <hasMemberOfFilterSupport></hasMemberOfFilterSupport>
|
||||||
|
* <useMemberOfToDetectMembership>1</useMemberOfToDetectMembership>
|
||||||
|
* <ldapExpertUsernameAttr>uid</ldapExpertUsernameAttr>
|
||||||
|
* <ldapExpertUUIDUserAttr>uid</ldapExpertUUIDUserAttr>
|
||||||
|
* <ldapExpertUUIDGroupAttr></ldapExpertUUIDGroupAttr>
|
||||||
|
* <lastJpegPhotoLookup>0</lastJpegPhotoLookup>
|
||||||
|
* <ldapNestedGroups>0</ldapNestedGroups>
|
||||||
|
* <ldapPagingSize>500</ldapPagingSize>
|
||||||
|
* <turnOnPasswordChange>1</turnOnPasswordChange>
|
||||||
|
* <ldapDynamicGroupMemberURL></ldapDynamicGroupMemberURL>
|
||||||
|
* </data>
|
||||||
|
* </ocs>
|
||||||
|
*
|
||||||
|
* @param string $configID
|
||||||
|
* @param bool|string $showPassword
|
||||||
|
* @return DataResponse
|
||||||
|
* @throws OCSException
|
||||||
|
*/
|
||||||
|
public function show($configID, $showPassword = false) {
|
||||||
|
try {
|
||||||
|
$this->ensureConfigIDExists($configID);
|
||||||
|
|
||||||
|
$config = new Configuration($configID);
|
||||||
|
$data = $config->getConfiguration();
|
||||||
|
if(!boolval(intval($showPassword))) {
|
||||||
|
$data['ldapAgentPassword'] = '***';
|
||||||
|
}
|
||||||
|
foreach ($data as $key => $value) {
|
||||||
|
if(is_array($value)) {
|
||||||
|
$value = implode(';', $value);
|
||||||
|
$data[$key] = $value;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
} catch(OCSException $e) {
|
||||||
|
throw $e;
|
||||||
|
} catch (\Exception $e) {
|
||||||
|
$this->logger->logException($e);
|
||||||
|
throw new OCSException('An issue occurred when modifying the config.');
|
||||||
|
}
|
||||||
|
|
||||||
|
return new DataResponse($data);
|
||||||
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* if the given config ID is not available, an exception is thrown
|
||||||
|
*
|
||||||
|
* @param string $configID
|
||||||
|
* @throws OCSNotFoundException
|
||||||
|
*/
|
||||||
|
private function ensureConfigIDExists($configID) {
|
||||||
|
$prefixes = $this->ldapHelper->getServerConfigurationPrefixes();
|
||||||
|
if(!in_array($configID, $prefixes, true)) {
|
||||||
|
throw new OCSNotFoundException('Config ID not found');
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
|
@ -105,6 +105,25 @@ class Helper {
|
||||||
return $result;
|
return $result;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* return the next available configuration prefix
|
||||||
|
*
|
||||||
|
* @return string
|
||||||
|
*/
|
||||||
|
public function getNextServerConfigurationPrefix() {
|
||||||
|
$serverConnections = $this->getServerConfigurationPrefixes();
|
||||||
|
|
||||||
|
if(count($serverConnections) === 0) {
|
||||||
|
return 's01';
|
||||||
|
}
|
||||||
|
|
||||||
|
sort($serverConnections);
|
||||||
|
$lastKey = array_pop($serverConnections);
|
||||||
|
$lastNumber = intval(str_replace('s', '', $lastKey));
|
||||||
|
$nextPrefix = 's' . str_pad($lastNumber + 1, 2, '0', STR_PAD_LEFT);
|
||||||
|
return $nextPrefix;
|
||||||
|
}
|
||||||
|
|
||||||
private function getServersConfig($value) {
|
private function getServersConfig($value) {
|
||||||
$regex = '/' . $value . '$/S';
|
$regex = '/' . $value . '$/S';
|
||||||
|
|
||||||
|
|
|
@ -72,6 +72,16 @@ default:
|
||||||
- admin
|
- admin
|
||||||
- admin
|
- admin
|
||||||
regular_user_password: 123456
|
regular_user_password: 123456
|
||||||
|
ldap:
|
||||||
|
paths:
|
||||||
|
- %paths.base%/../ldap_features
|
||||||
|
contexts:
|
||||||
|
- LDAPContext:
|
||||||
|
baseUrl: http://localhost:8080
|
||||||
|
admin:
|
||||||
|
- admin
|
||||||
|
- admin
|
||||||
|
regular_user_password: what_for
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
|
|
@ -0,0 +1,85 @@
|
||||||
|
<?php
|
||||||
|
|
||||||
|
/**
|
||||||
|
* @copyright Copyright (c) 2017 Arthur Schiwon <blizzz@arthur-schiwon.de>
|
||||||
|
*
|
||||||
|
* @author Arthur Schiwon <blizzz@arthur-schiwon.de>
|
||||||
|
*
|
||||||
|
* @license GNU AGPL version 3 or any later version
|
||||||
|
*
|
||||||
|
* This program is free software: you can redistribute it and/or modify
|
||||||
|
* it under the terms of the GNU Affero General Public License as
|
||||||
|
* published by the Free Software Foundation, either version 3 of the
|
||||||
|
* License, or (at your option) any later version.
|
||||||
|
*
|
||||||
|
* This program is distributed in the hope that it will be useful,
|
||||||
|
* but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||||
|
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||||
|
* GNU Affero General Public License for more details.
|
||||||
|
*
|
||||||
|
* You should have received a copy of the GNU Affero General Public License
|
||||||
|
* along with this program. If not, see <http://www.gnu.org/licenses/>.
|
||||||
|
*
|
||||||
|
*/
|
||||||
|
|
||||||
|
use Behat\Behat\Context\Context;
|
||||||
|
use Behat\Gherkin\Node\TableNode;
|
||||||
|
|
||||||
|
class LDAPContext implements Context {
|
||||||
|
use BasicStructure;
|
||||||
|
|
||||||
|
protected $configID;
|
||||||
|
|
||||||
|
protected $apiUrl;
|
||||||
|
|
||||||
|
/**
|
||||||
|
* @Given /^the response should contain a tag "([^"]*)"$/
|
||||||
|
*/
|
||||||
|
public function theResponseShouldContainATag($arg1) {
|
||||||
|
$configID = $this->response->xml()->data[0]->$arg1;
|
||||||
|
PHPUnit_Framework_Assert::assertInstanceOf(SimpleXMLElement::class, $configID[0]);
|
||||||
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* @Given /^creating an LDAP configuration at "([^"]*)"$/
|
||||||
|
*/
|
||||||
|
public function creatingAnLDAPConfigurationAt($apiUrl) {
|
||||||
|
$this->apiUrl = $apiUrl;
|
||||||
|
$this->sendingToWith('POST', $this->apiUrl, null);
|
||||||
|
$configElements = $this->response->xml()->data[0]->configID;
|
||||||
|
$this->configID = $configElements[0];
|
||||||
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* @When /^deleting the LDAP configuration$/
|
||||||
|
*/
|
||||||
|
public function deletingTheLDAPConfiguration() {
|
||||||
|
$this->sendingToWith('DELETE', $this->apiUrl . '/' . $this->configID, null);
|
||||||
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* @Given /^the response should contain a tag "([^"]*)" with value "([^"]*)"$/
|
||||||
|
*/
|
||||||
|
public function theResponseShouldContainATagWithValue($tagName, $expectedValue) {
|
||||||
|
$data = $this->response->xml()->data[0]->$tagName;
|
||||||
|
PHPUnit_Framework_Assert::assertEquals($expectedValue, $data[0]);
|
||||||
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* @When /^getting the LDAP configuration with showPassword "([^"]*)"$/
|
||||||
|
*/
|
||||||
|
public function gettingTheLDAPConfigurationWithShowPassword($showPassword) {
|
||||||
|
$this->sendingToWith(
|
||||||
|
'GET',
|
||||||
|
$this->apiUrl . '/' . $this->configID . '?showPassword=' . $showPassword,
|
||||||
|
null
|
||||||
|
);
|
||||||
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* @Given /^setting the LDAP configuration to$/
|
||||||
|
*/
|
||||||
|
public function settingTheLDAPConfigurationTo(TableNode $configData) {
|
||||||
|
$this->sendingToWith('PUT', $this->apiUrl . '/' . $this->configID, $configData);
|
||||||
|
}
|
||||||
|
}
|
|
@ -0,0 +1,70 @@
|
||||||
|
Feature: LDAP
|
||||||
|
Background:
|
||||||
|
Given using api version "2"
|
||||||
|
|
||||||
|
Scenario: Creating an new, empty configuration
|
||||||
|
Given As an "admin"
|
||||||
|
When sending "POST" to "/apps/user_ldap/api/v1/config"
|
||||||
|
Then the OCS status code should be "200"
|
||||||
|
And the HTTP status code should be "200"
|
||||||
|
And the response should contain a tag "configID"
|
||||||
|
|
||||||
|
Scenario: Delete a non-existing configuration
|
||||||
|
Given As an "admin"
|
||||||
|
When sending "DELETE" to "/apps/user_ldap/api/v1/config/s666"
|
||||||
|
Then the OCS status code should be "404"
|
||||||
|
And the HTTP status code should be "404"
|
||||||
|
|
||||||
|
Scenario: Create and delete a configuration
|
||||||
|
Given As an "admin"
|
||||||
|
And creating an LDAP configuration at "/apps/user_ldap/api/v1/config"
|
||||||
|
When deleting the LDAP configuration
|
||||||
|
Then the OCS status code should be "200"
|
||||||
|
And the HTTP status code should be "200"
|
||||||
|
|
||||||
|
Scenario: Create and modify a configuration
|
||||||
|
Given As an "admin"
|
||||||
|
And creating an LDAP configuration at "/apps/user_ldap/api/v1/config"
|
||||||
|
When setting the LDAP configuration to
|
||||||
|
| configData[ldapHost] | ldaps://my.ldap.server |
|
||||||
|
Then the OCS status code should be "200"
|
||||||
|
And the HTTP status code should be "200"
|
||||||
|
|
||||||
|
Scenario: Modifying a non-existing configuration
|
||||||
|
Given As an "admin"
|
||||||
|
When sending "PUT" to "/apps/user_ldap/api/v1/config/s666" with
|
||||||
|
| configData[ldapHost] | ldaps://my.ldap.server |
|
||||||
|
Then the OCS status code should be "404"
|
||||||
|
And the HTTP status code should be "404"
|
||||||
|
|
||||||
|
Scenario: Modifying an existing configuration with malformed configData
|
||||||
|
Given As an "admin"
|
||||||
|
And creating an LDAP configuration at "/apps/user_ldap/api/v1/config"
|
||||||
|
When setting the LDAP configuration to
|
||||||
|
| configData | ldapHost=ldaps://my.ldap.server |
|
||||||
|
Then the OCS status code should be "400"
|
||||||
|
And the HTTP status code should be "400"
|
||||||
|
|
||||||
|
Scenario: create, modify and get a configuration
|
||||||
|
Given As an "admin"
|
||||||
|
And creating an LDAP configuration at "/apps/user_ldap/api/v1/config"
|
||||||
|
And setting the LDAP configuration to
|
||||||
|
| configData[ldapHost] | ldaps://my.ldap.server |
|
||||||
|
| configData[ldapLoginFilter] | (&(\|(objectclass=inetOrgPerson))(uid=%uid)) |
|
||||||
|
| configData[ldapAgentPassword] | psst,secret |
|
||||||
|
When getting the LDAP configuration with showPassword "0"
|
||||||
|
Then the OCS status code should be "200"
|
||||||
|
And the HTTP status code should be "200"
|
||||||
|
And the response should contain a tag "ldapHost" with value "ldaps://my.ldap.server"
|
||||||
|
And the response should contain a tag "ldapLoginFilter" with value "(&(|(objectclass=inetOrgPerson))(uid=%uid))"
|
||||||
|
And the response should contain a tag "ldapAgentPassword" with value "***"
|
||||||
|
|
||||||
|
Scenario: receiving password in plain text
|
||||||
|
Given As an "admin"
|
||||||
|
And creating an LDAP configuration at "/apps/user_ldap/api/v1/config"
|
||||||
|
And setting the LDAP configuration to
|
||||||
|
| configData[ldapAgentPassword] | psst,secret |
|
||||||
|
When getting the LDAP configuration with showPassword "1"
|
||||||
|
Then the OCS status code should be "200"
|
||||||
|
And the HTTP status code should be "200"
|
||||||
|
And the response should contain a tag "ldapAgentPassword" with value "psst,secret"
|
Loading…
Reference in New Issue