Configuration.php 19 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388389390391392393394395396397398399400401402403404405406407408409410411412413414415416417418419420421422423424425426427428429430431432433434435436437438439440441442443444445446447448449450451452453454455456457458459460461462463464465466467468469470471472473474475476477478479480481482483484485486487488489490491492493494495496497498499500501502503504505506507508509510511512513514515516517518519520521522523524525526527528529530531532533534535536537538539540541542543544545546547548549550551552553554555556557558559560561562563564565566567568569570571572573574575576577578579580581582583584585586587588589590591592593594595596597598599600601602603604605606
  1. <?php
  2. /**
  3. * @copyright Copyright (c) 2016, ownCloud, Inc.
  4. *
  5. * @author Alexander Bergolth <leo@strike.wu.ac.at>
  6. * @author Alex Weirig <alex.weirig@technolink.lu>
  7. * @author Arthur Schiwon <blizzz@arthur-schiwon.de>
  8. * @author Christoph Wurst <christoph@winzerhof-wurst.at>
  9. * @author Joas Schilling <coding@schilljs.com>
  10. * @author Jörn Friedrich Dreyer <jfd@butonic.de>
  11. * @author Lennart Rosam <hello@takuto.de>
  12. * @author Lukas Reschke <lukas@statuscode.ch>
  13. * @author Marc Hefter <marchefter@march42.net>
  14. * @author Morris Jobke <hey@morrisjobke.de>
  15. * @author Robin McCorkell <robin@mccorkell.me.uk>
  16. * @author Roeland Jago Douma <roeland@famdouma.nl>
  17. * @author Roger Szabo <roger.szabo@web.de>
  18. * @author Victor Dubiniuk <dubiniuk@owncloud.com>
  19. * @author Xuanwo <xuanwo@yunify.com>
  20. *
  21. * @license AGPL-3.0
  22. *
  23. * This code is free software: you can redistribute it and/or modify
  24. * it under the terms of the GNU Affero General Public License, version 3,
  25. * as published by the Free Software Foundation.
  26. *
  27. * This program is distributed in the hope that it will be useful,
  28. * but WITHOUT ANY WARRANTY; without even the implied warranty of
  29. * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
  30. * GNU Affero General Public License for more details.
  31. *
  32. * You should have received a copy of the GNU Affero General Public License, version 3,
  33. * along with this program. If not, see <http://www.gnu.org/licenses/>
  34. *
  35. */
  36. namespace OCA\User_LDAP;
  37. /**
  38. * @property int ldapPagingSize holds an integer
  39. * @property string ldapUserAvatarRule
  40. */
  41. class Configuration {
  42. public const AVATAR_PREFIX_DEFAULT = 'default';
  43. public const AVATAR_PREFIX_NONE = 'none';
  44. public const AVATAR_PREFIX_DATA_ATTRIBUTE = 'data:';
  45. public const LDAP_SERVER_FEATURE_UNKNOWN = 'unknown';
  46. public const LDAP_SERVER_FEATURE_AVAILABLE = 'available';
  47. public const LDAP_SERVER_FEATURE_UNAVAILABLE = 'unavailable';
  48. /**
  49. * @var string
  50. */
  51. protected $configPrefix;
  52. /**
  53. * @var bool
  54. */
  55. protected $configRead = false;
  56. /**
  57. * @var string[]
  58. */
  59. protected array $unsavedChanges = [];
  60. /**
  61. * @var array<string, mixed> settings
  62. */
  63. protected $config = [
  64. 'ldapHost' => null,
  65. 'ldapPort' => null,
  66. 'ldapBackupHost' => null,
  67. 'ldapBackupPort' => null,
  68. 'ldapBackgroundHost' => null,
  69. 'ldapBackgroundPort' => null,
  70. 'ldapBase' => null,
  71. 'ldapBaseUsers' => null,
  72. 'ldapBaseGroups' => null,
  73. 'ldapAgentName' => null,
  74. 'ldapAgentPassword' => null,
  75. 'ldapTLS' => null,
  76. 'turnOffCertCheck' => null,
  77. 'ldapIgnoreNamingRules' => null,
  78. 'ldapUserDisplayName' => null,
  79. 'ldapUserDisplayName2' => null,
  80. 'ldapUserAvatarRule' => null,
  81. 'ldapGidNumber' => null,
  82. 'ldapUserFilterObjectclass' => null,
  83. 'ldapUserFilterGroups' => null,
  84. 'ldapUserFilter' => null,
  85. 'ldapUserFilterMode' => null,
  86. 'ldapGroupFilter' => null,
  87. 'ldapGroupFilterMode' => null,
  88. 'ldapGroupFilterObjectclass' => null,
  89. 'ldapGroupFilterGroups' => null,
  90. 'ldapGroupDisplayName' => null,
  91. 'ldapGroupMemberAssocAttr' => null,
  92. 'ldapLoginFilter' => null,
  93. 'ldapLoginFilterMode' => null,
  94. 'ldapLoginFilterEmail' => null,
  95. 'ldapLoginFilterUsername' => null,
  96. 'ldapLoginFilterAttributes' => null,
  97. 'ldapQuotaAttribute' => null,
  98. 'ldapQuotaDefault' => null,
  99. 'ldapEmailAttribute' => null,
  100. 'ldapCacheTTL' => null,
  101. 'ldapUuidUserAttribute' => 'auto',
  102. 'ldapUuidGroupAttribute' => 'auto',
  103. 'ldapOverrideMainServer' => false,
  104. 'ldapConfigurationActive' => false,
  105. 'ldapAttributesForUserSearch' => null,
  106. 'ldapAttributesForGroupSearch' => null,
  107. 'ldapExperiencedAdmin' => false,
  108. 'homeFolderNamingRule' => null,
  109. 'hasMemberOfFilterSupport' => false,
  110. 'useMemberOfToDetectMembership' => true,
  111. 'ldapExpertUsernameAttr' => null,
  112. 'ldapExpertUUIDUserAttr' => null,
  113. 'ldapExpertUUIDGroupAttr' => null,
  114. 'lastJpegPhotoLookup' => null,
  115. 'ldapNestedGroups' => false,
  116. 'ldapPagingSize' => null,
  117. 'turnOnPasswordChange' => false,
  118. 'ldapDynamicGroupMemberURL' => null,
  119. 'ldapDefaultPPolicyDN' => null,
  120. 'ldapExtStorageHomeAttribute' => null,
  121. 'ldapMatchingRuleInChainState' => self::LDAP_SERVER_FEATURE_UNKNOWN,
  122. 'ldapConnectionTimeout' => 15,
  123. 'ldapAttributePhone' => null,
  124. 'ldapAttributeWebsite' => null,
  125. 'ldapAttributeAddress' => null,
  126. 'ldapAttributeTwitter' => null,
  127. 'ldapAttributeFediverse' => null,
  128. 'ldapAttributeOrganisation' => null,
  129. 'ldapAttributeRole' => null,
  130. 'ldapAttributeHeadline' => null,
  131. 'ldapAttributeBiography' => null,
  132. ];
  133. public function __construct(string $configPrefix, bool $autoRead = true) {
  134. $this->configPrefix = $configPrefix;
  135. if ($autoRead) {
  136. $this->readConfiguration();
  137. }
  138. }
  139. /**
  140. * @param string $name
  141. * @return mixed|null
  142. */
  143. public function __get($name) {
  144. if (isset($this->config[$name])) {
  145. return $this->config[$name];
  146. }
  147. return null;
  148. }
  149. /**
  150. * @param string $name
  151. * @param mixed $value
  152. */
  153. public function __set($name, $value) {
  154. $this->setConfiguration([$name => $value]);
  155. }
  156. public function getConfiguration(): array {
  157. return $this->config;
  158. }
  159. /**
  160. * set LDAP configuration with values delivered by an array, not read
  161. * from configuration. It does not save the configuration! To do so, you
  162. * must call saveConfiguration afterwards.
  163. * @param array $config array that holds the config parameters in an associated
  164. * array
  165. * @param array &$applied optional; array where the set fields will be given to
  166. */
  167. public function setConfiguration(array $config, array &$applied = null): void {
  168. $cta = $this->getConfigTranslationArray();
  169. foreach ($config as $inputKey => $val) {
  170. if (str_contains($inputKey, '_') && array_key_exists($inputKey, $cta)) {
  171. $key = $cta[$inputKey];
  172. } elseif (array_key_exists($inputKey, $this->config)) {
  173. $key = $inputKey;
  174. } else {
  175. continue;
  176. }
  177. $setMethod = 'setValue';
  178. switch ($key) {
  179. case 'ldapAgentPassword':
  180. $setMethod = 'setRawValue';
  181. break;
  182. case 'homeFolderNamingRule':
  183. $trimmedVal = trim($val);
  184. if ($trimmedVal !== '' && !str_contains($val, 'attr:')) {
  185. $val = 'attr:'.$trimmedVal;
  186. }
  187. break;
  188. case 'ldapBase':
  189. case 'ldapBaseUsers':
  190. case 'ldapBaseGroups':
  191. case 'ldapAttributesForUserSearch':
  192. case 'ldapAttributesForGroupSearch':
  193. case 'ldapUserFilterObjectclass':
  194. case 'ldapUserFilterGroups':
  195. case 'ldapGroupFilterObjectclass':
  196. case 'ldapGroupFilterGroups':
  197. case 'ldapLoginFilterAttributes':
  198. $setMethod = 'setMultiLine';
  199. break;
  200. }
  201. $this->$setMethod($key, $val);
  202. if (is_array($applied)) {
  203. $applied[] = $inputKey;
  204. // storing key as index avoids duplication, and as value for simplicity
  205. }
  206. $this->unsavedChanges[$key] = $key;
  207. }
  208. }
  209. public function readConfiguration(): void {
  210. if (!$this->configRead) {
  211. $cta = array_flip($this->getConfigTranslationArray());
  212. foreach ($this->config as $key => $val) {
  213. if (!isset($cta[$key])) {
  214. //some are determined
  215. continue;
  216. }
  217. $dbKey = $cta[$key];
  218. switch ($key) {
  219. case 'ldapBase':
  220. case 'ldapBaseUsers':
  221. case 'ldapBaseGroups':
  222. case 'ldapAttributesForUserSearch':
  223. case 'ldapAttributesForGroupSearch':
  224. case 'ldapUserFilterObjectclass':
  225. case 'ldapUserFilterGroups':
  226. case 'ldapGroupFilterObjectclass':
  227. case 'ldapGroupFilterGroups':
  228. case 'ldapLoginFilterAttributes':
  229. $readMethod = 'getMultiLine';
  230. break;
  231. case 'ldapIgnoreNamingRules':
  232. $readMethod = 'getSystemValue';
  233. $dbKey = $key;
  234. break;
  235. case 'ldapAgentPassword':
  236. $readMethod = 'getPwd';
  237. break;
  238. case 'ldapUserDisplayName2':
  239. case 'ldapGroupDisplayName':
  240. $readMethod = 'getLcValue';
  241. break;
  242. case 'ldapUserDisplayName':
  243. default:
  244. // user display name does not lower case because
  245. // we rely on an upper case N as indicator whether to
  246. // auto-detect it or not. FIXME
  247. $readMethod = 'getValue';
  248. break;
  249. }
  250. $this->config[$key] = $this->$readMethod($dbKey);
  251. }
  252. $this->configRead = true;
  253. }
  254. }
  255. /**
  256. * saves the current config changes in the database
  257. */
  258. public function saveConfiguration(): void {
  259. $cta = array_flip($this->getConfigTranslationArray());
  260. $changed = false;
  261. foreach ($this->unsavedChanges as $key) {
  262. $value = $this->config[$key];
  263. switch ($key) {
  264. case 'ldapAgentPassword':
  265. $value = base64_encode($value);
  266. break;
  267. case 'ldapBase':
  268. case 'ldapBaseUsers':
  269. case 'ldapBaseGroups':
  270. case 'ldapAttributesForUserSearch':
  271. case 'ldapAttributesForGroupSearch':
  272. case 'ldapUserFilterObjectclass':
  273. case 'ldapUserFilterGroups':
  274. case 'ldapGroupFilterObjectclass':
  275. case 'ldapGroupFilterGroups':
  276. case 'ldapLoginFilterAttributes':
  277. if (is_array($value)) {
  278. $value = implode("\n", $value);
  279. }
  280. break;
  281. //following options are not stored but detected, skip them
  282. case 'ldapIgnoreNamingRules':
  283. case 'ldapUuidUserAttribute':
  284. case 'ldapUuidGroupAttribute':
  285. continue 2;
  286. }
  287. if (is_null($value)) {
  288. $value = '';
  289. }
  290. $changed = true;
  291. $this->saveValue($cta[$key], $value);
  292. }
  293. if ($changed) {
  294. $this->saveValue('_lastChange', (string)time());
  295. }
  296. $this->unsavedChanges = [];
  297. }
  298. /**
  299. * @param string $varName
  300. * @return array|string
  301. */
  302. protected function getMultiLine($varName) {
  303. $value = $this->getValue($varName);
  304. if (empty($value)) {
  305. $value = '';
  306. } else {
  307. $value = preg_split('/\r\n|\r|\n/', $value);
  308. }
  309. return $value;
  310. }
  311. /**
  312. * Sets multi-line values as arrays
  313. *
  314. * @param string $varName name of config-key
  315. * @param array|string $value to set
  316. */
  317. protected function setMultiLine(string $varName, $value): void {
  318. if (empty($value)) {
  319. $value = '';
  320. } elseif (!is_array($value)) {
  321. $value = preg_split('/\r\n|\r|\n|;/', $value);
  322. if ($value === false) {
  323. $value = '';
  324. }
  325. }
  326. if (!is_array($value)) {
  327. $finalValue = trim($value);
  328. } else {
  329. $finalValue = [];
  330. foreach ($value as $key => $val) {
  331. if (is_string($val)) {
  332. $val = trim($val);
  333. if ($val !== '') {
  334. //accidental line breaks are not wanted and can cause
  335. // odd behaviour. Thus, away with them.
  336. $finalValue[] = $val;
  337. }
  338. } else {
  339. $finalValue[] = $val;
  340. }
  341. }
  342. }
  343. $this->setRawValue($varName, $finalValue);
  344. }
  345. protected function getPwd(string $varName): string {
  346. return base64_decode($this->getValue($varName));
  347. }
  348. protected function getLcValue(string $varName): string {
  349. return mb_strtolower($this->getValue($varName), 'UTF-8');
  350. }
  351. protected function getSystemValue(string $varName): string {
  352. //FIXME: if another system value is added, softcode the default value
  353. return \OC::$server->getConfig()->getSystemValue($varName, false);
  354. }
  355. protected function getValue(string $varName): string {
  356. static $defaults;
  357. if (is_null($defaults)) {
  358. $defaults = $this->getDefaults();
  359. }
  360. return \OC::$server->getConfig()->getAppValue('user_ldap',
  361. $this->configPrefix.$varName,
  362. $defaults[$varName]);
  363. }
  364. /**
  365. * Sets a scalar value.
  366. *
  367. * @param string $varName name of config key
  368. * @param mixed $value to set
  369. */
  370. protected function setValue(string $varName, $value): void {
  371. if (is_string($value)) {
  372. $value = trim($value);
  373. }
  374. $this->config[$varName] = $value;
  375. }
  376. /**
  377. * Sets a scalar value without trimming.
  378. *
  379. * @param string $varName name of config key
  380. * @param mixed $value to set
  381. */
  382. protected function setRawValue(string $varName, $value): void {
  383. $this->config[$varName] = $value;
  384. }
  385. protected function saveValue(string $varName, string $value): bool {
  386. \OC::$server->getConfig()->setAppValue(
  387. 'user_ldap',
  388. $this->configPrefix.$varName,
  389. $value
  390. );
  391. return true;
  392. }
  393. /**
  394. * @return array an associative array with the default values. Keys are correspond
  395. * to config-value entries in the database table
  396. */
  397. public function getDefaults(): array {
  398. return [
  399. 'ldap_host' => '',
  400. 'ldap_port' => '',
  401. 'ldap_backup_host' => '',
  402. 'ldap_backup_port' => '',
  403. 'ldap_background_host' => '',
  404. 'ldap_background_port' => '',
  405. 'ldap_override_main_server' => '',
  406. 'ldap_dn' => '',
  407. 'ldap_agent_password' => '',
  408. 'ldap_base' => '',
  409. 'ldap_base_users' => '',
  410. 'ldap_base_groups' => '',
  411. 'ldap_userlist_filter' => '',
  412. 'ldap_user_filter_mode' => 0,
  413. 'ldap_userfilter_objectclass' => '',
  414. 'ldap_userfilter_groups' => '',
  415. 'ldap_login_filter' => '',
  416. 'ldap_login_filter_mode' => 0,
  417. 'ldap_loginfilter_email' => 0,
  418. 'ldap_loginfilter_username' => 1,
  419. 'ldap_loginfilter_attributes' => '',
  420. 'ldap_group_filter' => '',
  421. 'ldap_group_filter_mode' => 0,
  422. 'ldap_groupfilter_objectclass' => '',
  423. 'ldap_groupfilter_groups' => '',
  424. 'ldap_gid_number' => 'gidNumber',
  425. 'ldap_display_name' => 'displayName',
  426. 'ldap_user_display_name_2' => '',
  427. 'ldap_group_display_name' => 'cn',
  428. 'ldap_tls' => 0,
  429. 'ldap_quota_def' => '',
  430. 'ldap_quota_attr' => '',
  431. 'ldap_email_attr' => '',
  432. 'ldap_group_member_assoc_attribute' => '',
  433. 'ldap_cache_ttl' => 600,
  434. 'ldap_uuid_user_attribute' => 'auto',
  435. 'ldap_uuid_group_attribute' => 'auto',
  436. 'home_folder_naming_rule' => '',
  437. 'ldap_turn_off_cert_check' => 0,
  438. 'ldap_configuration_active' => 0,
  439. 'ldap_attributes_for_user_search' => '',
  440. 'ldap_attributes_for_group_search' => '',
  441. 'ldap_expert_username_attr' => '',
  442. 'ldap_expert_uuid_user_attr' => '',
  443. 'ldap_expert_uuid_group_attr' => '',
  444. 'has_memberof_filter_support' => 0,
  445. 'use_memberof_to_detect_membership' => 1,
  446. 'last_jpegPhoto_lookup' => 0,
  447. 'ldap_nested_groups' => 0,
  448. 'ldap_paging_size' => 500,
  449. 'ldap_turn_on_pwd_change' => 0,
  450. 'ldap_experienced_admin' => 0,
  451. 'ldap_dynamic_group_member_url' => '',
  452. 'ldap_default_ppolicy_dn' => '',
  453. 'ldap_user_avatar_rule' => 'default',
  454. 'ldap_ext_storage_home_attribute' => '',
  455. 'ldap_matching_rule_in_chain_state' => self::LDAP_SERVER_FEATURE_UNKNOWN,
  456. 'ldap_connection_timeout' => 15,
  457. 'ldap_attr_phone' => '',
  458. 'ldap_attr_website' => '',
  459. 'ldap_attr_address' => '',
  460. 'ldap_attr_twitter' => '',
  461. 'ldap_attr_fediverse' => '',
  462. 'ldap_attr_organisation' => '',
  463. 'ldap_attr_role' => '',
  464. 'ldap_attr_headline' => '',
  465. 'ldap_attr_biography' => '',
  466. ];
  467. }
  468. /**
  469. * @return array that maps internal variable names to database fields
  470. */
  471. public function getConfigTranslationArray(): array {
  472. //TODO: merge them into one representation
  473. static $array = [
  474. 'ldap_host' => 'ldapHost',
  475. 'ldap_port' => 'ldapPort',
  476. 'ldap_backup_host' => 'ldapBackupHost',
  477. 'ldap_backup_port' => 'ldapBackupPort',
  478. 'ldap_background_host' => 'ldapBackgroundHost',
  479. 'ldap_background_port' => 'ldapBackgroundPort',
  480. 'ldap_override_main_server' => 'ldapOverrideMainServer',
  481. 'ldap_dn' => 'ldapAgentName',
  482. 'ldap_agent_password' => 'ldapAgentPassword',
  483. 'ldap_base' => 'ldapBase',
  484. 'ldap_base_users' => 'ldapBaseUsers',
  485. 'ldap_base_groups' => 'ldapBaseGroups',
  486. 'ldap_userfilter_objectclass' => 'ldapUserFilterObjectclass',
  487. 'ldap_userfilter_groups' => 'ldapUserFilterGroups',
  488. 'ldap_userlist_filter' => 'ldapUserFilter',
  489. 'ldap_user_filter_mode' => 'ldapUserFilterMode',
  490. 'ldap_user_avatar_rule' => 'ldapUserAvatarRule',
  491. 'ldap_login_filter' => 'ldapLoginFilter',
  492. 'ldap_login_filter_mode' => 'ldapLoginFilterMode',
  493. 'ldap_loginfilter_email' => 'ldapLoginFilterEmail',
  494. 'ldap_loginfilter_username' => 'ldapLoginFilterUsername',
  495. 'ldap_loginfilter_attributes' => 'ldapLoginFilterAttributes',
  496. 'ldap_group_filter' => 'ldapGroupFilter',
  497. 'ldap_group_filter_mode' => 'ldapGroupFilterMode',
  498. 'ldap_groupfilter_objectclass' => 'ldapGroupFilterObjectclass',
  499. 'ldap_groupfilter_groups' => 'ldapGroupFilterGroups',
  500. 'ldap_gid_number' => 'ldapGidNumber',
  501. 'ldap_display_name' => 'ldapUserDisplayName',
  502. 'ldap_user_display_name_2' => 'ldapUserDisplayName2',
  503. 'ldap_group_display_name' => 'ldapGroupDisplayName',
  504. 'ldap_tls' => 'ldapTLS',
  505. 'ldap_quota_def' => 'ldapQuotaDefault',
  506. 'ldap_quota_attr' => 'ldapQuotaAttribute',
  507. 'ldap_email_attr' => 'ldapEmailAttribute',
  508. 'ldap_group_member_assoc_attribute' => 'ldapGroupMemberAssocAttr',
  509. 'ldap_cache_ttl' => 'ldapCacheTTL',
  510. 'home_folder_naming_rule' => 'homeFolderNamingRule',
  511. 'ldap_turn_off_cert_check' => 'turnOffCertCheck',
  512. 'ldap_configuration_active' => 'ldapConfigurationActive',
  513. 'ldap_attributes_for_user_search' => 'ldapAttributesForUserSearch',
  514. 'ldap_attributes_for_group_search' => 'ldapAttributesForGroupSearch',
  515. 'ldap_expert_username_attr' => 'ldapExpertUsernameAttr',
  516. 'ldap_expert_uuid_user_attr' => 'ldapExpertUUIDUserAttr',
  517. 'ldap_expert_uuid_group_attr' => 'ldapExpertUUIDGroupAttr',
  518. 'has_memberof_filter_support' => 'hasMemberOfFilterSupport',
  519. 'use_memberof_to_detect_membership' => 'useMemberOfToDetectMembership',
  520. 'last_jpegPhoto_lookup' => 'lastJpegPhotoLookup',
  521. 'ldap_nested_groups' => 'ldapNestedGroups',
  522. 'ldap_paging_size' => 'ldapPagingSize',
  523. 'ldap_turn_on_pwd_change' => 'turnOnPasswordChange',
  524. 'ldap_experienced_admin' => 'ldapExperiencedAdmin',
  525. 'ldap_dynamic_group_member_url' => 'ldapDynamicGroupMemberURL',
  526. 'ldap_default_ppolicy_dn' => 'ldapDefaultPPolicyDN',
  527. 'ldap_ext_storage_home_attribute' => 'ldapExtStorageHomeAttribute',
  528. 'ldap_matching_rule_in_chain_state' => 'ldapMatchingRuleInChainState',
  529. 'ldapIgnoreNamingRules' => 'ldapIgnoreNamingRules', // sysconfig
  530. 'ldap_connection_timeout' => 'ldapConnectionTimeout',
  531. 'ldap_attr_phone' => 'ldapAttributePhone',
  532. 'ldap_attr_website' => 'ldapAttributeWebsite',
  533. 'ldap_attr_address' => 'ldapAttributeAddress',
  534. 'ldap_attr_twitter' => 'ldapAttributeTwitter',
  535. 'ldap_attr_fediverse' => 'ldapAttributeFediverse',
  536. 'ldap_attr_organisation' => 'ldapAttributeOrganisation',
  537. 'ldap_attr_role' => 'ldapAttributeRole',
  538. 'ldap_attr_headline' => 'ldapAttributeHeadline',
  539. 'ldap_attr_biography' => 'ldapAttributeBiography',
  540. ];
  541. return $array;
  542. }
  543. /**
  544. * @throws \RuntimeException
  545. */
  546. public function resolveRule(string $rule): array {
  547. if ($rule === 'avatar') {
  548. return $this->getAvatarAttributes();
  549. }
  550. throw new \RuntimeException('Invalid rule');
  551. }
  552. public function getAvatarAttributes(): array {
  553. $value = $this->ldapUserAvatarRule ?: self::AVATAR_PREFIX_DEFAULT;
  554. $defaultAttributes = ['jpegphoto', 'thumbnailphoto'];
  555. if ($value === self::AVATAR_PREFIX_NONE) {
  556. return [];
  557. }
  558. if (str_starts_with($value, self::AVATAR_PREFIX_DATA_ATTRIBUTE)) {
  559. $attribute = trim(substr($value, strlen(self::AVATAR_PREFIX_DATA_ATTRIBUTE)));
  560. if ($attribute === '') {
  561. return $defaultAttributes;
  562. }
  563. return [strtolower($attribute)];
  564. }
  565. if ($value !== self::AVATAR_PREFIX_DEFAULT) {
  566. \OC::$server->getLogger()->warning('Invalid config value to ldapUserAvatarRule; falling back to default.');
  567. }
  568. return $defaultAttributes;
  569. }
  570. /**
  571. * Returns TRUE if the ldapHost variable starts with 'ldapi://'
  572. */
  573. public function usesLdapi(): bool {
  574. return (substr($this->config['ldapHost'], 0, strlen('ldapi://')) === 'ldapi://');
  575. }
  576. }