LDAP: make it possible to enable/disable server configurations
This commit is contained in:
parent
6bc7256966
commit
2749a14171
6 changed files with 52 additions and 14 deletions
|
@ -23,7 +23,7 @@
|
|||
|
||||
OCP\App::registerAdmin('user_ldap', 'settings');
|
||||
|
||||
$configPrefixes = OCA\user_ldap\lib\Helper::getServerConfigurationPrefixes();
|
||||
$configPrefixes = OCA\user_ldap\lib\Helper::getServerConfigurationPrefixes(true);
|
||||
if(count($configPrefixes) == 1) {
|
||||
$connector = new OCA\user_ldap\lib\Connection($configPrefixes[0]);
|
||||
$userBackend = new OCA\user_ldap\USER_LDAP();
|
||||
|
@ -35,9 +35,11 @@ if(count($configPrefixes) == 1) {
|
|||
$groupBackend = new OCA\user_ldap\Group_Proxy($configPrefixes);
|
||||
}
|
||||
|
||||
// register user backend
|
||||
OC_User::useBackend($userBackend);
|
||||
OC_Group::useBackend($groupBackend);
|
||||
if(count($configPrefixes) > 0) {
|
||||
// register user backend
|
||||
OC_User::useBackend($userBackend);
|
||||
OC_Group::useBackend($groupBackend);
|
||||
}
|
||||
|
||||
// add settings page to navigation
|
||||
$entry = array(
|
||||
|
|
|
@ -22,12 +22,10 @@ if($state == 'unset') {
|
|||
OCP\Config::setSystemValue('ldapIgnoreNamingRules', false);
|
||||
}
|
||||
|
||||
// ### SUPPORTED upgrade path starts here ###
|
||||
|
||||
//from version 0.2 to 0.3 (0.2.0.x dev version)
|
||||
$objects = array('user', 'group');
|
||||
|
||||
$connector = new \OCA\user_ldap\lib\Connection('user_ldap');
|
||||
$connector = new \OCA\user_ldap\lib\Connection();
|
||||
$userBE = new \OCA\user_ldap\USER_LDAP();
|
||||
$userBE->setConnector($connector);
|
||||
$groupBE = new \OCA\user_ldap\GROUP_LDAP();
|
||||
|
@ -80,3 +78,13 @@ function escapeDN($dn) {
|
|||
|
||||
return $dn;
|
||||
}
|
||||
|
||||
|
||||
// SUPPORTED UPGRADE FROM Version 0.3 (ownCloud 4.5) to 0.4 (ownCloud 5)
|
||||
|
||||
if(!isset($connector)) {
|
||||
$connector = new \OCA\user_ldap\lib\Connection();
|
||||
}
|
||||
//it is required, that connections do habe ldap_configuration_active setting stored in the database
|
||||
$connector->getConfiguration();
|
||||
$connector->saveConfiguration();
|
|
@ -1 +1 @@
|
|||
0.3.0.1
|
||||
0.3.9.0
|
|
@ -60,6 +60,7 @@ class Connection {
|
|||
'ldapUuidAttribute' => null,
|
||||
'ldapOverrideUuidAttribute' => null,
|
||||
'ldapOverrideMainServer' => false,
|
||||
'ldapConfigurationActive' => false,
|
||||
'homeFolderNamingRule' => null,
|
||||
'hasPagedResultSupport' => false,
|
||||
);
|
||||
|
@ -174,7 +175,8 @@ class Connection {
|
|||
if(!$this->configured) {
|
||||
$this->readConfiguration();
|
||||
}
|
||||
if(!$this->config['ldapCacheTTL']) {
|
||||
if(!$this->config['ldapCacheTTL']
|
||||
|| !$this->config['ldapConfigurationActive']) {
|
||||
return null;
|
||||
}
|
||||
$key = $this->getCacheKey($key);
|
||||
|
@ -255,6 +257,8 @@ class Connection {
|
|||
= $this->$v('ldap_override_uuid_attribute');
|
||||
$this->config['homeFolderNamingRule']
|
||||
= $this->$v('home_folder_naming_rule');
|
||||
$this->config['ldapConfigurationActive']
|
||||
= $this->$v('ldap_configuration_active');
|
||||
|
||||
$this->configured = $this->validateConfiguration();
|
||||
}
|
||||
|
@ -263,7 +267,7 @@ class Connection {
|
|||
private function getConfigTranslationArray() {
|
||||
static $array = array('ldap_host'=>'ldapHost', 'ldap_port'=>'ldapPort', 'ldap_backup_host'=>'ldapBackupHost', 'ldap_backup_port'=>'ldapBackupPort', 'ldap_override_main_server' => 'ldapOverrideMainServer', 'ldap_dn'=>'ldapAgentName', 'ldap_agent_password'=>'ldapAgentPassword', 'ldap_base'=>'ldapBase', 'ldap_base_users'=>'ldapBaseUsers', 'ldap_base_groups'=>'ldapBaseGroups', 'ldap_userlist_filter'=>'ldapUserFilter', 'ldap_login_filter'=>'ldapLoginFilter', 'ldap_group_filter'=>'ldapGroupFilter', 'ldap_display_name'=>'ldapUserDisplayName', 'ldap_group_display_name'=>'ldapGroupDisplayName',
|
||||
|
||||
'ldap_tls'=>'ldapTLS', 'ldap_nocase'=>'ldapNoCase', 'ldap_quota_def'=>'ldapQuotaDefault', 'ldap_quota_attr'=>'ldapQuotaAttribute', 'ldap_email_attr'=>'ldapEmailAttribute', 'ldap_group_member_assoc_attribute'=>'ldapGroupMemberAssocAttr', 'ldap_cache_ttl'=>'ldapCacheTTL', 'home_folder_naming_rule' => 'homeFolderNamingRule', 'ldap_turn_off_cert_check' => 'turnOffCertCheck');
|
||||
'ldap_tls'=>'ldapTLS', 'ldap_nocase'=>'ldapNoCase', 'ldap_quota_def'=>'ldapQuotaDefault', 'ldap_quota_attr'=>'ldapQuotaAttribute', 'ldap_email_attr'=>'ldapEmailAttribute', 'ldap_group_member_assoc_attribute'=>'ldapGroupMemberAssocAttr', 'ldap_cache_ttl'=>'ldapCacheTTL', 'home_folder_naming_rule' => 'homeFolderNamingRule', 'ldap_turn_off_cert_check' => 'turnOffCertCheck', 'ldap_configuration_active' => 'ldapConfigurationActive');
|
||||
return $array;
|
||||
}
|
||||
|
||||
|
@ -310,6 +314,13 @@ class Connection {
|
|||
case 'homeFolderNamingRule':
|
||||
$value = empty($value) ? 'opt:username' : 'attr:'.$value;
|
||||
break;
|
||||
case 'ldapBase':
|
||||
case 'ldapBaseUsers':
|
||||
case 'ldapBaseGroups':
|
||||
if(is_array($value)){
|
||||
$value = implode("\n", $value);
|
||||
}
|
||||
break;
|
||||
case 'ldapIgnoreNamingRules':
|
||||
case 'ldapOverrideUuidAttribute':
|
||||
case 'ldapUuidAttribute':
|
||||
|
@ -342,6 +353,9 @@ class Connection {
|
|||
$config[$dbKey] = substr($this->config[$dbKey], 5);
|
||||
}
|
||||
continue;
|
||||
} else if(strpos($classKey, 'ldapBase') !== false) {
|
||||
$config[$dbKey] = implode("\n", $this->config[$classKey]);
|
||||
continue;
|
||||
}
|
||||
$config[$dbKey] = $this->config[$classKey];
|
||||
}
|
||||
|
@ -449,6 +463,7 @@ class Connection {
|
|||
'ldap_override_uuid_attribute' => 0,
|
||||
'home_folder_naming_rule' => 'opt:username',
|
||||
'ldap_turn_off_cert_check' => 0,
|
||||
'ldap_configuration_active' => 1,
|
||||
);
|
||||
}
|
||||
|
||||
|
@ -456,6 +471,9 @@ class Connection {
|
|||
* Connects and Binds to LDAP
|
||||
*/
|
||||
private function establishConnection() {
|
||||
if(!$this->config['ldapConfigurationActive']) {
|
||||
return null;
|
||||
}
|
||||
static $phpLDAPinstalled = true;
|
||||
if(!$phpLDAPinstalled) {
|
||||
return false;
|
||||
|
@ -519,6 +537,9 @@ class Connection {
|
|||
* Binds to LDAP
|
||||
*/
|
||||
public function bind() {
|
||||
if(!$this->config['ldapConfigurationActive']) {
|
||||
return false;
|
||||
}
|
||||
$ldapLogin = @ldap_bind($this->getConnectionResource(), $this->config['ldapAgentName'], $this->config['ldapAgentPassword']);
|
||||
if(!$ldapLogin) {
|
||||
\OCP\Util::writeLog('user_ldap', 'Bind failed: ' . ldap_errno($this->ldapConnectionRes) . ': ' . ldap_error($this->ldapConnectionRes), \OCP\Util::ERROR);
|
||||
|
|
|
@ -27,6 +27,8 @@ class Helper {
|
|||
|
||||
/**
|
||||
* @brief returns prefixes for each saved LDAP/AD server configuration.
|
||||
* @param bool optional, whether only active configuration shall be
|
||||
* retrieved, defaults to false
|
||||
* @return array with a list of the available prefixes
|
||||
*
|
||||
* Configuration prefixes are used to set up configurations for n LDAP or
|
||||
|
@ -43,14 +45,18 @@ class Helper {
|
|||
* except the default (first) server shall be connected to.
|
||||
*
|
||||
*/
|
||||
static public function getServerConfigurationPrefixes() {
|
||||
$referenceConfigkey = 'ldap_login_filter';
|
||||
static public function getServerConfigurationPrefixes($activeConfigurations = false) {
|
||||
$referenceConfigkey = 'ldap_configuration_active';
|
||||
|
||||
$query = \OCP\DB::prepare('
|
||||
$query = '
|
||||
SELECT DISTINCT `configkey`
|
||||
FROM `*PREFIX*appconfig`
|
||||
WHERE `configkey` LIKE ?
|
||||
');
|
||||
';
|
||||
if($activeConfigurations) {
|
||||
$query .= ' AND `configvalue` = 1';
|
||||
}
|
||||
$query = \OCP\DB::prepare($query);
|
||||
|
||||
$serverConfigs = $query->execute(array('%'.$referenceConfigkey))->fetchAll();
|
||||
$prefixes = array();
|
||||
|
|
|
@ -27,6 +27,7 @@
|
|||
<p><label for="ldap_group_filter"><?php echo $l->t('Group Filter');?></label><input type="text" id="ldap_group_filter" name="ldap_group_filter" value="<?php echo $_['ldap_group_filter']; ?>" data-default="<?php echo $_['ldap_group_filter_default']; ?>" title="<?php echo $l->t('Defines the filter to apply, when retrieving groups.');?>" /><br /><small><?php echo $l->t('without any placeholder, e.g. "objectClass=posixGroup".');?></small></p>
|
||||
</fieldset>
|
||||
<fieldset id="ldapSettings-2">
|
||||
<p><label for="ldap_configuration_active"><?php echo $l->t('Configuration Active');?></label><input type="checkbox" id="ldap_configuration_active" name="ldap_configuration_active" value="1"<?php if ($_['ldap_configuration_active']) echo ' checked'; ?> data-default="<?php echo $_['ldap_configuration_active']; ?>" title="<?php echo $l->t('When unchecked, this configuration will be skipped.');?>" /></p>
|
||||
<p><label for="ldap_port"><?php echo $l->t('Port');?></label><input type="number" id="ldap_port" name="ldap_port" value="<?php echo $_['ldap_port']; ?>" data-default="<?php echo $_['ldap_port_default']; ?>" /></p>
|
||||
<p><label for="ldap_backup_host"><?php echo $l->t('Backup (Replica) Host');?></label><input type="text" id="ldap_backup_host" name="ldap_backup_host" value="<?php echo $_['ldap_backup_host']; ?>" data-default="<?php echo $_['ldap_backup_host_default']; ?>" title="<?php echo $l->t('Give an optional backup host. It must be a replica of the main LDAP/AD server.');?>"></p>
|
||||
<p><label for="ldap_backup_port"><?php echo $l->t('Backup (Replica) Port');?></label><input type="number" id="ldap_backup_port" name="ldap_backup_port" value="<?php echo $_['ldap_backup_port']; ?>" data-default="<?php echo $_['ldap_backup_port_default']; ?>" /></p>
|
||||
|
|
Loading…
Reference in a new issue