Merge pull request #12693 from nextcloud/fix/11474/fix-first-ldap-login

fix exception on LDAP mapping during login
This commit is contained in:
blizzz 2018-12-17 13:07:21 +01:00 committed by GitHub
commit e7950a5bd6
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
7 changed files with 71 additions and 17 deletions

View file

@ -629,6 +629,11 @@ pipeline:
image: nextcloudci/integration-php7.0:integration-php7.0-6
commands:
- ./occ maintenance:install --admin-pass=admin --data-dir=/dev/shm/nc_int
- ./occ config:system:set redis host --value=cache
- ./occ config:system:set redis port --value=6379 --type=integer
- ./occ config:system:set redis timeout --value=0 --type=integer
- ./occ config:system:set --type string --value "\\OC\\Memcache\\Redis" memcache.local
- ./occ config:system:set --type string --value "\\OC\\Memcache\\Redis" memcache.distributed
- ./occ app:enable user_ldap
- cd build/integration
- ./run.sh ldap_features/ldap-openldap.feature
@ -639,6 +644,11 @@ pipeline:
image: nextcloudci/integration-php7.0:integration-php7.0-6
commands:
- ./occ maintenance:install --admin-pass=admin --data-dir=/dev/shm/nc_int
- ./occ config:system:set redis host --value=cache
- ./occ config:system:set redis port --value=6379 --type=integer
- ./occ config:system:set redis timeout --value=0 --type=integer
- ./occ config:system:set --type string --value "\\OC\\Memcache\\Redis" memcache.local
- ./occ config:system:set --type string --value "\\OC\\Memcache\\Redis" memcache.distributed
- ./occ app:enable user_ldap
- cd build/integration
- ./run.sh ldap_features/openldap-uid-username.feature
@ -649,6 +659,11 @@ pipeline:
image: nextcloudci/integration-php7.0:integration-php7.0-6
commands:
- ./occ maintenance:install --admin-pass=admin --data-dir=/dev/shm/nc_int
- ./occ config:system:set redis host --value=cache
- ./occ config:system:set redis port --value=6379 --type=integer
- ./occ config:system:set redis timeout --value=0 --type=integer
- ./occ config:system:set --type string --value "\\OC\\Memcache\\Redis" memcache.local
- ./occ config:system:set --type string --value "\\OC\\Memcache\\Redis" memcache.distributed
- ./occ app:enable user_ldap
- cd build/integration
- ./run.sh ldap_features/openldap-numerical-id.feature
@ -958,10 +973,13 @@ matrix:
- TESTS: integration-ldap-features
- TESTS: integration-ldap-openldap-features
ENABLE_OPENLDAP: true
ENABLE_REDIS: true
- TESTS: integration-ldap-openldap-uid-features
ENABLE_OPENLDAP: true
ENABLE_REDIS: true
- TESTS: integration-ldap-openldap-numerical-id-features
ENABLE_OPENLDAP: true
ENABLE_REDIS: true
- TESTS: integration-trashbin
- TESTS: integration-remote-api
- TESTS: integration-download

View file

@ -261,7 +261,7 @@ class SyncService {
/**
* @param IUser $user
*/
public function updateUser($user) {
public function updateUser(IUser $user) {
$systemAddressBook = $this->getLocalSystemAddressBook();
$addressBookId = $systemAddressBook['id'];
$converter = new Converter($this->accountManager);

View file

@ -101,7 +101,9 @@ class HookManager {
public function postCreateUser($params) {
$user = $this->userManager->get($params['uid']);
$this->syncService->updateUser($user);
if ($user instanceof IUser) {
$this->syncService->updateUser($user);
}
}
public function preDeleteUser($params) {

View file

@ -609,26 +609,25 @@ class Access extends LDAPUtility {
// outside of core user management will still cache the user as non-existing.
$originalTTL = $this->connection->ldapCacheTTL;
$this->connection->setConfiguration(['ldapCacheTTL' => 0]);
if(($isUser && $intName !== '' && !$this->ncUserManager->userExists($intName))
|| (!$isUser && !\OC::$server->getGroupManager()->groupExists($intName))) {
if($mapper->map($fdn, $intName, $uuid)) {
$this->connection->setConfiguration(['ldapCacheTTL' => $originalTTL]);
if($this->ncUserManager instanceof PublicEmitter && $isUser) {
$this->ncUserManager->emit('\OC\User', 'assignedUserId', [$intName]);
}
$newlyMapped = true;
if( $intName !== ''
&& (($isUser && !$this->ncUserManager->userExists($intName))
|| (!$isUser && !\OC::$server->getGroupManager()->groupExists($intName))
)
) {
$this->connection->setConfiguration(['ldapCacheTTL' => $originalTTL]);
$newlyMapped = $this->mapAndAnnounceIfApplicable($mapper, $fdn, $intName, $uuid, $isUser);
if($newlyMapped) {
return $intName;
}
}
$this->connection->setConfiguration(['ldapCacheTTL' => $originalTTL]);
$this->connection->setConfiguration(['ldapCacheTTL' => $originalTTL]);
$altName = $this->createAltInternalOwnCloudName($intName, $isUser);
if (is_string($altName) && $mapper->map($fdn, $altName, $uuid)) {
if ($this->ncUserManager instanceof PublicEmitter && $isUser) {
$this->ncUserManager->emit('\OC\User', 'assignedUserId', [$altName]);
if (is_string($altName)) {
if($this->mapAndAnnounceIfApplicable($mapper, $fdn, $altName, $uuid, $isUser)) {
$newlyMapped = true;
return $altName;
}
$newlyMapped = true;
return $altName;
}
//if everything else did not help..
@ -636,6 +635,23 @@ class Access extends LDAPUtility {
return false;
}
protected function mapAndAnnounceIfApplicable(
AbstractMapping $mapper,
string $fdn,
string $name,
string $uuid,
bool $isUser
) :bool {
if($mapper->map($fdn, $name, $uuid)) {
if ($this->ncUserManager instanceof PublicEmitter && $isUser) {
$this->cacheUserExists($name);
$this->ncUserManager->emit('\OC\User', 'assignedUserId', [$name]);
}
return true;
}
return false;
}
/**
* gives back the user names as they are used ownClod internally
* @param array $ldapUsers as returned by fetchList()

View file

@ -24,6 +24,8 @@
namespace OCA\User_LDAP\AppInfo;
use OCA\User_LDAP\Controller\RenewPasswordController;
use OCA\User_LDAP\ILDAPWrapper;
use OCA\User_LDAP\LDAP;
use OCP\AppFramework\App;
use OCP\AppFramework\IAppContainer;
use OCP\IL10N;
@ -50,5 +52,9 @@ class Application extends App {
$server->getURLGenerator()
);
});
$container->registerService(ILDAPWrapper::class, function () {
return new LDAP();
});
}
}

View file

@ -26,6 +26,8 @@
namespace OCA\User_LDAP\Command;
use OCA\User_LDAP\ConnectionFactory;
use OCA\User_LDAP\LDAP;
use Symfony\Component\Console\Command\Command;
use Symfony\Component\Console\Input\InputArgument;
use Symfony\Component\Console\Input\InputInterface;
@ -83,5 +85,8 @@ class SetConfig extends Command {
$configHolder = new Configuration($configID);
$configHolder->$key = $value;
$configHolder->saveConfiguration();
$connectionFactory = new ConnectionFactory(new LDAP());
$connectionFactory->get($configID)->clearCache();
}
}

View file

@ -27,6 +27,7 @@ use OC\CapabilitiesManager;
use OC\Core\Controller\OCSController;
use OC\Security\IdentityProof\Manager;
use OCA\User_LDAP\Configuration;
use OCA\User_LDAP\ConnectionFactory;
use OCA\User_LDAP\Helper;
use OCP\AppFramework\Http\DataResponse;
use OCP\AppFramework\OCS\OCSBadRequestException;
@ -45,6 +46,9 @@ class ConfigAPIController extends OCSController {
/** @var ILogger */
private $logger;
/** @var ConnectionFactory */
private $connectionFactory;
public function __construct(
$appName,
IRequest $request,
@ -53,7 +57,8 @@ class ConfigAPIController extends OCSController {
IUserManager $userManager,
Manager $keyManager,
Helper $ldapHelper,
ILogger $logger
ILogger $logger,
ConnectionFactory $connectionFactory
) {
parent::__construct(
$appName,
@ -67,6 +72,7 @@ class ConfigAPIController extends OCSController {
$this->ldapHelper = $ldapHelper;
$this->logger = $logger;
$this->connectionFactory = $connectionFactory;
}
/**
@ -198,6 +204,7 @@ class ConfigAPIController extends OCSController {
}
$configuration->saveConfiguration();
$this->connectionFactory->get($configID)->clearCache();
} catch(OCSException $e) {
throw $e;
} catch (\Exception $e) {