* * @author Arthur Schiwon * * @license GNU AGPL version 3 or any later version * * This program is free software: you can redistribute it and/or modify * it under the terms of the GNU Affero General Public License as * published by the Free Software Foundation, either version 3 of the * License, or (at your option) any later version. * * This program is distributed in the hope that it will be useful, * but WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * GNU Affero General Public License for more details. * * You should have received a copy of the GNU Affero General Public License * along with this program. If not, see . * */ namespace OCA\User_LDAP\Controller; use OC\CapabilitiesManager; use OC\Core\Controller\OCSController; use OC\Security\IdentityProof\Manager; use OCA\User_LDAP\Configuration; use OCA\User_LDAP\Helper; use OCP\AppFramework\Http\DataResponse; use OCP\AppFramework\OCS\OCSBadRequestException; use OCP\AppFramework\OCS\OCSException; use OCP\AppFramework\OCS\OCSNotFoundException; use OCP\ILogger; use OCP\IRequest; use OCP\IUserManager; use OCP\IUserSession; class ConfigAPIController extends OCSController { /** @var Helper */ private $ldapHelper; /** @var ILogger */ private $logger; public function __construct( $appName, IRequest $request, CapabilitiesManager $capabilitiesManager, IUserSession $userSession, IUserManager $userManager, Manager $keyManager, Helper $ldapHelper, ILogger $logger ) { parent::__construct( $appName, $request, $capabilitiesManager, $userSession, $userManager, $keyManager ); $this->ldapHelper = $ldapHelper; $this->logger = $logger; } /** * creates a new (empty) configuration and returns the resulting prefix * * Example: curl -X POST -H "OCS-APIREQUEST: true" -u $admin:$password \ * https://nextcloud.server/ocs/v2.php/apps/user_ldap/api/v1/config * * results in: * * * * * ok * 200 * OK * * * s40 * * * * Failing example: if an exception is thrown (e.g. Database connection lost) * the detailed error will be logged. The output will then look like: * * * * * failure * 999 * An issue occurred when creating the new config. * * * * * For JSON output provide the format=json parameter * * @return DataResponse * @throws OCSException */ public function create() { try { $configPrefix = $this->ldapHelper->getNextServerConfigurationPrefix(); $configHolder = new Configuration($configPrefix); $configHolder->saveConfiguration(); } catch (\Exception $e) { $this->logger->logException($e); throw new OCSException('An issue occurred when creating the new config.'); } return new DataResponse(['configID' => $configPrefix]); } /** * Deletes a LDAP configuration, if present. * * Example: * curl -X DELETE -H "OCS-APIREQUEST: true" -u $admin:$password \ * https://nextcloud.server/ocs/v2.php/apps/user_ldap/api/v1/config/s60 * * * * * ok * 200 * OK * * * * * @param string $configID * @return DataResponse * @throws OCSBadRequestException * @throws OCSException */ public function delete($configID) { try { $this->ensureConfigIDExists($configID); if(!$this->ldapHelper->deleteServerConfiguration($configID)) { throw new OCSException('Could not delete configuration'); } } catch(OCSException $e) { throw $e; } catch(\Exception $e) { $this->logger->logException($e); throw new OCSException('An issue occurred when deleting the config.'); } return new DataResponse(); } /** * modifies a configuration * * Example: * curl -X PUT -d "configData[ldapHost]=ldaps://my.ldap.server&configData[ldapPort]=636" \ * -H "OCS-APIREQUEST: true" -u $admin:$password \ * https://nextcloud.server/ocs/v2.php/apps/user_ldap/api/v1/config/s60 * * * * * ok * 200 * OK * * * * * @param string $configID * @param array $configData * @return DataResponse * @throws OCSException */ public function modify($configID, $configData) { try { $this->ensureConfigIDExists($configID); if(!is_array($configData)) { throw new OCSBadRequestException('configData is not properly set'); } $configuration = new Configuration($configID); $configKeys = $configuration->getConfigTranslationArray(); foreach ($configKeys as $i => $key) { if(isset($configData[$key])) { $configuration->$key = $configData[$key]; } } $configuration->saveConfiguration(); } catch(OCSException $e) { throw $e; } catch (\Exception $e) { $this->logger->logException($e); throw new OCSException('An issue occurred when modifying the config.'); } return new DataResponse(); } /** * retrieves a configuration * * * * * ok * 200 * OK * * * ldaps://my.ldap.server * 7770 * * * ou=small,dc=my,dc=ldap,dc=server * ou=users,ou=small,dc=my,dc=ldap,dc=server * ou=small,dc=my,dc=ldap,dc=server * cn=root,dc=my,dc=ldap,dc=server * clearTextWithShowPassword=1 * 1 * 0 * * displayname * uid * inetOrgPerson * * (&(objectclass=nextcloudUser)(nextcloudEnabled=TRUE)) * 1 * (&(|(objectclass=nextcloudGroup))) * 0 * nextcloudGroup * * cn * memberUid * (&(|(objectclass=inetOrgPerson))(uid=%uid)) * 0 * 0 * 1 * * * * mail * 20 * auto * auto * * 1 * uid;sn;givenname * * 0 * * * * 1 * uid * uid * * 0 * 0 * 500 * 1 * * * * * @param string $configID * @param bool|string $showPassword * @return DataResponse * @throws OCSException */ public function show($configID, $showPassword = false) { try { $this->ensureConfigIDExists($configID); $config = new Configuration($configID); $data = $config->getConfiguration(); if(!boolval(intval($showPassword))) { $data['ldapAgentPassword'] = '***'; } foreach ($data as $key => $value) { if(is_array($value)) { $value = implode(';', $value); $data[$key] = $value; } } } catch(OCSException $e) { throw $e; } catch (\Exception $e) { $this->logger->logException($e); throw new OCSException('An issue occurred when modifying the config.'); } return new DataResponse($data); } /** * if the given config ID is not available, an exception is thrown * * @param string $configID * @throws OCSNotFoundException */ private function ensureConfigIDExists($configID) { $prefixes = $this->ldapHelper->getServerConfigurationPrefixes(); if(!in_array($configID, $prefixes, true)) { throw new OCSNotFoundException('Config ID not found'); } } }