[Pkg-owncloud-commits] [owncloud] 73/86: look for DN changes before marking a user as deleted
David Prévot
taffit at moszumanska.debian.org
Tue Dec 22 16:52:03 UTC 2015
This is an automated email from the git hooks/post-receive script.
taffit pushed a commit to annotated tag v8.1.5
in repository owncloud.
commit 65cb4b4eee5187f7167e1f7fd37b2c49115cb597
Author: Arthur Schiwon <blizzz at owncloud.com>
Date: Fri Dec 11 01:56:53 2015 +0100
look for DN changes before marking a user as deleted
---
apps/user_ldap/lib/access.php | 52 ++++++++++++++++++++++++++
apps/user_ldap/lib/mapping/abstractmapping.php | 12 +++++-
apps/user_ldap/user_ldap.php | 15 +++++++-
3 files changed, 76 insertions(+), 3 deletions(-)
diff --git a/apps/user_ldap/lib/access.php b/apps/user_ldap/lib/access.php
index 99bab61..0ac80cd 100644
--- a/apps/user_ldap/lib/access.php
+++ b/apps/user_ldap/lib/access.php
@@ -1253,6 +1253,58 @@ class Access extends LDAPUtility implements user\IUserTools {
}
/**
+ * reverse lookup of a DN given a known UUID
+ *
+ * @param string $uuid
+ * @return string
+ * @throws \Exception
+ */
+ public function getUserDnByUuid($uuid) {
+ $uuidOverride = $this->connection->ldapExpertUUIDUserAttr;
+ $filter = $this->connection->ldapUserFilter;
+ $base = $this->connection->ldapBaseUsers;
+
+ if($this->connection->ldapUuidUserAttribute === 'auto' && empty($uuidOverride)) {
+ // Sacrebleu! The UUID attribute is unknown :( We need first an
+ // existing DN to be able to reliably detect it.
+ $result = $this->search($filter, $base, ['dn'], 1);
+ if(!isset($result[0]) || !isset($result[0]['dn'])) {
+ throw new \Exception('Cannot determine UUID attribute');
+ }
+ $dn = $result[0]['dn'][0];
+ if(!$this->detectUuidAttribute($dn, true)) {
+ throw new \Exception('Cannot determine UUID attribute');
+ }
+ } else {
+ // The UUID attribute is either known or an override is given.
+ // By calling this method we ensure that $this->connection->$uuidAttr
+ // is definitely set
+ if(!$this->detectUuidAttribute('', true)) {
+ throw new \Exception('Cannot determine UUID attribute');
+ }
+ }
+
+ $uuidAttr = $this->connection->ldapUuidUserAttribute;
+ if($uuidAttr === 'guid' || $uuidAttr === 'objectguid') {
+ $dn = '<GUID={' . $uuid . '}>';
+ $result = $this->readAttribute($dn, 'dn');
+ if(is_array($result) && isset($result[0])) {
+ return $result[0];
+ }
+ } else {
+ $filter = $uuidAttr . '=' . $uuid;
+ $result = $this->searchUsers($filter, ['dn'], 2);
+ if(is_array($result) && isset($result[0]) && isset($result[0]['dn']) && count($result) === 1) {
+ // we put the count into account to make sure that this is
+ // really unique
+ return $result[0]['dn'][0];
+ }
+ }
+
+ throw new \Exception('Cannot determine UUID attribute');
+ }
+
+ /**
* auto-detects the directory's UUID attribute
* @param string $dn a known DN used to check against
* @param bool $isUser
diff --git a/apps/user_ldap/lib/mapping/abstractmapping.php b/apps/user_ldap/lib/mapping/abstractmapping.php
index f0f0f6d..c3d38ce 100644
--- a/apps/user_ldap/lib/mapping/abstractmapping.php
+++ b/apps/user_ldap/lib/mapping/abstractmapping.php
@@ -158,7 +158,7 @@ abstract class AbstractMapping {
}
/**
- * Gets the name based on the provided LDAP DN.
+ * Gets the name based on the provided LDAP UUID.
* @param string $uuid
* @return string|false
*/
@@ -167,6 +167,16 @@ abstract class AbstractMapping {
}
/**
+ * Gets the UUID based on the provided LDAP DN
+ * @param string $dn
+ * @return false|string
+ * @throws \Exception
+ */
+ public function getUUIDByDN($dn) {
+ return $this->getXbyY('directory_uuid', 'ldap_dn', $dn);
+ }
+
+ /**
* gets a piece of the mapping list
* @param int $offset
* @param int $limit
diff --git a/apps/user_ldap/user_ldap.php b/apps/user_ldap/user_ldap.php
index 6d4f611..096d368 100644
--- a/apps/user_ldap/user_ldap.php
+++ b/apps/user_ldap/user_ldap.php
@@ -195,7 +195,18 @@ class USER_LDAP extends BackendUtility implements \OCP\IUserBackend, \OCP\UserIn
if(is_null($lcr)) {
throw new \Exception('No LDAP Connection to server ' . $this->access->connection->ldapHost);
}
- return false;
+
+ try {
+ $uuid = $this->access->getUserMapper()->getUUIDByDN($dn);
+ if(!$uuid) {
+ return false;
+ }
+ $newDn = $this->access->getUserDnByUuid($uuid);
+ $this->access->getUserMapper()->setDNbyUUID($newDn, $uuid);
+ return true;
+ } catch (\Exception $e) {
+ return false;
+ }
}
if($user instanceof OfflineUser) {
@@ -288,7 +299,7 @@ class USER_LDAP extends BackendUtility implements \OCP\IUserBackend, \OCP\UserIn
}
$user = $this->access->userManager->get($uid);
- if(is_null($user) || ($user instanceof OfflineUser && !$this->userExistsOnLDAP($user->getUID()))) {
+ if(is_null($user) || ($user instanceof OfflineUser && !$this->userExistsOnLDAP($user->getOCName()))) {
throw new NoUserException($uid . ' is not a valid user anymore');
}
if($user instanceof OfflineUser) {
--
Alioth's /usr/local/bin/git-commit-notice on /srv/git.debian.org/git/pkg-owncloud/owncloud.git
More information about the Pkg-owncloud-commits
mailing list