nextcloud/apps/user_ldap/lib/configuration.php

378 lines
11 KiB
PHP
Raw Blame History

This file contains ambiguous Unicode characters

This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

<?php
/**
* ownCloud LDAP Connection
*
* @author Arthur Schiwon
* @copyright 2012, 2013 Arthur Schiwon blizzz@owncloud.com
*
* This library is free software; you can redistribute it and/or
* modify it under the terms of the GNU AFFERO GENERAL PUBLIC LICENSE
* License as published by the Free Software Foundation; either
* version 3 of the License, or any later version.
*
* This library is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU AFFERO GENERAL PUBLIC LICENSE for more details.
*
* You should have received a copy of the GNU Affero General Public
* License along with this library. If not, see <http://www.gnu.org/licenses/>.
*
*/
namespace OCA\user_ldap\lib;
class Configuration {
protected $configPrefix = null;
protected $configRead = false;
//settings
protected $config = array(
'ldapHost' => null,
'ldapPort' => null,
'ldapBackupHost' => null,
'ldapBackupPort' => null,
'ldapBase' => null,
'ldapBaseUsers' => null,
'ldapBaseGroups' => null,
'ldapAgentName' => null,
'ldapAgentPassword' => null,
'ldapTLS' => null,
'ldapNoCase' => null,
'turnOffCertCheck' => null,
'ldapIgnoreNamingRules' => null,
'ldapUserDisplayName' => null,
'ldapUserFilterObjectclass' => null,
'ldapUserFilterGroups' => null,
'ldapUserFilter' => null,
'ldapGroupFilter' => null,
'ldapGroupFilterObjectclass' => null,
'ldapGroupFilterGroups' => null,
'ldapGroupDisplayName' => null,
'ldapGroupMemberAssocAttr' => null,
'ldapLoginFilter' => null,
'ldapLoginFilterEmail' => null,
'ldapLoginFilterUsername' => null,
'ldapLoginFilterAttributes' => null,
'ldapQuotaAttribute' => null,
'ldapQuotaDefault' => null,
'ldapEmailAttribute' => null,
'ldapCacheTTL' => null,
'ldapUuidAttribute' => 'auto',
'ldapOverrideUuidAttribute' => null,
'ldapOverrideMainServer' => false,
'ldapConfigurationActive' => false,
'ldapAttributesForUserSearch' => null,
'ldapAttributesForGroupSearch' => null,
'homeFolderNamingRule' => null,
'hasPagedResultSupport' => false,
'hasMemberOfFilterSupport' => false,
'ldapExpertUsernameAttr' => null,
'ldapExpertUUIDAttr' => null,
);
public function __construct($configPrefix, $autoread = true) {
$this->configPrefix = $configPrefix;
if($autoread) {
$this->readConfiguration();
}
}
public function __get($name) {
if(isset($this->config[$name])) {
return $this->config[$name];
}
}
public function __set($name, $value) {
$this->setConfiguration(array($name => $value));
}
public function getConfiguration() {
return $this->config;
}
/**
* @brief set LDAP configuration with values delivered by an array, not read
* from configuration. It does not save the configuration! To do so, you
* must call saveConfiguration afterwards.
* @param $config array that holds the config parameters in an associated
* array
* @param &$applied optional; array where the set fields will be given to
* @return null
*/
public function setConfiguration($config, &$applied = null) {
if(!is_array($config)) {
return false;
}
$cta = $this->getConfigTranslationArray();
foreach($config as $inputkey => $val) {
if(strpos($inputkey, '_') !== false && isset($cta[$inputkey])) {
$key = $cta[$inputkey];
} elseif(isset($this->config[$inputkey])) {
$key = $inputkey;
} else {
continue;
}
$setMethod = 'setValue';
switch($key) {
case 'homeFolderNamingRule':
if(!empty($val) && strpos($val, 'attr:') === false) {
$val = 'attr:'.$val;
}
case 'ldapBase':
case 'ldapBaseUsers':
case 'ldapBaseGroups':
case 'ldapAttributesForUserSearch':
case 'ldapAttributesForGroupSearch':
case 'ldapUserFilterObjectclass':
case 'ldapUserFilterGroups':
case 'ldapGroupFilterObjectclass':
case 'ldapGroupFilterGroups':
case 'ldapLoginFilterAttributes':
$setMethod = 'setMultiLine';
default:
$this->$setMethod($key, $val);
if(is_array($applied)) {
$applied[] = $inputkey;
}
}
}
}
public function readConfiguration() {
if(!$this->configRead && !is_null($this->configPrefix)) {
$cta = array_flip($this->getConfigTranslationArray());
foreach($this->config as $key => $val) {
if(!isset($cta[$key])) {
//some are determined
continue;
}
$dbkey = $cta[$key];
switch($key) {
case 'ldapBase':
case 'ldapBaseUsers':
case 'ldapBaseGroups':
case 'ldapAttributesForUserSearch':
case 'ldapAttributesForGroupSearch':
case 'ldapUserFilterObjectclass':
case 'ldapUserFilterGroups':
case 'ldapGroupFilterObjectclass':
case 'ldapGroupFilterGroups':
case 'ldapLoginFilterAttributes':
$readMethod = 'getMultiLine';
break;
case 'ldapIgnoreNamingRules':
$readMethod = 'getSystemValue';
$dbkey = $key;
break;
case 'ldapAgentPassword':
$readMethod = 'getPwd';
break;
case 'ldapUserDisplayName':
case 'ldapGroupDisplayName':
$readMethod = 'getLcValue';
break;
default:
$readMethod = 'getValue';
break;
}
$this->config[$key] = $this->$readMethod($dbkey);
}
$this->configRead = true;
}
}
/**
* @brief saves the current Configuration in the database
*/
public function saveConfiguration() {
$cta = array_flip($this->getConfigTranslationArray());
foreach($this->config as $key => $value) {
switch ($key) {
case 'ldapAgentPassword':
$value = base64_encode($value);
break;
case 'ldapBase':
case 'ldapBaseUsers':
case 'ldapBaseGroups':
case 'ldapAttributesForUserSearch':
case 'ldapAttributesForGroupSearch':
case 'ldapUserFilterObjectclass':
case 'ldapUserFilterGroups':
case 'ldapGroupFilterObjectclass':
case 'ldapGroupFilterGroups':
case 'ldapLoginFilterAttributes':
if(is_array($value)) {
$value = implode("\n", $value);
}
break;
//following options are not stored but detected, skip them
case 'ldapIgnoreNamingRules':
case 'ldapOverrideUuidAttribute':
case 'hasPagedResultSupport':
case 'ldapUuidAttribute':
continue 2;
}
if(is_null($value)) {
$value = '';
}
$this->saveValue($cta[$key], $value);
}
}
protected function getMultiLine($varname) {
$value = $this->getValue($varname);
if(empty($value)) {
$value = '';
} else {
$value = preg_split('/\r\n|\r|\n/', $value);
}
return $value;
}
protected function setMultiLine($varname, $value) {
if(empty($value)) {
$value = '';
} else {
$value = preg_split('/\r\n|\r|\n/', $value);
}
$this->setValue($varname, $value);
}
protected function getPwd($varname) {
return base64_decode($this->getValue($varname));
}
protected function getLcValue($varname) {
return mb_strtolower($this->getValue($varname), 'UTF-8');
}
protected function getSystemValue($varname) {
//FIXME: if another system value is added, softcode the default value
return \OCP\Config::getSystemValue($varname, false);
}
protected function getValue($varname) {
static $defaults;
if(is_null($defaults)) {
$defaults = $this->getDefaults();
}
return \OCP\Config::getAppValue('user_ldap',
$this->configPrefix.$varname,
$defaults[$varname]);
}
protected function setValue($varname, $value) {
$this->config[$varname] = $value;
}
protected function saveValue($varname, $value) {
return \OCP\Config::setAppValue('user_ldap',
$this->configPrefix.$varname,
$value);
}
/**
* @returns an associative array with the default values. Keys are correspond
* to config-value entries in the database table
*/
public function getDefaults() {
return array(
'ldap_host' => '',
'ldap_port' => '389',
'ldap_backup_host' => '',
'ldap_backup_port' => '',
'ldap_override_main_server' => '',
'ldap_dn' => '',
'ldap_agent_password' => '',
'ldap_base' => '',
'ldap_base_users' => '',
'ldap_base_groups' => '',
'ldap_userlist_filter' => 'objectClass=person',
'ldap_userfilter_objectclass' => '',
'ldap_userfilter_groups' => '',
'ldap_login_filter' => 'uid=%uid',
'ldap_loginfilter_email' => 0,
'ldap_loginfilter_username' => 1,
'ldap_loginfilter_attributes' => '',
'ldap_group_filter' => 'objectClass=posixGroup',
'ldap_groupfilter_objectclass' => '',
'ldap_groupfilter_groups' => '',
'ldap_display_name' => 'cn',
'ldap_group_display_name' => 'cn',
'ldap_tls' => 1,
'ldap_nocase' => 0,
'ldap_quota_def' => '',
'ldap_quota_attr' => '',
'ldap_email_attr' => '',
'ldap_group_member_assoc_attribute' => 'uniqueMember',
'ldap_cache_ttl' => 600,
'ldap_uuid_attribute' => 'auto',
'ldap_override_uuid_attribute' => 0,
'home_folder_naming_rule' => '',
'ldap_turn_off_cert_check' => 0,
'ldap_configuration_active' => 1,
'ldap_attributes_for_user_search' => '',
'ldap_attributes_for_group_search' => '',
'ldap_expert_username_attr' => '',
'ldap_expert_uuid_attr' => '',
'has_memberof_filter_support' => 0,
);
}
/**
* @return returns an array that maps internal variable names to database fields
*/
public function getConfigTranslationArray() {
//TODO: merge them into one representation
static $array = array(
'ldap_host' => 'ldapHost',
'ldap_port' => 'ldapPort',
'ldap_backup_host' => 'ldapBackupHost',
'ldap_backup_port' => 'ldapBackupPort',
'ldap_override_main_server' => 'ldapOverrideMainServer',
'ldap_dn' => 'ldapAgentName',
'ldap_agent_password' => 'ldapAgentPassword',
'ldap_base' => 'ldapBase',
'ldap_base_users' => 'ldapBaseUsers',
'ldap_base_groups' => 'ldapBaseGroups',
'ldap_userfilter_objectclass' => 'ldapUserFilterObjectclass',
'ldap_userfilter_groups' => 'ldapUserFilterGroups',
'ldap_userlist_filter' => 'ldapUserFilter',
'ldap_login_filter' => 'ldapLoginFilter',
'ldap_loginfilter_email' => 'ldapLoginFilterEmail',
'ldap_loginfilter_username' => 'ldapLoginFilterUsername',
'ldap_loginfilter_attributes' => 'ldapLoginFilterAttributes',
'ldap_group_filter' => 'ldapGroupFilter',
'ldap_groupfilter_objectclass' => 'ldapGroupFilterObjectclass',
'ldap_groupfilter_groups' => 'ldapGroupFilterGroups',
'ldap_display_name' => 'ldapUserDisplayName',
'ldap_group_display_name' => 'ldapGroupDisplayName',
'ldap_tls' => 'ldapTLS',
'ldap_nocase' => 'ldapNoCase',
'ldap_quota_def' => 'ldapQuotaDefault',
'ldap_quota_attr' => 'ldapQuotaAttribute',
'ldap_email_attr' => 'ldapEmailAttribute',
'ldap_group_member_assoc_attribute' => 'ldapGroupMemberAssocAttr',
'ldap_cache_ttl' => 'ldapCacheTTL',
'home_folder_naming_rule' => 'homeFolderNamingRule',
'ldap_turn_off_cert_check' => 'turnOffCertCheck',
'ldap_configuration_active' => 'ldapConfigurationActive',
'ldap_attributes_for_user_search' => 'ldapAttributesForUserSearch',
'ldap_attributes_for_group_search' => 'ldapAttributesForGroupSearch',
'ldap_expert_username_attr' => 'ldapExpertUsernameAttr',
'ldap_expert_uuid_attr' => 'ldapExpertUUIDAttr',
'has_memberof_filter_support' => 'hasMemberOfFilterSupport',
);
return $array;
}
}