From 18e1a10e96a341e3333d0d8453dd270e62192b4d Mon Sep 17 00:00:00 2001
From: Arthur Schiwon <blizzz@owncloud.com>
Date: Thu, 6 Feb 2014 22:18:38 +0100
Subject: [PATCH] LDAP: also try MS AD's thumbnailPhoto when looking for an
 avatar image

---
 apps/user_ldap/user_ldap.php | 30 ++++++++++++++++++++++++------
 1 file changed, 24 insertions(+), 6 deletions(-)

diff --git a/apps/user_ldap/user_ldap.php b/apps/user_ldap/user_ldap.php
index a19af86086..8b6521010f 100644
--- a/apps/user_ldap/user_ldap.php
+++ b/apps/user_ldap/user_ldap.php
@@ -85,15 +85,14 @@ class USER_LDAP extends BackendUtility implements \OCP\UserInterface {
 			return;
 		}
 
-		$jpegPhoto = $this->access->readAttribute($dn, 'jpegPhoto');
-		\OCP\Config::setUserValue($uid, 'user_ldap', 'lastJpegPhotoLookup', time());
-		if(!$jpegPhoto || !is_array($jpegPhoto) || !isset($jpegPhoto[0])) {
+		$avatarImage = $this->getAvatarImage($uid, $dn);
+		if($avatarImage === false) {
 			//not set, nothing left to do;
 			return;
 		}
 
 		$image = new \OCP\Image();
-		$image->loadFromBase64(base64_encode($jpegPhoto[0]));
+		$image->loadFromBase64(base64_encode($avatarImage));
 
 		if(!$image->valid()) {
 			\OCP\Util::writeLog('user_ldap', 'jpegPhoto data invalid for '.$dn,
@@ -128,8 +127,7 @@ class USER_LDAP extends BackendUtility implements \OCP\UserInterface {
 		if(!$dn) {
 			return false;
 		}
-		$jpegPhoto = $this->access->readAttribute($dn, 'jpegPhoto');
-		if(!$jpegPhoto || !is_array($jpegPhoto) || !isset($jpegPhoto[0])) {
+		if($this->getAvatarImage($uid, $dn) === false) {
 			//The user is allowed to change his avatar in ownCloud only if no
 			//avatar is provided by LDAP
 			return true;
@@ -137,6 +135,26 @@ class USER_LDAP extends BackendUtility implements \OCP\UserInterface {
 		return false;
 	}
 
+	/**
+	 * @brief reads the image from LDAP that shall be used as Avatar
+	 * @param $uid string, the ownCloud user name
+	 * @param $dn string, the user DN
+	 * @return image data (provided by LDAP) | false
+	 */
+	private function getAvatarImage($uid, $dn) {
+		$attributes = array('jpegPhoto', 'thumbnailPhoto');
+		foreach($attributes as $attribute) {
+			$result = $this->access->readAttribute($dn, $attribute);
+			\OCP\Config::setUserValue($uid, 'user_ldap', 'lastJpegPhotoLookup',
+									  time());
+			if($result !== false && is_array($result) && isset($result[0])) {
+				return $result[0];
+			}
+		}
+
+		return false;
+	}
+
 	/**
 	 * @brief Check if the password is correct
 	 * @param $uid The username
-- 
GitLab