mbk-lab
/
nextcloud
2
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

LDAP: Make update script escape all known DNs. Requires version bump.

This commit is contained in:
Arthur Schiwon 2012-11-17 00:03:35 +01:00
parent 124e4ba53c
commit fd71023dd6
2 changed files with 33 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

37
apps/user_ldap/appinfo/update.php
View File

@ -34,22 +34,49 @@ $groupBE = new \OCA\user_ldap\GROUP_LDAP();
$groupBE->setConnector($connector);
foreach($objects as $object) {
$fetchDNSql = 'SELECT `ldap_dn`, `owncloud_name` FROM `*PREFIX*ldap_'.$object.'_mapping` WHERE `directory_uuid` = \'\'';
$updateSql = 'UPDATE `*PREFIX*ldap_'.$object.'_mapping` SET `ldap_DN` = ?, `directory_uuid` = ? WHERE `ldap_dn` = ?';
$fetchDNSql = '
SELECT `ldap_dn`, `owncloud_name`, `directory_uuid`
FROM `*PREFIX*ldap_'.$object.'_mapping`';
$updateSql = '
UPDATE `*PREFIX*ldap_'.$object.'_mapping`
SET `ldap_DN` = ?, `directory_uuid` = ?
WHERE `ldap_dn` = ?';
$query = OCP\DB::prepare($fetchDNSql);
$res = $query->execute();
$DNs = $res->fetchAll();
$updateQuery = OCP\DB::prepare($updateSql);
foreach($DNs as $dn) {
$newDN = mb_strtolower($dn['ldap_dn'], 'UTF-8');
if($object == 'user') {
$newDN = escapeDN(mb_strtolower($dn['ldap_dn'], 'UTF-8'));
if(!empty($dn['directory_uuid'])) {
$uuid = $dn['directory_uuid'];
} elseif($object == 'user') {
$uuid = $userBE->getUUID($newDN);
//fix home folder to avoid new ones depending on the configuration
$userBE->getHome($dn['owncloud_name']);
} else {
$uuid = $groupBE->getUUID($newDN);
}
$updateQuery->execute(array($newDN, $uuid, $dn['ldap_dn']));
try {
$updateQuery->execute(array($newDN, $uuid, $dn['ldap_dn']));
} catch(Exception $e) {
\OCP\Util::writeLog('user_ldap', 'Could not update '.$object.' '.$dn['ldap_dn'].' in the mappings table. ', \OCP\Util::WARN);
}
}
}
function escapeDN($dn) {
$aDN = ldap_explode_dn($dn, false);
unset($aDN['count']);
foreach($aDN as $key => $part) {
$value = substr($part, strpos($part, '=')+1);
$escapedValue = strtr($value, Array(','=>'\2c', '='=>'\3d', '+'=>'\2b',
'<'=>'\3c', '>'=>'\3e', ';'=>'\3b', '\\'=>'\5c',
'"'=>'\22', '#'=>'\23'));
$part = str_replace($part, $value, $escapedValue);
}
$dn = implode(',', $aDN);
return $dn;
}

2
apps/user_ldap/appinfo/version
View File

@ -1 +1 @@
0.3.0.0
0.3.0.1