2013-01-11 17:13:22 +00:00
|
|
|
<?php
|
|
|
|
/**
|
2016-07-21 14:49:16 +00:00
|
|
|
* @copyright Copyright (c) 2016, ownCloud, Inc.
|
|
|
|
*
|
2016-05-26 17:56:05 +00:00
|
|
|
* @author Arthur Schiwon <blizzz@arthur-schiwon.de>
|
2015-03-26 10:44:34 +00:00
|
|
|
* @author Christopher Schäpers <kondou@ts.unde.re>
|
2016-07-21 14:49:16 +00:00
|
|
|
* @author Joas Schilling <coding@schilljs.com>
|
2016-05-26 17:56:05 +00:00
|
|
|
* @author Lukas Reschke <lukas@statuscode.ch>
|
2015-03-26 10:44:34 +00:00
|
|
|
* @author Morris Jobke <hey@morrisjobke.de>
|
2016-01-12 14:02:16 +00:00
|
|
|
* @author Robin McCorkell <robin@mccorkell.me.uk>
|
2015-03-26 10:44:34 +00:00
|
|
|
* @author Thomas Müller <thomas.mueller@tmit.eu>
|
2016-07-22 08:46:29 +00:00
|
|
|
* @author Roger Szabo <roger.szabo@web.de>
|
2013-01-11 17:13:22 +00:00
|
|
|
*
|
2015-03-26 10:44:34 +00:00
|
|
|
* @license AGPL-3.0
|
2013-01-11 17:13:22 +00:00
|
|
|
*
|
2015-03-26 10:44:34 +00:00
|
|
|
* This code is free software: you can redistribute it and/or modify
|
|
|
|
* it under the terms of the GNU Affero General Public License, version 3,
|
|
|
|
* as published by the Free Software Foundation.
|
2013-01-11 17:13:22 +00:00
|
|
|
*
|
2015-03-26 10:44:34 +00:00
|
|
|
* This program is distributed in the hope that it will be useful,
|
2013-01-11 17:13:22 +00:00
|
|
|
* but WITHOUT ANY WARRANTY; without even the implied warranty of
|
2015-03-26 10:44:34 +00:00
|
|
|
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
|
|
|
* GNU Affero General Public License for more details.
|
2013-01-11 17:13:22 +00:00
|
|
|
*
|
2015-03-26 10:44:34 +00:00
|
|
|
* You should have received a copy of the GNU Affero General Public License, version 3,
|
|
|
|
* along with this program. If not, see <http://www.gnu.org/licenses/>
|
2013-01-11 17:13:22 +00:00
|
|
|
*
|
|
|
|
*/
|
2015-02-26 10:37:37 +00:00
|
|
|
|
2016-05-12 09:01:29 +00:00
|
|
|
namespace OCA\User_LDAP;
|
2013-01-11 17:13:22 +00:00
|
|
|
|
2016-05-12 09:25:50 +00:00
|
|
|
use OCA\User_LDAP\User\User;
|
2015-01-06 22:28:49 +00:00
|
|
|
use OCP\IConfig;
|
2017-03-31 07:16:22 +00:00
|
|
|
use OCP\Notification\IManager as INotificationManager;
|
2013-09-10 15:11:02 +00:00
|
|
|
|
2016-07-22 08:46:29 +00:00
|
|
|
class User_Proxy extends Proxy implements \OCP\IUserBackend, \OCP\UserInterface, IUserLDAP {
|
2013-01-11 17:13:22 +00:00
|
|
|
private $backends = array();
|
|
|
|
private $refBackend = null;
|
|
|
|
|
|
|
|
/**
|
2014-05-19 15:50:53 +00:00
|
|
|
* Constructor
|
2014-05-13 11:29:25 +00:00
|
|
|
* @param array $serverConfigPrefixes array containing the config Prefixes
|
2013-01-11 17:13:22 +00:00
|
|
|
*/
|
2017-03-31 07:16:22 +00:00
|
|
|
public function __construct(array $serverConfigPrefixes, ILDAPWrapper $ldap, IConfig $ocConfig,
|
|
|
|
INotificationManager $notificationManager) {
|
2013-09-10 15:11:02 +00:00
|
|
|
parent::__construct($ldap);
|
2013-01-11 17:13:22 +00:00
|
|
|
foreach($serverConfigPrefixes as $configPrefix) {
|
2014-05-15 20:47:28 +00:00
|
|
|
$this->backends[$configPrefix] =
|
2017-03-31 07:16:22 +00:00
|
|
|
new User_LDAP($this->getAccess($configPrefix), $ocConfig, $notificationManager);
|
2013-01-11 17:13:22 +00:00
|
|
|
if(is_null($this->refBackend)) {
|
|
|
|
$this->refBackend = &$this->backends[$configPrefix];
|
|
|
|
}
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
/**
|
2014-05-19 15:50:53 +00:00
|
|
|
* Tries the backends one after the other until a positive result is returned from the specified method
|
2014-05-13 11:29:25 +00:00
|
|
|
* @param string $uid the uid connected to the request
|
|
|
|
* @param string $method the method of the user backend that shall be called
|
|
|
|
* @param array $parameters an array of parameters to be passed
|
|
|
|
* @return mixed the result of the method or false
|
2013-01-11 17:13:22 +00:00
|
|
|
*/
|
2014-05-15 20:47:28 +00:00
|
|
|
protected function walkBackends($uid, $method, $parameters) {
|
2013-01-11 17:13:22 +00:00
|
|
|
$cacheKey = $this->getUserCacheKey($uid);
|
|
|
|
foreach($this->backends as $configPrefix => $backend) {
|
2014-02-27 15:18:03 +00:00
|
|
|
$instance = $backend;
|
|
|
|
if(!method_exists($instance, $method)
|
|
|
|
&& method_exists($this->getAccess($configPrefix), $method)) {
|
|
|
|
$instance = $this->getAccess($configPrefix);
|
|
|
|
}
|
2014-02-27 15:20:53 +00:00
|
|
|
if($result = call_user_func_array(array($instance, $method), $parameters)) {
|
2013-01-11 17:13:22 +00:00
|
|
|
$this->writeToCache($cacheKey, $configPrefix);
|
|
|
|
return $result;
|
2014-02-27 15:20:53 +00:00
|
|
|
}
|
2013-01-11 17:13:22 +00:00
|
|
|
}
|
|
|
|
return false;
|
|
|
|
}
|
|
|
|
|
|
|
|
/**
|
2014-05-19 15:50:53 +00:00
|
|
|
* Asks the backend connected to the server that supposely takes care of the uid from the request.
|
2014-05-13 11:29:25 +00:00
|
|
|
* @param string $uid the uid connected to the request
|
|
|
|
* @param string $method the method of the user backend that shall be called
|
|
|
|
* @param array $parameters an array of parameters to be passed
|
|
|
|
* @param mixed $passOnWhen the result matches this variable
|
|
|
|
* @return mixed the result of the method or false
|
2013-01-11 17:13:22 +00:00
|
|
|
*/
|
2014-05-15 20:47:28 +00:00
|
|
|
protected function callOnLastSeenOn($uid, $method, $parameters, $passOnWhen) {
|
2013-01-11 17:13:22 +00:00
|
|
|
$cacheKey = $this->getUserCacheKey($uid);
|
|
|
|
$prefix = $this->getFromCache($cacheKey);
|
|
|
|
//in case the uid has been found in the past, try this stored connection first
|
2014-02-28 09:58:51 +00:00
|
|
|
if(!is_null($prefix)) {
|
2013-01-11 17:13:22 +00:00
|
|
|
if(isset($this->backends[$prefix])) {
|
2014-02-27 15:18:03 +00:00
|
|
|
$instance = $this->backends[$prefix];
|
|
|
|
if(!method_exists($instance, $method)
|
|
|
|
&& method_exists($this->getAccess($prefix), $method)) {
|
|
|
|
$instance = $this->getAccess($prefix);
|
|
|
|
}
|
|
|
|
$result = call_user_func_array(array($instance, $method), $parameters);
|
2013-11-25 21:05:00 +00:00
|
|
|
if($result === $passOnWhen) {
|
2013-04-22 23:00:27 +00:00
|
|
|
//not found here, reset cache to null if user vanished
|
|
|
|
//because sometimes methods return false with a reason
|
|
|
|
$userExists = call_user_func_array(
|
|
|
|
array($this->backends[$prefix], 'userExists'),
|
|
|
|
array($uid)
|
|
|
|
);
|
|
|
|
if(!$userExists) {
|
|
|
|
$this->writeToCache($cacheKey, null);
|
|
|
|
}
|
2013-01-11 17:13:22 +00:00
|
|
|
}
|
|
|
|
return $result;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
return false;
|
|
|
|
}
|
|
|
|
|
|
|
|
/**
|
2014-05-19 15:50:53 +00:00
|
|
|
* Check if backend implements actions
|
2014-05-13 11:29:25 +00:00
|
|
|
* @param int $actions bitwise-or'ed actions
|
|
|
|
* @return boolean
|
2013-01-11 17:13:22 +00:00
|
|
|
*
|
|
|
|
* Returns the supported actions as int to be
|
|
|
|
* compared with OC_USER_BACKEND_CREATE_USER etc.
|
|
|
|
*/
|
|
|
|
public function implementsActions($actions) {
|
|
|
|
//it's the same across all our user backends obviously
|
|
|
|
return $this->refBackend->implementsActions($actions);
|
|
|
|
}
|
|
|
|
|
2014-12-12 16:25:03 +00:00
|
|
|
/**
|
|
|
|
* Backend name to be shown in user management
|
|
|
|
* @return string the name of the backend to be shown
|
|
|
|
*/
|
|
|
|
public function getBackendName() {
|
|
|
|
return $this->refBackend->getBackendName();
|
|
|
|
}
|
|
|
|
|
2013-01-11 17:13:22 +00:00
|
|
|
/**
|
2014-05-19 15:50:53 +00:00
|
|
|
* Get a list of all users
|
2013-01-11 17:13:22 +00:00
|
|
|
*
|
2015-06-27 18:35:47 +00:00
|
|
|
* @param string $search
|
|
|
|
* @param null|int $limit
|
|
|
|
* @param null|int $offset
|
|
|
|
* @return string[] an array of all uids
|
2013-01-11 17:13:22 +00:00
|
|
|
*/
|
|
|
|
public function getUsers($search = '', $limit = 10, $offset = 0) {
|
|
|
|
//we do it just as the /OC_User implementation: do not play around with limit and offset but ask all backends
|
|
|
|
$users = array();
|
|
|
|
foreach($this->backends as $backend) {
|
|
|
|
$backendUsers = $backend->getUsers($search, $limit, $offset);
|
|
|
|
if (is_array($backendUsers)) {
|
|
|
|
$users = array_merge($users, $backendUsers);
|
|
|
|
}
|
|
|
|
}
|
|
|
|
return $users;
|
|
|
|
}
|
|
|
|
|
|
|
|
/**
|
2014-05-19 15:50:53 +00:00
|
|
|
* check if a user exists
|
2013-01-11 17:13:22 +00:00
|
|
|
* @param string $uid the username
|
|
|
|
* @return boolean
|
|
|
|
*/
|
|
|
|
public function userExists($uid) {
|
|
|
|
return $this->handleRequest($uid, 'userExists', array($uid));
|
|
|
|
}
|
|
|
|
|
2014-08-21 15:59:13 +00:00
|
|
|
/**
|
|
|
|
* check if a user exists on LDAP
|
2017-04-12 04:16:27 +00:00
|
|
|
* @param string|\OCA\User_LDAP\User\User $user either the Nextcloud user
|
2014-08-21 15:59:13 +00:00
|
|
|
* name or an instance of that user
|
|
|
|
* @return boolean
|
|
|
|
*/
|
|
|
|
public function userExistsOnLDAP($user) {
|
|
|
|
$id = ($user instanceof User) ? $user->getUsername() : $user;
|
|
|
|
return $this->handleRequest($id, 'userExistsOnLDAP', array($user));
|
|
|
|
}
|
|
|
|
|
2013-01-11 17:13:22 +00:00
|
|
|
/**
|
2014-05-19 15:50:53 +00:00
|
|
|
* Check if the password is correct
|
2014-05-13 11:29:25 +00:00
|
|
|
* @param string $uid The username
|
|
|
|
* @param string $password The password
|
|
|
|
* @return bool
|
2013-01-11 17:13:22 +00:00
|
|
|
*
|
|
|
|
* Check if the password is correct without logging in the user
|
|
|
|
*/
|
|
|
|
public function checkPassword($uid, $password) {
|
|
|
|
return $this->handleRequest($uid, 'checkPassword', array($uid, $password));
|
|
|
|
}
|
|
|
|
|
2015-02-20 12:09:33 +00:00
|
|
|
/**
|
|
|
|
* returns the username for the given login name, if available
|
|
|
|
*
|
|
|
|
* @param string $loginName
|
|
|
|
* @return string|false
|
|
|
|
*/
|
|
|
|
public function loginName2UserName($loginName) {
|
|
|
|
$id = 'LOGINNAME,' . $loginName;
|
|
|
|
return $this->handleRequest($id, 'loginName2UserName', array($loginName));
|
|
|
|
}
|
2016-07-22 08:46:29 +00:00
|
|
|
|
|
|
|
/**
|
|
|
|
* returns the username for the given LDAP DN, if available
|
|
|
|
*
|
|
|
|
* @param string $dn
|
2016-07-27 07:16:57 +00:00
|
|
|
* @return string|false with the username
|
2016-07-22 08:46:29 +00:00
|
|
|
*/
|
|
|
|
public function dn2UserName($dn) {
|
|
|
|
$id = 'DN,' . $dn;
|
|
|
|
return $this->handleRequest($id, 'dn2UserName', array($dn));
|
|
|
|
}
|
2015-02-20 12:09:33 +00:00
|
|
|
|
2013-01-11 17:13:22 +00:00
|
|
|
/**
|
2014-05-19 15:50:53 +00:00
|
|
|
* get the user's home directory
|
2013-01-11 17:13:22 +00:00
|
|
|
* @param string $uid the username
|
|
|
|
* @return boolean
|
|
|
|
*/
|
|
|
|
public function getHome($uid) {
|
|
|
|
return $this->handleRequest($uid, 'getHome', array($uid));
|
|
|
|
}
|
|
|
|
|
2013-01-31 20:19:24 +00:00
|
|
|
/**
|
2014-05-19 15:50:53 +00:00
|
|
|
* get display name of the user
|
2014-05-13 11:29:25 +00:00
|
|
|
* @param string $uid user ID of the user
|
|
|
|
* @return string display name
|
2013-01-31 20:19:24 +00:00
|
|
|
*/
|
|
|
|
public function getDisplayName($uid) {
|
|
|
|
return $this->handleRequest($uid, 'getDisplayName', array($uid));
|
|
|
|
}
|
|
|
|
|
2013-11-22 12:24:38 +00:00
|
|
|
/**
|
2017-04-12 04:16:27 +00:00
|
|
|
* checks whether the user is allowed to change his avatar in Nextcloud
|
|
|
|
* @param string $uid the Nextcloud user name
|
2013-11-22 12:24:38 +00:00
|
|
|
* @return boolean either the user can or cannot
|
|
|
|
*/
|
|
|
|
public function canChangeAvatar($uid) {
|
2013-11-25 21:05:00 +00:00
|
|
|
return $this->handleRequest($uid, 'canChangeAvatar', array($uid), true);
|
2013-11-22 12:24:38 +00:00
|
|
|
}
|
|
|
|
|
2013-01-31 20:19:24 +00:00
|
|
|
/**
|
|
|
|
* Get a list of all display names and user ids.
|
2015-06-27 18:35:47 +00:00
|
|
|
* @param string $search
|
|
|
|
* @param string|null $limit
|
|
|
|
* @param string|null $offset
|
|
|
|
* @return array an array of all displayNames (value) and the corresponding uids (key)
|
2013-01-31 20:19:24 +00:00
|
|
|
*/
|
|
|
|
public function getDisplayNames($search = '', $limit = null, $offset = null) {
|
|
|
|
//we do it just as the /OC_User implementation: do not play around with limit and offset but ask all backends
|
|
|
|
$users = array();
|
|
|
|
foreach($this->backends as $backend) {
|
|
|
|
$backendUsers = $backend->getDisplayNames($search, $limit, $offset);
|
|
|
|
if (is_array($backendUsers)) {
|
2013-05-08 15:54:38 +00:00
|
|
|
$users = $users + $backendUsers;
|
2013-01-31 20:19:24 +00:00
|
|
|
}
|
|
|
|
}
|
|
|
|
return $users;
|
|
|
|
}
|
|
|
|
|
2013-01-11 17:13:22 +00:00
|
|
|
/**
|
2014-05-19 15:50:53 +00:00
|
|
|
* delete a user
|
2014-05-13 11:29:25 +00:00
|
|
|
* @param string $uid The username of the user to delete
|
|
|
|
* @return bool
|
2013-01-11 17:13:22 +00:00
|
|
|
*
|
|
|
|
* Deletes a user
|
|
|
|
*/
|
|
|
|
public function deleteUser($uid) {
|
2014-08-21 15:59:13 +00:00
|
|
|
return $this->handleRequest($uid, 'deleteUser', array($uid));
|
2013-01-11 17:13:22 +00:00
|
|
|
}
|
2016-08-30 09:43:29 +00:00
|
|
|
|
|
|
|
/**
|
|
|
|
* Set password
|
|
|
|
* @param string $uid The username
|
|
|
|
* @param string $password The new password
|
|
|
|
* @return bool
|
|
|
|
*
|
|
|
|
*/
|
|
|
|
public function setPassword($uid, $password) {
|
|
|
|
return $this->handleRequest($uid, 'setPassword', array($uid, $password));
|
|
|
|
}
|
2013-02-11 21:01:52 +00:00
|
|
|
|
|
|
|
/**
|
|
|
|
* @return bool
|
|
|
|
*/
|
|
|
|
public function hasUserListings() {
|
2013-02-12 12:10:26 +00:00
|
|
|
return $this->refBackend->hasUserListings();
|
2013-02-11 21:01:52 +00:00
|
|
|
}
|
|
|
|
|
2014-01-08 11:07:57 +00:00
|
|
|
/**
|
2014-05-19 15:50:53 +00:00
|
|
|
* Count the number of users
|
2014-05-13 11:29:25 +00:00
|
|
|
* @return int|bool
|
2014-01-08 11:07:57 +00:00
|
|
|
*/
|
|
|
|
public function countUsers() {
|
|
|
|
$users = false;
|
|
|
|
foreach($this->backends as $backend) {
|
|
|
|
$backendUsers = $backend->countUsers();
|
|
|
|
if ($backendUsers !== false) {
|
|
|
|
$users += $backendUsers;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
return $users;
|
|
|
|
}
|
|
|
|
|
2016-07-22 08:46:29 +00:00
|
|
|
/**
|
|
|
|
* Return access for LDAP interaction.
|
|
|
|
* @param string $uid
|
|
|
|
* @return Access instance of Access for LDAP interaction
|
|
|
|
*/
|
|
|
|
public function getLDAPAccess($uid) {
|
|
|
|
return $this->handleRequest($uid, 'getLDAPAccess', array($uid));
|
|
|
|
}
|
|
|
|
|
|
|
|
/**
|
|
|
|
* Return a new LDAP connection for the specified user.
|
|
|
|
* The connection needs to be closed manually.
|
|
|
|
* @param string $uid
|
|
|
|
* @return resource of the LDAP connection
|
|
|
|
*/
|
|
|
|
public function getNewLDAPConnection($uid) {
|
|
|
|
return $this->handleRequest($uid, 'getNewLDAPConnection', array($uid));
|
|
|
|
}
|
2013-08-18 09:02:08 +00:00
|
|
|
}
|