1
0

User_Proxy.php 10 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350
  1. <?php
  2. /**
  3. * @copyright Copyright (c) 2016, ownCloud, Inc.
  4. *
  5. * @author Arthur Schiwon <blizzz@arthur-schiwon.de>
  6. * @author Christopher Schäpers <kondou@ts.unde.re>
  7. * @author Joas Schilling <coding@schilljs.com>
  8. * @author Lukas Reschke <lukas@statuscode.ch>
  9. * @author Morris Jobke <hey@morrisjobke.de>
  10. * @author Robin McCorkell <robin@mccorkell.me.uk>
  11. * @author Roger Szabo <roger.szabo@web.de>
  12. * @author root <root@localhost.localdomain>
  13. * @author Thomas Müller <thomas.mueller@tmit.eu>
  14. * @author Vinicius Cubas Brand <vinicius@eita.org.br>
  15. *
  16. * @license AGPL-3.0
  17. *
  18. * This code is free software: you can redistribute it and/or modify
  19. * it under the terms of the GNU Affero General Public License, version 3,
  20. * as published by the Free Software Foundation.
  21. *
  22. * This program is distributed in the hope that it will be useful,
  23. * but WITHOUT ANY WARRANTY; without even the implied warranty of
  24. * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
  25. * GNU Affero General Public License for more details.
  26. *
  27. * You should have received a copy of the GNU Affero General Public License, version 3,
  28. * along with this program. If not, see <http://www.gnu.org/licenses/>
  29. *
  30. */
  31. namespace OCA\User_LDAP;
  32. use OCA\User_LDAP\User\User;
  33. use OCP\IConfig;
  34. use OCP\IUserSession;
  35. use OCP\Notification\IManager as INotificationManager;
  36. class User_Proxy extends Proxy implements \OCP\IUserBackend, \OCP\UserInterface, IUserLDAP {
  37. private $backends = array();
  38. private $refBackend = null;
  39. /**
  40. * Constructor
  41. *
  42. * @param array $serverConfigPrefixes array containing the config Prefixes
  43. * @param ILDAPWrapper $ldap
  44. * @param IConfig $ocConfig
  45. * @param INotificationManager $notificationManager
  46. * @param IUserSession $userSession
  47. */
  48. public function __construct(array $serverConfigPrefixes, ILDAPWrapper $ldap, IConfig $ocConfig,
  49. INotificationManager $notificationManager, IUserSession $userSession,
  50. UserPluginManager $userPluginManager) {
  51. parent::__construct($ldap);
  52. foreach($serverConfigPrefixes as $configPrefix) {
  53. $this->backends[$configPrefix] =
  54. new User_LDAP($this->getAccess($configPrefix), $ocConfig, $notificationManager, $userSession, $userPluginManager);
  55. if(is_null($this->refBackend)) {
  56. $this->refBackend = &$this->backends[$configPrefix];
  57. }
  58. }
  59. }
  60. /**
  61. * Tries the backends one after the other until a positive result is returned from the specified method
  62. * @param string $uid the uid connected to the request
  63. * @param string $method the method of the user backend that shall be called
  64. * @param array $parameters an array of parameters to be passed
  65. * @return mixed the result of the method or false
  66. */
  67. protected function walkBackends($uid, $method, $parameters) {
  68. $cacheKey = $this->getUserCacheKey($uid);
  69. foreach($this->backends as $configPrefix => $backend) {
  70. $instance = $backend;
  71. if(!method_exists($instance, $method)
  72. && method_exists($this->getAccess($configPrefix), $method)) {
  73. $instance = $this->getAccess($configPrefix);
  74. }
  75. if($result = call_user_func_array(array($instance, $method), $parameters)) {
  76. $this->writeToCache($cacheKey, $configPrefix);
  77. return $result;
  78. }
  79. }
  80. return false;
  81. }
  82. /**
  83. * Asks the backend connected to the server that supposely takes care of the uid from the request.
  84. * @param string $uid the uid connected to the request
  85. * @param string $method the method of the user backend that shall be called
  86. * @param array $parameters an array of parameters to be passed
  87. * @param mixed $passOnWhen the result matches this variable
  88. * @return mixed the result of the method or false
  89. */
  90. protected function callOnLastSeenOn($uid, $method, $parameters, $passOnWhen) {
  91. $cacheKey = $this->getUserCacheKey($uid);
  92. $prefix = $this->getFromCache($cacheKey);
  93. //in case the uid has been found in the past, try this stored connection first
  94. if(!is_null($prefix)) {
  95. if(isset($this->backends[$prefix])) {
  96. $instance = $this->backends[$prefix];
  97. if(!method_exists($instance, $method)
  98. && method_exists($this->getAccess($prefix), $method)) {
  99. $instance = $this->getAccess($prefix);
  100. }
  101. $result = call_user_func_array(array($instance, $method), $parameters);
  102. if($result === $passOnWhen) {
  103. //not found here, reset cache to null if user vanished
  104. //because sometimes methods return false with a reason
  105. $userExists = call_user_func_array(
  106. array($this->backends[$prefix], 'userExists'),
  107. array($uid)
  108. );
  109. if(!$userExists) {
  110. $this->writeToCache($cacheKey, null);
  111. }
  112. }
  113. return $result;
  114. }
  115. }
  116. return false;
  117. }
  118. /**
  119. * Check if backend implements actions
  120. * @param int $actions bitwise-or'ed actions
  121. * @return boolean
  122. *
  123. * Returns the supported actions as int to be
  124. * compared with \OC\User\Backend::CREATE_USER etc.
  125. */
  126. public function implementsActions($actions) {
  127. //it's the same across all our user backends obviously
  128. return $this->refBackend->implementsActions($actions);
  129. }
  130. /**
  131. * Backend name to be shown in user management
  132. * @return string the name of the backend to be shown
  133. */
  134. public function getBackendName() {
  135. return $this->refBackend->getBackendName();
  136. }
  137. /**
  138. * Get a list of all users
  139. *
  140. * @param string $search
  141. * @param null|int $limit
  142. * @param null|int $offset
  143. * @return string[] an array of all uids
  144. */
  145. public function getUsers($search = '', $limit = 10, $offset = 0) {
  146. //we do it just as the /OC_User implementation: do not play around with limit and offset but ask all backends
  147. $users = array();
  148. foreach($this->backends as $backend) {
  149. $backendUsers = $backend->getUsers($search, $limit, $offset);
  150. if (is_array($backendUsers)) {
  151. $users = array_merge($users, $backendUsers);
  152. }
  153. }
  154. return $users;
  155. }
  156. /**
  157. * check if a user exists
  158. * @param string $uid the username
  159. * @return boolean
  160. */
  161. public function userExists($uid) {
  162. return $this->handleRequest($uid, 'userExists', array($uid));
  163. }
  164. /**
  165. * check if a user exists on LDAP
  166. * @param string|\OCA\User_LDAP\User\User $user either the Nextcloud user
  167. * name or an instance of that user
  168. * @return boolean
  169. */
  170. public function userExistsOnLDAP($user) {
  171. $id = ($user instanceof User) ? $user->getUsername() : $user;
  172. return $this->handleRequest($id, 'userExistsOnLDAP', array($user));
  173. }
  174. /**
  175. * Check if the password is correct
  176. * @param string $uid The username
  177. * @param string $password The password
  178. * @return bool
  179. *
  180. * Check if the password is correct without logging in the user
  181. */
  182. public function checkPassword($uid, $password) {
  183. return $this->handleRequest($uid, 'checkPassword', array($uid, $password));
  184. }
  185. /**
  186. * returns the username for the given login name, if available
  187. *
  188. * @param string $loginName
  189. * @return string|false
  190. */
  191. public function loginName2UserName($loginName) {
  192. $id = 'LOGINNAME,' . $loginName;
  193. return $this->handleRequest($id, 'loginName2UserName', array($loginName));
  194. }
  195. /**
  196. * returns the username for the given LDAP DN, if available
  197. *
  198. * @param string $dn
  199. * @return string|false with the username
  200. */
  201. public function dn2UserName($dn) {
  202. $id = 'DN,' . $dn;
  203. return $this->handleRequest($id, 'dn2UserName', array($dn));
  204. }
  205. /**
  206. * get the user's home directory
  207. * @param string $uid the username
  208. * @return boolean
  209. */
  210. public function getHome($uid) {
  211. return $this->handleRequest($uid, 'getHome', array($uid));
  212. }
  213. /**
  214. * get display name of the user
  215. * @param string $uid user ID of the user
  216. * @return string display name
  217. */
  218. public function getDisplayName($uid) {
  219. return $this->handleRequest($uid, 'getDisplayName', array($uid));
  220. }
  221. /**
  222. * set display name of the user
  223. *
  224. * @param string $uid user ID of the user
  225. * @param string $displayName new display name
  226. * @return string display name
  227. */
  228. public function setDisplayName($uid, $displayName) {
  229. return $this->handleRequest($uid, 'setDisplayName', array($uid, $displayName));
  230. }
  231. /**
  232. * checks whether the user is allowed to change his avatar in Nextcloud
  233. * @param string $uid the Nextcloud user name
  234. * @return boolean either the user can or cannot
  235. */
  236. public function canChangeAvatar($uid) {
  237. return $this->handleRequest($uid, 'canChangeAvatar', array($uid));
  238. }
  239. /**
  240. * Get a list of all display names and user ids.
  241. * @param string $search
  242. * @param string|null $limit
  243. * @param string|null $offset
  244. * @return array an array of all displayNames (value) and the corresponding uids (key)
  245. */
  246. public function getDisplayNames($search = '', $limit = null, $offset = null) {
  247. //we do it just as the /OC_User implementation: do not play around with limit and offset but ask all backends
  248. $users = array();
  249. foreach($this->backends as $backend) {
  250. $backendUsers = $backend->getDisplayNames($search, $limit, $offset);
  251. if (is_array($backendUsers)) {
  252. $users = $users + $backendUsers;
  253. }
  254. }
  255. return $users;
  256. }
  257. /**
  258. * delete a user
  259. * @param string $uid The username of the user to delete
  260. * @return bool
  261. *
  262. * Deletes a user
  263. */
  264. public function deleteUser($uid) {
  265. return $this->handleRequest($uid, 'deleteUser', array($uid));
  266. }
  267. /**
  268. * Set password
  269. * @param string $uid The username
  270. * @param string $password The new password
  271. * @return bool
  272. *
  273. */
  274. public function setPassword($uid, $password) {
  275. return $this->handleRequest($uid, 'setPassword', array($uid, $password));
  276. }
  277. /**
  278. * @return bool
  279. */
  280. public function hasUserListings() {
  281. return $this->refBackend->hasUserListings();
  282. }
  283. /**
  284. * Count the number of users
  285. * @return int|bool
  286. */
  287. public function countUsers() {
  288. $users = false;
  289. foreach($this->backends as $backend) {
  290. $backendUsers = $backend->countUsers();
  291. if ($backendUsers !== false) {
  292. $users += $backendUsers;
  293. }
  294. }
  295. return $users;
  296. }
  297. /**
  298. * Return access for LDAP interaction.
  299. * @param string $uid
  300. * @return Access instance of Access for LDAP interaction
  301. */
  302. public function getLDAPAccess($uid) {
  303. return $this->handleRequest($uid, 'getLDAPAccess', array($uid));
  304. }
  305. /**
  306. * Return a new LDAP connection for the specified user.
  307. * The connection needs to be closed manually.
  308. * @param string $uid
  309. * @return resource of the LDAP connection
  310. */
  311. public function getNewLDAPConnection($uid) {
  312. return $this->handleRequest($uid, 'getNewLDAPConnection', array($uid));
  313. }
  314. /**
  315. * Creates a new user in LDAP
  316. * @param $username
  317. * @param $password
  318. * @return bool
  319. */
  320. public function createUser($username, $password) {
  321. return $this->handleRequest($username, 'createUser', array($username,$password));
  322. }
  323. }