LDAP: make it possible to enable/disable server configurations

This commit is contained in:
Arthur Schiwon 2013-01-24 22:39:05 +01:00
parent 6bc7256966
commit 2749a14171
6 changed files with 52 additions and 14 deletions

View file

@ -23,7 +23,7 @@
OCP\App::registerAdmin('user_ldap', 'settings');
$configPrefixes = OCA\user_ldap\lib\Helper::getServerConfigurationPrefixes();
$configPrefixes = OCA\user_ldap\lib\Helper::getServerConfigurationPrefixes(true);
if(count($configPrefixes) == 1) {
$connector = new OCA\user_ldap\lib\Connection($configPrefixes[0]);
$userBackend = new OCA\user_ldap\USER_LDAP();
@ -35,9 +35,11 @@ if(count($configPrefixes) == 1) {
$groupBackend = new OCA\user_ldap\Group_Proxy($configPrefixes);
}
// register user backend
OC_User::useBackend($userBackend);
OC_Group::useBackend($groupBackend);
if(count($configPrefixes) > 0) {
// register user backend
OC_User::useBackend($userBackend);
OC_Group::useBackend($groupBackend);
}
// add settings page to navigation
$entry = array(

View file

@ -22,12 +22,10 @@ if($state == 'unset') {
OCP\Config::setSystemValue('ldapIgnoreNamingRules', false);
}
// ### SUPPORTED upgrade path starts here ###
//from version 0.2 to 0.3 (0.2.0.x dev version)
$objects = array('user', 'group');
$connector = new \OCA\user_ldap\lib\Connection('user_ldap');
$connector = new \OCA\user_ldap\lib\Connection();
$userBE = new \OCA\user_ldap\USER_LDAP();
$userBE->setConnector($connector);
$groupBE = new \OCA\user_ldap\GROUP_LDAP();
@ -80,3 +78,13 @@ function escapeDN($dn) {
return $dn;
}
// SUPPORTED UPGRADE FROM Version 0.3 (ownCloud 4.5) to 0.4 (ownCloud 5)
if(!isset($connector)) {
$connector = new \OCA\user_ldap\lib\Connection();
}
//it is required, that connections do habe ldap_configuration_active setting stored in the database
$connector->getConfiguration();
$connector->saveConfiguration();

View file

@ -1 +1 @@
0.3.0.1
0.3.9.0

View file

@ -60,6 +60,7 @@ class Connection {
'ldapUuidAttribute' => null,
'ldapOverrideUuidAttribute' => null,
'ldapOverrideMainServer' => false,
'ldapConfigurationActive' => false,
'homeFolderNamingRule' => null,
'hasPagedResultSupport' => false,
);
@ -174,7 +175,8 @@ class Connection {
if(!$this->configured) {
$this->readConfiguration();
}
if(!$this->config['ldapCacheTTL']) {
if(!$this->config['ldapCacheTTL']
|| !$this->config['ldapConfigurationActive']) {
return null;
}
$key = $this->getCacheKey($key);
@ -255,6 +257,8 @@ class Connection {
= $this->$v('ldap_override_uuid_attribute');
$this->config['homeFolderNamingRule']
= $this->$v('home_folder_naming_rule');
$this->config['ldapConfigurationActive']
= $this->$v('ldap_configuration_active');
$this->configured = $this->validateConfiguration();
}
@ -263,7 +267,7 @@ class Connection {
private function getConfigTranslationArray() {
static $array = array('ldap_host'=>'ldapHost', 'ldap_port'=>'ldapPort', 'ldap_backup_host'=>'ldapBackupHost', 'ldap_backup_port'=>'ldapBackupPort', 'ldap_override_main_server' => 'ldapOverrideMainServer', 'ldap_dn'=>'ldapAgentName', 'ldap_agent_password'=>'ldapAgentPassword', 'ldap_base'=>'ldapBase', 'ldap_base_users'=>'ldapBaseUsers', 'ldap_base_groups'=>'ldapBaseGroups', 'ldap_userlist_filter'=>'ldapUserFilter', 'ldap_login_filter'=>'ldapLoginFilter', 'ldap_group_filter'=>'ldapGroupFilter', 'ldap_display_name'=>'ldapUserDisplayName', 'ldap_group_display_name'=>'ldapGroupDisplayName',
'ldap_tls'=>'ldapTLS', 'ldap_nocase'=>'ldapNoCase', 'ldap_quota_def'=>'ldapQuotaDefault', 'ldap_quota_attr'=>'ldapQuotaAttribute', 'ldap_email_attr'=>'ldapEmailAttribute', 'ldap_group_member_assoc_attribute'=>'ldapGroupMemberAssocAttr', 'ldap_cache_ttl'=>'ldapCacheTTL', 'home_folder_naming_rule' => 'homeFolderNamingRule', 'ldap_turn_off_cert_check' => 'turnOffCertCheck');
'ldap_tls'=>'ldapTLS', 'ldap_nocase'=>'ldapNoCase', 'ldap_quota_def'=>'ldapQuotaDefault', 'ldap_quota_attr'=>'ldapQuotaAttribute', 'ldap_email_attr'=>'ldapEmailAttribute', 'ldap_group_member_assoc_attribute'=>'ldapGroupMemberAssocAttr', 'ldap_cache_ttl'=>'ldapCacheTTL', 'home_folder_naming_rule' => 'homeFolderNamingRule', 'ldap_turn_off_cert_check' => 'turnOffCertCheck', 'ldap_configuration_active' => 'ldapConfigurationActive');
return $array;
}
@ -310,6 +314,13 @@ class Connection {
case 'homeFolderNamingRule':
$value = empty($value) ? 'opt:username' : 'attr:'.$value;
break;
case 'ldapBase':
case 'ldapBaseUsers':
case 'ldapBaseGroups':
if(is_array($value)){
$value = implode("\n", $value);
}
break;
case 'ldapIgnoreNamingRules':
case 'ldapOverrideUuidAttribute':
case 'ldapUuidAttribute':
@ -342,6 +353,9 @@ class Connection {
$config[$dbKey] = substr($this->config[$dbKey], 5);
}
continue;
} else if(strpos($classKey, 'ldapBase') !== false) {
$config[$dbKey] = implode("\n", $this->config[$classKey]);
continue;
}
$config[$dbKey] = $this->config[$classKey];
}
@ -449,6 +463,7 @@ class Connection {
'ldap_override_uuid_attribute' => 0,
'home_folder_naming_rule' => 'opt:username',
'ldap_turn_off_cert_check' => 0,
'ldap_configuration_active' => 1,
);
}
@ -456,6 +471,9 @@ class Connection {
* Connects and Binds to LDAP
*/
private function establishConnection() {
if(!$this->config['ldapConfigurationActive']) {
return null;
}
static $phpLDAPinstalled = true;
if(!$phpLDAPinstalled) {
return false;
@ -519,6 +537,9 @@ class Connection {
* Binds to LDAP
*/
public function bind() {
if(!$this->config['ldapConfigurationActive']) {
return false;
}
$ldapLogin = @ldap_bind($this->getConnectionResource(), $this->config['ldapAgentName'], $this->config['ldapAgentPassword']);
if(!$ldapLogin) {
\OCP\Util::writeLog('user_ldap', 'Bind failed: ' . ldap_errno($this->ldapConnectionRes) . ': ' . ldap_error($this->ldapConnectionRes), \OCP\Util::ERROR);

View file

@ -27,6 +27,8 @@ class Helper {
/**
* @brief returns prefixes for each saved LDAP/AD server configuration.
* @param bool optional, whether only active configuration shall be
* retrieved, defaults to false
* @return array with a list of the available prefixes
*
* Configuration prefixes are used to set up configurations for n LDAP or
@ -43,14 +45,18 @@ class Helper {
* except the default (first) server shall be connected to.
*
*/
static public function getServerConfigurationPrefixes() {
$referenceConfigkey = 'ldap_login_filter';
static public function getServerConfigurationPrefixes($activeConfigurations = false) {
$referenceConfigkey = 'ldap_configuration_active';
$query = \OCP\DB::prepare('
$query = '
SELECT DISTINCT `configkey`
FROM `*PREFIX*appconfig`
WHERE `configkey` LIKE ?
');
';
if($activeConfigurations) {
$query .= ' AND `configvalue` = 1';
}
$query = \OCP\DB::prepare($query);
$serverConfigs = $query->execute(array('%'.$referenceConfigkey))->fetchAll();
$prefixes = array();

View file

@ -27,6 +27,7 @@
<p><label for="ldap_group_filter"><?php echo $l->t('Group Filter');?></label><input type="text" id="ldap_group_filter" name="ldap_group_filter" value="<?php echo $_['ldap_group_filter']; ?>" data-default="<?php echo $_['ldap_group_filter_default']; ?>" title="<?php echo $l->t('Defines the filter to apply, when retrieving groups.');?>" /><br /><small><?php echo $l->t('without any placeholder, e.g. "objectClass=posixGroup".');?></small></p>
</fieldset>
<fieldset id="ldapSettings-2">
<p><label for="ldap_configuration_active"><?php echo $l->t('Configuration Active');?></label><input type="checkbox" id="ldap_configuration_active" name="ldap_configuration_active" value="1"<?php if ($_['ldap_configuration_active']) echo ' checked'; ?> data-default="<?php echo $_['ldap_configuration_active']; ?>" title="<?php echo $l->t('When unchecked, this configuration will be skipped.');?>" /></p>
<p><label for="ldap_port"><?php echo $l->t('Port');?></label><input type="number" id="ldap_port" name="ldap_port" value="<?php echo $_['ldap_port']; ?>" data-default="<?php echo $_['ldap_port_default']; ?>" /></p>
<p><label for="ldap_backup_host"><?php echo $l->t('Backup (Replica) Host');?></label><input type="text" id="ldap_backup_host" name="ldap_backup_host" value="<?php echo $_['ldap_backup_host']; ?>" data-default="<?php echo $_['ldap_backup_host_default']; ?>" title="<?php echo $l->t('Give an optional backup host. It must be a replica of the main LDAP/AD server.');?>"></p>
<p><label for="ldap_backup_port"><?php echo $l->t('Backup (Replica) Port');?></label><input type="number" id="ldap_backup_port" name="ldap_backup_port" value="<?php echo $_['ldap_backup_port']; ?>" data-default="<?php echo $_['ldap_backup_port_default']; ?>" /></p>