nextcloud/apps/user_ldap/group_ldap.php

126 lines
3.5 KiB
PHP
Raw Blame History

This file contains ambiguous Unicode characters

This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

<?php
/**
* ownCloud LDAP group backend
*
* @author Arthur Schiwon
* @copyright 2012 Arthur Schiwon blizzz@owncloud.com
*
* This library is free software; you can redistribute it and/or
* modify it under the terms of the GNU AFFERO GENERAL PUBLIC LICENSE
* License as published by the Free Software Foundation; either
* version 3 of the License, or any later version.
*
* This library is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU AFFERO GENERAL PUBLIC LICENSE for more details.
*
* You should have received a copy of the GNU Affero General Public
* License along with this library. If not, see <http://www.gnu.org/licenses/>.
*
*/
class OC_GROUP_LDAP extends OC_Group_Backend {
// //group specific settings
protected $ldapGroupFilter;
protected $ldapGroupDisplayName;
public function __construct() {
$this->ldapGroupFilter = OC_Appconfig::getValue('user_ldap', 'ldap_group_filter', '(objectClass=posixGroup)');
$this->ldapGroupDisplayName = OC_Appconfig::getValue('user_ldap', 'ldap_group_display_name', 'cn');
$this->ldapGroupMemberAttr = OC_Appconfig::getValue('user_ldap', 'ldap_group_member_attr', 'memberUid');
}
/**
* @brief is user in group?
* @param $uid uid of the user
* @param $gid gid of the group
* @returns true/false
*
* Checks whether the user is member of a group or not.
*/
public function inGroup($uid, $gid) {
$filter = OC_LDAP::combineFilterWithAnd(array(
$this->ldapGroupFilter,
LDAP_GROUP_MEMBER_ASSOC_ATTR.'='.$uid,
$this->ldapGroupDisplayName.'='.$gid
));
$groups = OC_LDAP::search($filter, $this->ldapGroupDisplayName);
if(count($groups) == 1) {
return true;
} else if(count($groups) < 1) {
return false;
} else {
throw new Exception('Too many groups of the same name!? this exception should never been thrown :)');
}
}
/**
* @brief Get all groups a user belongs to
* @param $uid Name of the user
* @returns array with group names
*
* This function fetches all groups a user belongs to. It does not check
* if the user exists at all.
*/
public function getUserGroups($uid) {
$filter = OC_LDAP::combineFilterWithAnd(array(
$this->ldapGroupFilter,
LDAP_GROUP_MEMBER_ASSOC_ATTR.'='.$uid
));
return $this->retrieveList($filter, $this->ldapGroupDisplayName);
}
/**
* @brief get a list of all users in a group
* @returns array with user ids
*/
public function usersInGroup($gid) {
$filter = OC_LDAP::combineFilterWithAnd(array(
$this->ldapGroupFilter,
$this->ldapGroupDisplayName.'='.$gid
));
return $this->retrieveList($filter, $this->ldapGroupMemberAttr);
}
/**
* @brief get a list of all groups
* @returns array with group names
*
* Returns a list with all groups
*/
public function getGroups() {
$groups = OC_LDAP::search($this->ldapGroupFilter, $this->ldapGroupDisplayName);
if(count($groups) == 0 )
return array();
else {
return array_unique($groups, SORT_LOCALE_STRING);
}
}
/**
* check if a group exists
* @param string $gid
* @return bool
*/
public function groupExists($gid){
return in_array($gid, $this->getGroups());
}
private function retrieveList($filter, $attr) {
$list = OC_LDAP::search($filter, $attr);
if(is_array($list)) {
return array_unique($list, SORT_LOCALE_STRING);
}
//error cause actually, maybe throw an exception in future.
return array();
}
}