diff --git a/apps/files/css/files.css b/apps/files/css/files.css
index 1508f8ac493a1ca9f2c3e71660ba02332dc0bc46..138b15db04fff6c8fb950738e1a62209155b38cb 100644
--- a/apps/files/css/files.css
+++ b/apps/files/css/files.css
@@ -7,14 +7,34 @@
.actions input, .actions button, .actions .button { margin:0; float:left; }
.actions .button a { color: #555; }
.actions .button a:hover, .actions .button a:active { color: #333; }
-#new {
- height:17px; margin:0 0 0 1em; z-index:1010; float:left;
+#new, #trash {
+ z-index: 1010;
+ float: left;
+ padding: 0 !important; /* override default control bar button padding */
+}
+#trash {
+ margin: 0 1em;
+ float: right;
+}
+#new>a, #trash>a {
+ padding: 14px 10px;
+ position: relative;
+ top: 7px;
+}
+#new.active {
+ border-bottom-left-radius: 0;
+ border-bottom-right-radius: 0;
+ border-bottom: none;
}
-#new.active { border-bottom-left-radius:0; border-bottom-right-radius:0; border-bottom:none; }
-#new>a { padding:.5em 1.2em .3em; }
#new>ul {
- display:none; position:fixed; min-width:7em; z-index:10;
- padding:.5em; padding-bottom:0; margin-top:.075em; margin-left:-.5em;
+ display: none;
+ position: fixed;
+ min-width: 7em;
+ z-index: 10;
+ padding: .5em;
+ padding-bottom: 0;
+ margin-top: 14px;
+ margin-left: -1px;
text-align:left;
background: #f8f8f8;
border: 1px solid #ddd;
@@ -25,53 +45,16 @@
#new>ul>li { height:36px; margin:.3em; padding-left:3em; padding-bottom:0.1em;
background-repeat:no-repeat; cursor:pointer; }
#new>ul>li>p { cursor:pointer; padding-top: 7px; padding-bottom: 7px;}
-#new>ul>li>form>input {
- padding: 5px;
- margin: 2px 0;
-}
-#trash { margin: 0 1em; z-index:1010; float: right; }
-
-#upload {
- height:27px; padding:0; margin-left:0.2em; overflow:hidden;
-}
-#upload a {
- position:relative; display:block; width:100%; height:27px;
- cursor:pointer; z-index:10;
- background-image:url('%webroot%/core/img/actions/upload.svg');
- background-repeat:no-repeat;
- background-position:7px 6px;
- opacity:0.65;
-}
-.file_upload_target { display:none; }
-.file_upload_form { display:inline; float:left; margin:0; padding:0; cursor:pointer; overflow:visible; }
-#file_upload_start {
- left:0; top:0; width:28px; height:27px; padding:0;
- font-size:1em;
- -ms-filter:"progid:DXImageTransform.Microsoft.Alpha(Opacity=0)"; filter:alpha(opacity=0); opacity:0;
- z-index:20; position:relative; cursor:pointer; overflow:hidden;
-}
-
-#uploadprogresswrapper {
- position: relative;
- display: inline;
-}
-#uploadprogressbar {
- position:relative;
- float: left;
- margin-left: 12px;
- width: 130px;
- height: 26px;
- display:inline-block;
-}
-#uploadprogressbar + stop {
- font-size: 13px;
-}
/* FILE TABLE */
-#filestable { position: relative; top:37px; width:100%; }
+#filestable {
+ position: relative;
+ top: 44px;
+ width: 100%;
+}
#filestable tbody tr { background-color:#fff; height:2.5em; }
#filestable tbody tr:hover, tbody tr:active {
background-color: rgb(240,240,240);
@@ -125,9 +108,18 @@ table th#headerDate, table td.date {
/* Multiselect bar */
#filestable.multiselect {
- top: 88px;
+ top: 95px;
+}
+table.multiselect thead {
+ position: fixed;
+ top: 89px;
+ z-index: 1;
+ -moz-box-sizing: border-box;
+ box-sizing: border-box;
+ left: 0;
+ padding-left: 80px;
+ width: 100%;
}
-table.multiselect thead { position:fixed; top:82px; z-index:1; -moz-box-sizing: border-box; box-sizing: border-box; left: 0; padding-left: 80px; width:100%; }
table.multiselect thead th {
background-color: rgba(210,210,210,.7);
@@ -328,8 +320,6 @@ a.action>img { max-height:16px; max-width:16px; vertical-align:text-bottom; }
#scanning-message{ top:40%; left:40%; position:absolute; display:none; }
-div.crumb a{ padding:0.9em 0 0.7em 0; color:#555; }
-
table.dragshadow {
width:auto;
}
diff --git a/apps/files/css/upload.css b/apps/files/css/upload.css
index 2d11e41ba88e3b09520d421d4decf28a95a6c339..ef0435690945e0f9878f085f8024d6ac7c30c981 100644
--- a/apps/files/css/upload.css
+++ b/apps/files/css/upload.css
@@ -1,38 +1,63 @@
-
#upload {
- height:27px; padding:0; margin-left:0.2em; overflow:hidden;
+ -moz-box-sizing: border-box;
+ -webkit-box-sizing: border-box;
+ box-sizing: border-box;
+ height: 36px;
+ width: 39px;
+ padding: 0 !important; /* override default control bar button padding */
+ margin-left: .2em;
+ overflow: hidden;
vertical-align: top;
}
#upload a {
- position:relative; display:block; width:100%; height:27px;
- cursor:pointer; z-index:10;
- background-image:url('%webroot%/core/img/actions/upload.svg');
- background-repeat:no-repeat;
- background-position:7px 6px;
- opacity:0.65;
+ position: relative;
+ display: block;
+ width: 100%;
+ height: 44px;
+ width: 44px;
+ margin: -5px -3px;
+ cursor: pointer;
+ z-index: 10;
+ background-image: url('%webroot%/core/img/actions/upload.svg');
+ background-repeat: no-repeat;
+ background-position: center;
+ opacity: .65;
}
.file_upload_target { display:none; }
.file_upload_form { display:inline; float:left; margin:0; padding:0; cursor:pointer; overflow:visible; }
#file_upload_start {
- float: left;
- left:0; top:0; width:28px; height:27px; padding:0;
- font-size:1em;
+ position: relative;
+ left: 0;
+ top: 0;
+ width: 44px;
+ height: 44px;
+ margin: -5px -3px;
+ padding: 0;
+ font-size: 1em;
-ms-filter:"progid:DXImageTransform.Microsoft.Alpha(Opacity=0)"; filter:alpha(opacity=0); opacity:0;
- z-index:20; position:relative; cursor:pointer; overflow:hidden;
+ z-index: 20;
+ cursor: pointer;
+ overflow: hidden;
}
#uploadprogresswrapper {
+ -moz-box-sizing: border-box;
+ -webkit-box-sizing: border-box;
+ box-sizing: border-box;
display: inline-block;
vertical-align: top;
- margin:0.3em;
- height: 29px;
+ height: 36px;
+ box-sizing: border-box;
+}
+#uploadprogresswrapper > input[type='button'] {
+ height: 36px;
}
#uploadprogressbar {
position:relative;
float: left;
margin-left: 12px;
width: 130px;
- height: 26px;
+ height: 36px;
display:inline-block;
}
#uploadprogressbar + stop {
diff --git a/apps/files/index.php b/apps/files/index.php
index 62e1438fc63b76546829114bfbefb91acd97878b..8d877be8ac981a9a2f0ffb6e4861dcf8ed6653d7 100644
--- a/apps/files/index.php
+++ b/apps/files/index.php
@@ -104,8 +104,12 @@ if ($needUpgrade) {
$storageInfo=OC_Helper::getStorageInfo($dir);
$maxUploadFilesize=OCP\Util::maxUploadFilesize($dir);
$publicUploadEnabled = \OC_Appconfig::getValue('core', 'shareapi_allow_public_upload', 'yes');
+ // if the encryption app is disabled, than everything is fine (INIT_SUCCESSFUL status code)
+ $encryptionInitStatus = 2;
if (OC_App::isEnabled('files_encryption')) {
$publicUploadEnabled = 'no';
+ $session = new \OCA\Encryption\Session(new \OC\Files\View('/'));
+ $encryptionInitStatus = $session->getInitialized();
}
$trashEnabled = \OCP\App::isEnabled('files_trashbin');
@@ -134,6 +138,7 @@ if ($needUpgrade) {
$tmpl->assign('publicUploadEnabled', $publicUploadEnabled);
$tmpl->assign("encryptedFiles", \OCP\Util::encryptedFiles());
$tmpl->assign("mailNotificationEnabled", \OC_Appconfig::getValue('core', 'shareapi_allow_mail_notification', 'yes'));
+ $tmpl->assign("encryptionInitStatus", $encryptionInitStatus);
$tmpl->assign('disableSharing', false);
$tmpl->assign('ajaxLoad', $ajaxLoad);
diff --git a/apps/files/js/files.js b/apps/files/js/files.js
index ec688eaf63efff3ea5d0dc70db8e85e08a45f2ac..899bc6469e503a74bf8b99a2bc7381ca5e169878 100644
--- a/apps/files/js/files.js
+++ b/apps/files/js/files.js
@@ -63,6 +63,15 @@ Files={
}
var encryptedFiles = $('#encryptedFiles').val();
+ var initStatus = $('#encryptionInitStatus').val();
+ if (initStatus === '0') { // enc not initialized, but should be
+ OC.Notification.show(t('files_encryption', 'Encryption App is enabled but your keys are not initialized, please log-out and log-in again'));
+ return;
+ }
+ if (initStatus === '1') { // encryption tried to init but failed
+ OC.Notification.showHtml(t('files_encryption', 'Invalid private key for Encryption App. Please update your private key password in your personal settings to recover access to your encrypted files.'));
+ return;
+ }
if (encryptedFiles === '1') {
OC.Notification.show(t('files_encryption', 'Encryption was disabled but your files are still encrypted. Please go to your personal settings to decrypt your files.'));
return;
diff --git a/apps/files/templates/index.php b/apps/files/templates/index.php
index e578a1f563cb1f2165ddd085a44cdc214f4e85f5..7067b854f50a619dc8fb73f185658088d237228f 100644
--- a/apps/files/templates/index.php
+++ b/apps/files/templates/index.php
@@ -116,4 +116,5 @@
<input type="hidden" name="allowZipDownload" id="allowZipDownload" value="<?php p($_['allowZipDownload']); ?>" />
<input type="hidden" name="usedSpacePercent" id="usedSpacePercent" value="<?php p($_['usedSpacePercent']); ?>" />
<input type="hidden" name="encryptedFiles" id="encryptedFiles" value="<?php $_['encryptedFiles'] ? p('1') : p('0'); ?>" />
+<input type="hidden" name="encryptedInitStatus" id="encryptionInitStatus" value="<?php p($_['encryptionInitStatus']) ?>" />
<input type="hidden" name="mailNotificationEnabled" id="mailNotificationEnabled" value="<?php p($_['mailNotificationEnabled']) ?>" />
diff --git a/apps/files_encryption/ajax/updatePrivateKeyPassword.php b/apps/files_encryption/ajax/updatePrivateKeyPassword.php
index 1e6644da576f56bd8d8daae01506f2032942658a..29c72952ae9de4457cc5d63340c4caef9658615f 100644
--- a/apps/files_encryption/ajax/updatePrivateKeyPassword.php
+++ b/apps/files_encryption/ajax/updatePrivateKeyPassword.php
@@ -48,6 +48,7 @@ if ($decryptedKey) {
// success or failure
if ($return) {
+ $session->setInitialized(\OCA\Encryption\Session::INIT_SUCCESSFUL);
\OCP\JSON::success(array('data' => array('message' => $l->t('Private key password successfully updated.'))));
} else {
\OCP\JSON::error(array('data' => array('message' => $l->t('Could not update the private key password. Maybe the old password was not correct.'))));
diff --git a/apps/files_encryption/appinfo/app.php b/apps/files_encryption/appinfo/app.php
index 5b62b84e22366a2ed5233d6fa1bcf72b4bb2e7a7..c930ac9eca8be5cb9b88e3651a8771428613bf4c 100644
--- a/apps/files_encryption/appinfo/app.php
+++ b/apps/files_encryption/appinfo/app.php
@@ -43,23 +43,6 @@ if (!OC_Config::getValue('maintenance', false)) {
if($sessionReady) {
$session = new \OCA\Encryption\Session($view);
}
-
- $user = \OCP\USER::getUser();
- // check if user has a private key
- if ($sessionReady === false
- || (!$view->file_exists('/' . $user . '/files_encryption/' . $user . '.private.key')
- && OCA\Encryption\Crypt::mode() === 'server')
- ) {
-
- // Force the user to log-in again if the encryption key isn't unlocked
- // (happens when a user is logged in before the encryption app is
- // enabled)
- OCP\User::logout();
-
- header("Location: " . OC::$WEBROOT . '/');
-
- exit();
- }
}
} else {
// logout user if we are in maintenance to force re-login
diff --git a/apps/files_encryption/appinfo/version b/apps/files_encryption/appinfo/version
index bd73f47072b1fe4b9914ec14a7f6d47fcc8f816a..2eb3c4fe4eebcdea3da0790cc0ba74cb286ec4f4 100644
--- a/apps/files_encryption/appinfo/version
+++ b/apps/files_encryption/appinfo/version
@@ -1 +1 @@
-0.4
+0.5
diff --git a/apps/files_encryption/files/error.php b/apps/files_encryption/files/error.php
index 2dd27257abe45381c9cf357ffa51e23da9f1df91..ac0c0269164fd9ecc6437c617e143d3e16d56e2d 100644
--- a/apps/files_encryption/files/error.php
+++ b/apps/files_encryption/files/error.php
@@ -1,23 +1,33 @@
<?php
+
if (!isset($_)) { //also provide standalone error page
require_once __DIR__ . '/../../../lib/base.php';
$l = OC_L10N::get('files_encryption');
- $errorMsg = $l->t('Your private key is not valid! Likely your password was changed outside the ownCloud system (e.g. your corporate directory). You can update your private key password in your personal settings to recover access to your encrypted files.');
+ if (isset($_GET['i']) && $_GET['i'] === '0') {
+ $errorMsg = $l->t('Encryption app not initialized! Maybe the encryption app was re-enabled during your session. Please try to log out and log back in to initialize the encryption app.');
+ $init = '0';
+ } else {
+ $errorMsg = $l->t('Your private key is not valid! Likely your password was changed outside the ownCloud system (e.g. your corporate directory). You can update your private key password in your personal settings to recover access to your encrypted files.');
+ $init = '1';
+ }
- if(isset($_GET['p']) && $_GET['p'] === '1') {
+ if (isset($_GET['p']) && $_GET['p'] === '1') {
header('HTTP/1.0 404 ' . $errorMsg);
}
- // check if ajax request
- if(!empty($_SERVER['HTTP_X_REQUESTED_WITH']) && strtolower($_SERVER['HTTP_X_REQUESTED_WITH']) == 'xmlhttprequest') {
+// check if ajax request
+ if (!empty($_SERVER['HTTP_X_REQUESTED_WITH']) && strtolower($_SERVER['HTTP_X_REQUESTED_WITH']) == 'xmlhttprequest') {
\OCP\JSON::error(array('data' => array('message' => $errorMsg)));
} else {
header('HTTP/1.0 404 ' . $errorMsg);
$tmpl = new OC_Template('files_encryption', 'invalid_private_key', 'guest');
+ $tmpl->assign('message', $errorMsg);
+ $tmpl->assign('init', $init);
$tmpl->printPage();
}
exit;
}
+
diff --git a/apps/files_encryption/hooks/hooks.php b/apps/files_encryption/hooks/hooks.php
index d9221c6e828a2539ed61ffe184f7e589ca978444..2df860a8e5772d49526e3bf8ac32f13d0c1b3ee3 100644
--- a/apps/files_encryption/hooks/hooks.php
+++ b/apps/files_encryption/hooks/hooks.php
@@ -159,7 +159,6 @@ class Hooks {
* @param array $params keys: uid, password
*/
public static function setPassphrase($params) {
-
// Only attempt to change passphrase if server-side encryption
// is in use (client-side encryption does not have access to
// the necessary keys)
@@ -543,14 +542,18 @@ class Hooks {
}
/**
- * set migration status back to '0' so that all new files get encrypted
+ * set migration status and the init status back to '0' so that all new files get encrypted
* if the app gets enabled again
* @param array $params contains the app ID
*/
public static function preDisable($params) {
if ($params['app'] === 'files_encryption') {
- $query = \OC_DB::prepare('UPDATE `*PREFIX*encryption` SET `migration_status`=0');
- $query->execute();
+
+ $setMigrationStatus = \OC_DB::prepare('UPDATE `*PREFIX*encryption` SET `migration_status`=0');
+ $setMigrationStatus->execute();
+
+ $session = new \OCA\Encryption\Session(new \OC\Files\View('/'));
+ $session->setInitialized(\OCA\Encryption\Session::NOT_INITIALIZED);
}
}
diff --git a/apps/files_encryption/js/settings-admin.js b/apps/files_encryption/js/settings-admin.js
index 6647c621e7b90f3f12c94ed779de577023fd0904..c2140a6f1eb152692e8da411e21099660d5e329c 100644
--- a/apps/files_encryption/js/settings-admin.js
+++ b/apps/files_encryption/js/settings-admin.js
@@ -1,6 +1,8 @@
/**
- * Copyright (c) 2013, Sam Tuke <samtuke@owncloud.com>, Robin Appelman
- * <icewind1991@gmail.com>
+ * Copyright (c) 2013
+ * Sam Tuke <samtuke@owncloud.com>
+ * Robin Appelman <icewind1991@gmail.com>
+ * Bjoern Schiessle <schiessle@owncloud.com>
* This file is licensed under the Affero General Public License version 3 or later.
* See the COPYING-README file.
*/
@@ -31,22 +33,23 @@ $(document).ready(function(){
// Trigger ajax on recoveryAdmin status change
var enabledStatus = $('#adminEnableRecovery').val();
- $('input:password[name="recoveryPassword"]').keyup(function(event) {
- var recoveryPassword = $( '#recoveryPassword' ).val();
+ $('input:password[name="encryptionRecoveryPassword"]').keyup(function(event) {
+ var recoveryPassword = $( '#encryptionRecoveryPassword' ).val();
+ var recoveryPasswordRepeated = $( '#repeatEncryptionRecoveryPassword' ).val();
var checkedButton = $('input:radio[name="adminEnableRecovery"]:checked').val();
var uncheckedValue = (1+parseInt(checkedButton)) % 2;
- if (recoveryPassword != '' ) {
+ if (recoveryPassword !== '' && recoveryPassword === recoveryPasswordRepeated) {
$('input:radio[name="adminEnableRecovery"][value="'+uncheckedValue.toString()+'"]').removeAttr("disabled");
} else {
$('input:radio[name="adminEnableRecovery"][value="'+uncheckedValue.toString()+'"]').attr("disabled", "true");
}
});
- $( 'input:radio[name="adminEnableRecovery"]' ).change(
+ $( 'input:radio[name="adminEnableRecovery"]' ).change(
function() {
var recoveryStatus = $( this ).val();
var oldStatus = (1+parseInt(recoveryStatus)) % 2;
- var recoveryPassword = $( '#recoveryPassword' ).val();
+ var recoveryPassword = $( '#encryptionRecoveryPassword' ).val();
$.post(
OC.filePath( 'files_encryption', 'ajax', 'adminrecovery.php' )
, { adminEnableRecovery: recoveryStatus, recoveryPassword: recoveryPassword }
@@ -57,11 +60,10 @@ $(document).ready(function(){
} else {
OC.Notification.hide();
if (recoveryStatus === "0") {
- $('button:button[name="submitChangeRecoveryKey"]').attr("disabled", "true");
- $('input:password[name="changeRecoveryPassword"]').attr("disabled", "true");
- $('input:password[name="changeRecoveryPassword"]').val("");
+ $('p[name="changeRecoveryPasswordBlock"]').addClass("hidden");
} else {
- $('input:password[name="changeRecoveryPassword"]').removeAttr("disabled");
+ $('input:password[name="changeRecoveryPassword"]').val("");
+ $('p[name="changeRecoveryPasswordBlock"]').removeClass("hidden");
}
}
}
@@ -72,9 +74,11 @@ $(document).ready(function(){
// change recovery password
$('input:password[name="changeRecoveryPassword"]').keyup(function(event) {
- var oldRecoveryPassword = $('input:password[id="oldRecoveryPassword"]').val();
- var newRecoveryPassword = $('input:password[id="newRecoveryPassword"]').val();
- if (newRecoveryPassword != '' && oldRecoveryPassword != '' ) {
+ var oldRecoveryPassword = $('#oldEncryptionRecoveryPassword').val();
+ var newRecoveryPassword = $('#newEncryptionRecoveryPassword').val();
+ var newRecoveryPasswordRepeated = $('#repeatedNewEncryptionRecoveryPassword').val();
+
+ if (newRecoveryPassword !== '' && oldRecoveryPassword !== '' && newRecoveryPassword === newRecoveryPasswordRepeated) {
$('button:button[name="submitChangeRecoveryKey"]').removeAttr("disabled");
} else {
$('button:button[name="submitChangeRecoveryKey"]').attr("disabled", "true");
@@ -83,8 +87,8 @@ $(document).ready(function(){
$('button:button[name="submitChangeRecoveryKey"]').click(function() {
- var oldRecoveryPassword = $('input:password[id="oldRecoveryPassword"]').val();
- var newRecoveryPassword = $('input:password[id="newRecoveryPassword"]').val();
+ var oldRecoveryPassword = $('#oldEncryptionRecoveryPassword').val();
+ var newRecoveryPassword = $('#newEncryptionRecoveryPassword').val();
OC.msg.startSaving('#encryption .msg');
$.post(
OC.filePath( 'files_encryption', 'ajax', 'changeRecoveryPassword.php' )
@@ -98,5 +102,5 @@ $(document).ready(function(){
}
);
});
-
+
});
diff --git a/apps/files_encryption/lib/helper.php b/apps/files_encryption/lib/helper.php
index 445d7ff8ca796ed911833df22685935578d2b316..ebfc00157f71820982baa7806b26cd49ee687486 100755
--- a/apps/files_encryption/lib/helper.php
+++ b/apps/files_encryption/lib/helper.php
@@ -199,12 +199,12 @@ class Helper {
public static function stripUserFilesPath($path) {
$trimmed = ltrim($path, '/');
$split = explode('/', $trimmed);
-
+
// it is not a file relative to data/user/files
if (count($split) < 3 || $split[1] !== 'files') {
return false;
}
-
+
$sliced = array_slice($split, 2);
$relPath = implode('/', $sliced);
@@ -219,30 +219,33 @@ class Helper {
public static function getPathToRealFile($path) {
$trimmed = ltrim($path, '/');
$split = explode('/', $trimmed);
-
+
if (count($split) < 3 || $split[1] !== "files_versions") {
return false;
}
-
+
$sliced = array_slice($split, 2);
$realPath = implode('/', $sliced);
//remove the last .v
$realPath = substr($realPath, 0, strrpos($realPath, '.v'));
return $realPath;
- }
-
+ }
+
/**
* @brief redirect to a error page
*/
- public static function redirectToErrorPage() {
+ public static function redirectToErrorPage($session) {
+
+ $init = $session->getInitialized();
+
$location = \OC_Helper::linkToAbsolute('apps/files_encryption/files', 'error.php');
$post = 0;
if(count($_POST) > 0) {
$post = 1;
- }
- header('Location: ' . $location . '?p=' . $post);
- exit();
+ }
+ header('Location: ' . $location . '?p=' . $post . '&i=' . $init);
+ exit();
}
/**
@@ -259,7 +262,7 @@ class Helper {
return (bool) $result;
}
-
+
/**
* check some common errors if the server isn't configured properly for encryption
* @return bool true if configuration seems to be OK
diff --git a/apps/files_encryption/lib/session.php b/apps/files_encryption/lib/session.php
index 1911386cd12f06832d2406071a4092942191c7d7..25f2198181f3db0baddd7924db9c5806da10179e 100644
--- a/apps/files_encryption/lib/session.php
+++ b/apps/files_encryption/lib/session.php
@@ -30,6 +30,11 @@ class Session {
private $view;
+ const NOT_INITIALIZED = '0';
+ const INIT_EXECUTED = '1';
+ const INIT_SUCCESSFUL = '2';
+
+
/**
* @brief if session is started, check if ownCloud key pair is set up, if not create it
* @param \OC_FilesystemView $view
@@ -112,6 +117,36 @@ class Session {
}
+ /**
+ * @brief Sets status of encryption app
+ * @param string $init INIT_SUCCESSFUL, INIT_EXECUTED, NOT_INOITIALIZED
+ * @return bool
+ *
+ * @note this doesn not indicate of the init was successful, we just remeber the try!
+ */
+ public function setInitialized($init) {
+
+ \OC::$session->set('encryptionInitialized', $init);
+
+ return true;
+
+ }
+
+
+ /**
+ * @brief Gets status if we already tried to initialize the encryption app
+ * @returns init status INIT_SUCCESSFUL, INIT_EXECUTED, NOT_INOITIALIZED
+ *
+ * @note this doesn not indicate of the init was successful, we just remeber the try!
+ */
+ public function getInitialized() {
+ if (!is_null(\OC::$session->get('encryptionInitialized'))) {
+ return \OC::$session->get('encryptionInitialized');
+ } else {
+ return self::NOT_INITIALIZED;
+ }
+ }
+
/**
* @brief Gets user or public share private key from session
* @returns string $privateKey The user's plaintext private key
diff --git a/apps/files_encryption/lib/stream.php b/apps/files_encryption/lib/stream.php
index 083b33c03cbf2be40e674a8e509c3d5743975fb7..02955bb064e982b9020a90b788021e95c59011a0 100644
--- a/apps/files_encryption/lib/stream.php
+++ b/apps/files_encryption/lib/stream.php
@@ -131,7 +131,7 @@ class Stream {
if($this->privateKey === false) {
// if private key is not valid redirect user to a error page
- \OCA\Encryption\Helper::redirectToErrorPage();
+ \OCA\Encryption\Helper::redirectToErrorPage($this->session);
}
$this->size = $this->rootView->filesize($this->rawPath, $mode);
diff --git a/apps/files_encryption/lib/util.php b/apps/files_encryption/lib/util.php
index df4d35cab0b42076108403b380e0249425f13e33..53d58fbf40d601c6951d052f2f643f3a5b0a9b24 100644
--- a/apps/files_encryption/lib/util.php
+++ b/apps/files_encryption/lib/util.php
@@ -37,7 +37,6 @@ class Util {
const MIGRATION_IN_PROGRESS = -1; // migration is running
const MIGRATION_OPEN = 0; // user still needs to be migrated
-
private $view; // OC_FilesystemView object for filesystem operations
private $userId; // ID of the currently logged-in user
private $client; // Client side encryption mode flag
@@ -1752,6 +1751,11 @@ class Util {
*/
public function initEncryption($params) {
+ $session = new \OCA\Encryption\Session($this->view);
+
+ // we tried to initialize the encryption app for this session
+ $session->setInitialized(\OCA\Encryption\Session::INIT_EXECUTED);
+
$encryptedKey = Keymanager::getPrivateKey($this->view, $params['uid']);
$privateKey = Crypt::decryptPrivateKey($encryptedKey, $params['password']);
@@ -1762,9 +1766,8 @@ class Util {
return false;
}
- $session = new \OCA\Encryption\Session($this->view);
-
$session->setPrivateKey($privateKey);
+ $session->setInitialized(\OCA\Encryption\Session::INIT_SUCCESSFUL);
return $session;
}
diff --git a/apps/files_encryption/settings-personal.php b/apps/files_encryption/settings-personal.php
index 589219f32ada5c05fcc112140861fe535ae62ce9..ffcb99602e2f6350affd7523a8b46d0d432572fa 100644
--- a/apps/files_encryption/settings-personal.php
+++ b/apps/files_encryption/settings-personal.php
@@ -16,7 +16,9 @@ $view = new \OC_FilesystemView('/');
$util = new \OCA\Encryption\Util($view, $user);
$session = new \OCA\Encryption\Session($view);
-$privateKeySet = $session->getPrivateKey() !== false;
+$privateKeySet = $session->getPrivateKey() !== false;
+// did we tried to initialize the keys for this session?
+$initialized = $session->getInitialized();
$recoveryAdminEnabled = OC_Appconfig::getValue('files_encryption', 'recoveryAdminEnabled');
$recoveryEnabledForUser = $util->recoveryEnabledForUser();
@@ -31,6 +33,7 @@ if ($recoveryAdminEnabled || !$privateKeySet) {
$tmpl->assign('recoveryEnabled', $recoveryAdminEnabled);
$tmpl->assign('recoveryEnabledForUser', $recoveryEnabledForUser);
$tmpl->assign('privateKeySet', $privateKeySet);
+ $tmpl->assign('initialized', $initialized);
$result = $tmpl->fetchPage();
}
diff --git a/apps/files_encryption/templates/invalid_private_key.php b/apps/files_encryption/templates/invalid_private_key.php
index 5c086d6514c1297fb80d5aaea13b9cf90ff3a5ba..9af65f831b43949b8c9c2060351e73079ad154f8 100644
--- a/apps/files_encryption/templates/invalid_private_key.php
+++ b/apps/files_encryption/templates/invalid_private_key.php
@@ -2,9 +2,11 @@
<li class='error'>
<?php $location = \OC_Helper::linkToRoute( "settings_personal" ).'#changePKPasswd' ?>
- <?php p($l->t('Your private key is not valid! Maybe the your password was changed from outside.')); ?>
+ <?php p($_['message']); ?>
<br/>
- <?php p($l->t('You can unlock your private key in your ')); ?> <a href="<?php echo $location?>"><?php p($l->t('personal settings')); ?>.</a>
+ <?php if($_['init']): ?>
+ <?php>p($l->t('Go directly to your ')); ?> <a href="<?php echo $location?>"><?php p($l->t('personal settings')); ?>.</a>
+ <?php endif; ?>
<br/>
</li>
</ul>
diff --git a/apps/files_encryption/templates/settings-admin.php b/apps/files_encryption/templates/settings-admin.php
index f5f7582c2a69d141e49232f76e49e9fc14c708ac..3a6adc09f4b55ea2fee868aaee61de506891a033 100644
--- a/apps/files_encryption/templates/settings-admin.php
+++ b/apps/files_encryption/templates/settings-admin.php
@@ -10,14 +10,17 @@
<?php p($l->t("Enable recovery key (allow to recover users files in case of password loss):")); ?>
<br/>
<br/>
- <input type="password" name="recoveryPassword" id="recoveryPassword"/>
+ <input type="password" name="encryptionRecoveryPassword" id="encryptionRecoveryPassword"/>
<label for="recoveryPassword"><?php p($l->t("Recovery key password")); ?></label>
<br/>
+ <input type="password" name="encryptionRecoveryPassword" id="repeatEncryptionRecoveryPassword"/>
+ <label for="repeatEncryptionRecoveryPassword"><?php p($l->t("Repeat Recovery key password")); ?></label>
+ <br/>
<input
type='radio'
name='adminEnableRecovery'
value='1'
- <?php echo($_["recoveryEnabled"] == 1 ? 'checked="checked"' : 'disabled'); ?> />
+ <?php echo($_["recoveryEnabled"] === '1' ? 'checked="checked"' : 'disabled'); ?> />
<?php p($l->t("Enabled")); ?>
<br/>
@@ -25,27 +28,32 @@
type='radio'
name='adminEnableRecovery'
value='0'
- <?php echo($_["recoveryEnabled"] == 0 ? 'checked="checked"' : 'disabled'); ?> />
+ <?php echo($_["recoveryEnabled"] === '0' ? 'checked="checked"' : 'disabled'); ?> />
<?php p($l->t("Disabled")); ?>
</p>
<br/><br/>
- <p>
+ <p name="changeRecoveryPasswordBlock" <?php if ($_['recoveryEnabled'] === '0') print_unescaped('class="hidden"');?>>
<strong><?php p($l->t("Change recovery key password:")); ?></strong>
<br/><br/>
<input
type="password"
name="changeRecoveryPassword"
- id="oldRecoveryPassword"
- <?php echo($_["recoveryEnabled"] == 0 ? 'disabled' : ''); ?> />
- <label for="oldRecoveryPassword"><?php p($l->t("Old Recovery key password")); ?></label>
+ id="oldEncryptionRecoveryPassword"
+ <label for="oldEncryptionRecoveryPassword"><?php p($l->t("Old Recovery key password")); ?></label>
+ <br/>
+ <br/>
+ <input
+ type="password"
+ name="changeRecoveryPassword"
+ id="newEncryptionRecoveryPassword"
+ <label for="newEncryptionRecoveryPassword"><?php p($l->t("New Recovery key password")); ?></label>
<br/>
<input
type="password"
name="changeRecoveryPassword"
- id="newRecoveryPassword"
- <?php echo($_["recoveryEnabled"] == 0 ? 'disabled' : ''); ?> />
- <label for="newRecoveryPassword"><?php p($l->t("New Recovery key password")); ?></label>
+ id="repeatedNewEncryptionRecoveryPassword"
+ <label for="repeatEncryptionRecoveryPassword"><?php p($l->t("Repeat New Recovery key password")); ?></label>
<br/>
<button
type="button"
diff --git a/apps/files_encryption/templates/settings-personal.php b/apps/files_encryption/templates/settings-personal.php
index 38512453207a0af2ab836589d427f1abc394ef16..ff04556dd53ef9e9d5e104e6aa05fc6db857562c 100644
--- a/apps/files_encryption/templates/settings-personal.php
+++ b/apps/files_encryption/templates/settings-personal.php
@@ -4,7 +4,7 @@
<?php p( $l->t( 'Encryption' ) ); ?>
</legend>
- <?php if ( ! $_["privateKeySet"] ): ?>
+ <?php if ( ! $_["privateKeySet"] && $_["initialized"] ): ?>
<p>
<a name="changePKPasswd" />
<label for="changePrivateKeyPasswd">
@@ -39,22 +39,22 @@
<?php endif; ?>
<br />
-
+
<?php if ( $_["recoveryEnabled"] && $_["privateKeySet"] ): ?>
<p>
<label for="userEnableRecovery"><?php p( $l->t( "Enable password recovery:" ) ); ?></label>
<br />
<em><?php p( $l->t( "Enabling this option will allow you to reobtain access to your encrypted files in case of password loss" ) ); ?></em>
<br />
- <input
+ <input
type='radio'
name='userEnableRecovery'
value='1'
<?php echo ( $_["recoveryEnabledForUser"] == 1 ? 'checked="checked"' : '' ); ?> />
<?php p( $l->t( "Enabled" ) ); ?>
<br />
-
- <input
+
+ <input
type='radio'
name='userEnableRecovery'
value='0'
diff --git a/apps/user_ldap/ajax/getConfiguration.php b/apps/user_ldap/ajax/getConfiguration.php
index baca588976fc8a8a7755d059d88173477f26dab3..fc51b459a25b0b672900815ff9f68fc8a731e4ed 100644
--- a/apps/user_ldap/ajax/getConfiguration.php
+++ b/apps/user_ldap/ajax/getConfiguration.php
@@ -27,5 +27,6 @@ OCP\JSON::checkAppEnabled('user_ldap');
OCP\JSON::callCheck();
$prefix = $_POST['ldap_serverconfig_chooser'];
-$connection = new \OCA\user_ldap\lib\Connection($prefix);
+$ldapWrapper = new OCA\user_ldap\lib\LDAP();
+$connection = new \OCA\user_ldap\lib\Connection($ldapWrapper, $prefix);
OCP\JSON::success(array('configuration' => $connection->getConfiguration()));
diff --git a/apps/user_ldap/ajax/setConfiguration.php b/apps/user_ldap/ajax/setConfiguration.php
index d850bda24706830145d965059b7bb1be8e375f22..94de8835fbcf9540367c2dd3c6d2cd060e940498 100644
--- a/apps/user_ldap/ajax/setConfiguration.php
+++ b/apps/user_ldap/ajax/setConfiguration.php
@@ -27,7 +27,8 @@ OCP\JSON::checkAppEnabled('user_ldap');
OCP\JSON::callCheck();
$prefix = $_POST['ldap_serverconfig_chooser'];
-$connection = new \OCA\user_ldap\lib\Connection($prefix);
+$ldapWrapper = new OCA\user_ldap\lib\LDAP();
+$connection = new \OCA\user_ldap\lib\Connection($ldapWrapper, $prefix);
$connection->setConfiguration($_POST);
$connection->saveConfiguration();
OCP\JSON::success();
diff --git a/apps/user_ldap/ajax/testConfiguration.php b/apps/user_ldap/ajax/testConfiguration.php
index 7ce1258a7967e7b8cd711f021b4f0fe4346b213d..0b8e4ccfe2048dac6248a43eb667dc75b64b5ddf 100644
--- a/apps/user_ldap/ajax/testConfiguration.php
+++ b/apps/user_ldap/ajax/testConfiguration.php
@@ -28,7 +28,8 @@ OCP\JSON::callCheck();
$l=OC_L10N::get('user_ldap');
-$connection = new \OCA\user_ldap\lib\Connection('', null);
+$ldapWrapper = new OCA\user_ldap\lib\LDAP();
+$connection = new \OCA\user_ldap\lib\Connection($ldapWrapper, '', null);
if($connection->setConfiguration($_POST)) {
//Configuration is okay
if($connection->bind()) {
diff --git a/apps/user_ldap/appinfo/app.php b/apps/user_ldap/appinfo/app.php
index 593e846bc03f8dea4514bd05cf32c99672e90717..9d6327181afb3b67181eac2afa88267ad6789399 100644
--- a/apps/user_ldap/appinfo/app.php
+++ b/apps/user_ldap/appinfo/app.php
@@ -24,15 +24,15 @@
OCP\App::registerAdmin('user_ldap', 'settings');
$configPrefixes = OCA\user_ldap\lib\Helper::getServerConfigurationPrefixes(true);
+$ldapWrapper = new OCA\user_ldap\lib\LDAP();
if(count($configPrefixes) === 1) {
- $connector = new OCA\user_ldap\lib\Connection($configPrefixes[0]);
- $userBackend = new OCA\user_ldap\USER_LDAP();
- $userBackend->setConnector($connector);
- $groupBackend = new OCA\user_ldap\GROUP_LDAP();
- $groupBackend->setConnector($connector);
+ $connector = new OCA\user_ldap\lib\Connection($ldapWrapper, $configPrefixes[0]);
+ $ldapAccess = new OCA\user_ldap\lib\Access($connector, $ldapWrapper);
+ $userBackend = new OCA\user_ldap\USER_LDAP($ldapAccess);
+ $groupBackend = new OCA\user_ldap\GROUP_LDAP($ldapAccess);
} else {
- $userBackend = new OCA\user_ldap\User_Proxy($configPrefixes);
- $groupBackend = new OCA\user_ldap\Group_Proxy($configPrefixes);
+ $userBackend = new OCA\user_ldap\User_Proxy($configPrefixes, $ldapWrapper);
+ $groupBackend = new OCA\user_ldap\Group_Proxy($configPrefixes, $ldapWrapper);
}
if(count($configPrefixes) > 0) {
diff --git a/apps/user_ldap/group_ldap.php b/apps/user_ldap/group_ldap.php
index 04ff392f9205ab88f692e4994abc47a19b080a6d..32e2cec5960ade394ef892a661e2a9b6d1f8c4eb 100644
--- a/apps/user_ldap/group_ldap.php
+++ b/apps/user_ldap/group_ldap.php
@@ -23,13 +23,16 @@
namespace OCA\user_ldap;
-class GROUP_LDAP extends lib\Access implements \OCP\GroupInterface {
+use OCA\user_ldap\lib\Access;
+use OCA\user_ldap\lib\BackendUtility;
+
+class GROUP_LDAP extends BackendUtility implements \OCP\GroupInterface {
protected $enabled = false;
- public function setConnector(lib\Connection &$connection) {
- parent::setConnector($connection);
- $filter = $this->connection->ldapGroupFilter;
- $gassoc = $this->connection->ldapGroupMemberAssocAttr;
+ public function __construct(Access $access) {
+ parent::__construct($access);
+ $filter = $this->access->connection->ldapGroupFilter;
+ $gassoc = $this->access->connection->ldapGroupMemberAssocAttr;
if(!empty($filter) && !empty($gassoc)) {
$this->enabled = true;
}
@@ -47,30 +50,31 @@ class GROUP_LDAP extends lib\Access implements \OCP\GroupInterface {
if(!$this->enabled) {
return false;
}
- if($this->connection->isCached('inGroup'.$uid.':'.$gid)) {
- return $this->connection->getFromCache('inGroup'.$uid.':'.$gid);
+ if($this->access->connection->isCached('inGroup'.$uid.':'.$gid)) {
+ return $this->access->connection->getFromCache('inGroup'.$uid.':'.$gid);
}
- $dn_user = $this->username2dn($uid);
- $dn_group = $this->groupname2dn($gid);
+ $dn_user = $this->access->username2dn($uid);
+ $dn_group = $this->access->groupname2dn($gid);
// just in case
if(!$dn_group || !$dn_user) {
- $this->connection->writeToCache('inGroup'.$uid.':'.$gid, false);
+ $this->access->connection->writeToCache('inGroup'.$uid.':'.$gid, false);
return false;
}
//usually, LDAP attributes are said to be case insensitive. But there are exceptions of course.
- $members = $this->readAttribute($dn_group, $this->connection->ldapGroupMemberAssocAttr);
+ $members = $this->access->readAttribute($dn_group,
+ $this->access->connection->ldapGroupMemberAssocAttr);
if(!$members) {
- $this->connection->writeToCache('inGroup'.$uid.':'.$gid, false);
+ $this->access->connection->writeToCache('inGroup'.$uid.':'.$gid, false);
return false;
}
//extra work if we don't get back user DNs
//TODO: this can be done with one LDAP query
- if(strtolower($this->connection->ldapGroupMemberAssocAttr) === 'memberuid') {
+ if(strtolower($this->access->connection->ldapGroupMemberAssocAttr) === 'memberuid') {
$dns = array();
foreach($members as $mid) {
- $filter = str_replace('%uid', $mid, $this->connection->ldapLoginFilter);
- $ldap_users = $this->fetchListOfUsers($filter, 'dn');
+ $filter = str_replace('%uid', $mid, $this->access->connection->ldapLoginFilter);
+ $ldap_users = $this->access->fetchListOfUsers($filter, 'dn');
if(count($ldap_users) < 1) {
continue;
}
@@ -80,7 +84,7 @@ class GROUP_LDAP extends lib\Access implements \OCP\GroupInterface {
}
$isInGroup = in_array($dn_user, $members);
- $this->connection->writeToCache('inGroup'.$uid.':'.$gid, $isInGroup);
+ $this->access->connection->writeToCache('inGroup'.$uid.':'.$gid, $isInGroup);
return $isInGroup;
}
@@ -98,35 +102,36 @@ class GROUP_LDAP extends lib\Access implements \OCP\GroupInterface {
return array();
}
$cacheKey = 'getUserGroups'.$uid;
- if($this->connection->isCached($cacheKey)) {
- return $this->connection->getFromCache($cacheKey);
+ if($this->access->connection->isCached($cacheKey)) {
+ return $this->access->connection->getFromCache($cacheKey);
}
- $userDN = $this->username2dn($uid);
+ $userDN = $this->access->username2dn($uid);
if(!$userDN) {
- $this->connection->writeToCache($cacheKey, array());
+ $this->access->connection->writeToCache($cacheKey, array());
return array();
}
//uniqueMember takes DN, memberuid the uid, so we need to distinguish
- if((strtolower($this->connection->ldapGroupMemberAssocAttr) === 'uniquemember')
- || (strtolower($this->connection->ldapGroupMemberAssocAttr) === 'member')
+ if((strtolower($this->access->connection->ldapGroupMemberAssocAttr) === 'uniquemember')
+ || (strtolower($this->access->connection->ldapGroupMemberAssocAttr) === 'member')
) {
$uid = $userDN;
- } else if(strtolower($this->connection->ldapGroupMemberAssocAttr) === 'memberuid') {
- $result = $this->readAttribute($userDN, 'uid');
+ } else if(strtolower($this->access->connection->ldapGroupMemberAssocAttr) === 'memberuid') {
+ $result = $this->access->readAttribute($userDN, 'uid');
$uid = $result[0];
} else {
// just in case
$uid = $userDN;
}
- $filter = $this->combineFilterWithAnd(array(
- $this->connection->ldapGroupFilter,
- $this->connection->ldapGroupMemberAssocAttr.'='.$uid
+ $filter = $this->access->combineFilterWithAnd(array(
+ $this->access->connection->ldapGroupFilter,
+ $this->access->connection->ldapGroupMemberAssocAttr.'='.$uid
));
- $groups = $this->fetchListOfGroups($filter, array($this->connection->ldapGroupDisplayName, 'dn'));
- $groups = array_unique($this->ownCloudGroupNames($groups), SORT_LOCALE_STRING);
- $this->connection->writeToCache($cacheKey, $groups);
+ $groups = $this->access->fetchListOfGroups($filter,
+ array($this->access->connection->ldapGroupDisplayName, 'dn'));
+ $groups = array_unique($this->access->ownCloudGroupNames($groups), SORT_LOCALE_STRING);
+ $this->access->connection->writeToCache($cacheKey, $groups);
return $groups;
}
@@ -144,70 +149,71 @@ class GROUP_LDAP extends lib\Access implements \OCP\GroupInterface {
}
$cachekey = 'usersInGroup-'.$gid.'-'.$search.'-'.$limit.'-'.$offset;
// check for cache of the exact query
- $groupUsers = $this->connection->getFromCache($cachekey);
+ $groupUsers = $this->access->connection->getFromCache($cachekey);
if(!is_null($groupUsers)) {
return $groupUsers;
}
// check for cache of the query without limit and offset
- $groupUsers = $this->connection->getFromCache('usersInGroup-'.$gid.'-'.$search);
+ $groupUsers = $this->access->connection->getFromCache('usersInGroup-'.$gid.'-'.$search);
if(!is_null($groupUsers)) {
$groupUsers = array_slice($groupUsers, $offset, $limit);
- $this->connection->writeToCache($cachekey, $groupUsers);
+ $this->access->connection->writeToCache($cachekey, $groupUsers);
return $groupUsers;
}
if($limit === -1) {
$limit = null;
}
- $groupDN = $this->groupname2dn($gid);
+ $groupDN = $this->access->groupname2dn($gid);
if(!$groupDN) {
// group couldn't be found, return empty resultset
- $this->connection->writeToCache($cachekey, array());
+ $this->access->connection->writeToCache($cachekey, array());
return array();
}
- $members = $this->readAttribute($groupDN, $this->connection->ldapGroupMemberAssocAttr);
+ $members = $this->access->readAttribute($groupDN,
+ $this->access->connection->ldapGroupMemberAssocAttr);
if(!$members) {
//in case users could not be retrieved, return empty resultset
- $this->connection->writeToCache($cachekey, array());
+ $this->access->connection->writeToCache($cachekey, array());
return array();
}
$groupUsers = array();
- $isMemberUid = (strtolower($this->connection->ldapGroupMemberAssocAttr) === 'memberuid');
+ $isMemberUid = (strtolower($this->access->connection->ldapGroupMemberAssocAttr) === 'memberuid');
foreach($members as $member) {
if($isMemberUid) {
//we got uids, need to get their DNs to 'tranlsate' them to usernames
- $filter = $this->combineFilterWithAnd(array(
+ $filter = $this->access->combineFilterWithAnd(array(
\OCP\Util::mb_str_replace('%uid', $member,
- $this->connection->ldapLoginFilter, 'UTF-8'),
- $this->getFilterPartForUserSearch($search)
+ $this->access->connection->ldapLoginFilter, 'UTF-8'),
+ $this->access->getFilterPartForUserSearch($search)
));
- $ldap_users = $this->fetchListOfUsers($filter, 'dn');
+ $ldap_users = $this->access->fetchListOfUsers($filter, 'dn');
if(count($ldap_users) < 1) {
continue;
}
- $groupUsers[] = $this->dn2username($ldap_users[0]);
+ $groupUsers[] = $this->access->dn2username($ldap_users[0]);
} else {
//we got DNs, check if we need to filter by search or we can give back all of them
if(!empty($search)) {
- if(!$this->readAttribute($member,
- $this->connection->ldapUserDisplayName,
- $this->getFilterPartForUserSearch($search))) {
+ if(!$this->access->readAttribute($member,
+ $this->access->connection->ldapUserDisplayName,
+ $this->access->getFilterPartForUserSearch($search))) {
continue;
}
}
// dn2username will also check if the users belong to the allowed base
- if($ocname = $this->dn2username($member)) {
+ if($ocname = $this->access->dn2username($member)) {
$groupUsers[] = $ocname;
}
}
}
natsort($groupUsers);
- $this->connection->writeToCache('usersInGroup-'.$gid.'-'.$search, $groupUsers);
+ $this->access->connection->writeToCache('usersInGroup-'.$gid.'-'.$search, $groupUsers);
$groupUsers = array_slice($groupUsers, $offset, $limit);
- $this->connection->writeToCache($cachekey, $groupUsers);
+ $this->access->connection->writeToCache($cachekey, $groupUsers);
return $groupUsers;
}
@@ -245,7 +251,7 @@ class GROUP_LDAP extends lib\Access implements \OCP\GroupInterface {
//Check cache before driving unnecessary searches
\OCP\Util::writeLog('user_ldap', 'getGroups '.$cachekey, \OCP\Util::DEBUG);
- $ldap_groups = $this->connection->getFromCache($cachekey);
+ $ldap_groups = $this->access->connection->getFromCache($cachekey);
if(!is_null($ldap_groups)) {
return $ldap_groups;
}
@@ -255,16 +261,18 @@ class GROUP_LDAP extends lib\Access implements \OCP\GroupInterface {
if($limit <= 0) {
$limit = null;
}
- $filter = $this->combineFilterWithAnd(array(
- $this->connection->ldapGroupFilter,
- $this->getFilterPartForGroupSearch($search)
+ $filter = $this->access->combineFilterWithAnd(array(
+ $this->access->connection->ldapGroupFilter,
+ $this->access->getFilterPartForGroupSearch($search)
));
\OCP\Util::writeLog('user_ldap', 'getGroups Filter '.$filter, \OCP\Util::DEBUG);
- $ldap_groups = $this->fetchListOfGroups($filter, array($this->connection->ldapGroupDisplayName, 'dn'),
- $limit, $offset);
- $ldap_groups = $this->ownCloudGroupNames($ldap_groups);
+ $ldap_groups = $this->access->fetchListOfGroups($filter,
+ array($this->access->connection->ldapGroupDisplayName, 'dn'),
+ $limit,
+ $offset);
+ $ldap_groups = $this->access->ownCloudGroupNames($ldap_groups);
- $this->connection->writeToCache($cachekey, $ldap_groups);
+ $this->access->connection->writeToCache($cachekey, $ldap_groups);
return $ldap_groups;
}
@@ -278,25 +286,26 @@ class GROUP_LDAP extends lib\Access implements \OCP\GroupInterface {
* @return bool
*/
public function groupExists($gid) {
- if($this->connection->isCached('groupExists'.$gid)) {
- return $this->connection->getFromCache('groupExists'.$gid);
+ if($this->access->connection->isCached('groupExists'.$gid)) {
+ return $this->access->connection->getFromCache('groupExists'.$gid);
}
- //getting dn, if false the group does not exist. If dn, it may be mapped only, requires more checking.
- $dn = $this->groupname2dn($gid);
+ //getting dn, if false the group does not exist. If dn, it may be mapped
+ //only, requires more checking.
+ $dn = $this->access->groupname2dn($gid);
if(!$dn) {
- $this->connection->writeToCache('groupExists'.$gid, false);
+ $this->access->connection->writeToCache('groupExists'.$gid, false);
return false;
}
//if group really still exists, we will be able to read its objectclass
- $objcs = $this->readAttribute($dn, 'objectclass');
+ $objcs = $this->access->readAttribute($dn, 'objectclass');
if(!$objcs || empty($objcs)) {
- $this->connection->writeToCache('groupExists'.$gid, false);
+ $this->access->connection->writeToCache('groupExists'.$gid, false);
return false;
}
- $this->connection->writeToCache('groupExists'.$gid, true);
+ $this->access->connection->writeToCache('groupExists'.$gid, true);
return true;
}
diff --git a/apps/user_ldap/group_proxy.php b/apps/user_ldap/group_proxy.php
index eb6f176c58ce6e5e70da2d151f086299562690c1..acc563c9532e14ebde97a792686e2b9dce76e178 100644
--- a/apps/user_ldap/group_proxy.php
+++ b/apps/user_ldap/group_proxy.php
@@ -23,6 +23,8 @@
namespace OCA\user_ldap;
+use OCA\user_ldap\lib\ILDAPWrapper;
+
class Group_Proxy extends lib\Proxy implements \OCP\GroupInterface {
private $backends = array();
private $refBackend = null;
@@ -31,12 +33,11 @@ class Group_Proxy extends lib\Proxy implements \OCP\GroupInterface {
* @brief Constructor
* @param $serverConfigPrefixes array containing the config Prefixes
*/
- public function __construct($serverConfigPrefixes) {
- parent::__construct();
+ public function __construct($serverConfigPrefixes, ILDAPWrapper $ldap) {
+ parent::__construct($ldap);
foreach($serverConfigPrefixes as $configPrefix) {
- $this->backends[$configPrefix] = new \OCA\user_ldap\GROUP_LDAP();
- $connector = $this->getConnector($configPrefix);
- $this->backends[$configPrefix]->setConnector($connector);
+ $this->backends[$configPrefix] =
+ new \OCA\user_ldap\GROUP_LDAP($this->getAccess($configPrefix));
if(is_null($this->refBackend)) {
$this->refBackend = &$this->backends[$configPrefix];
}
diff --git a/apps/user_ldap/lib/access.php b/apps/user_ldap/lib/access.php
index 52aa39012fd0b2788403169ef45d4d0c658d73c0..fdf9c24612d13e11907d4a29d93477521b007c44 100644
--- a/apps/user_ldap/lib/access.php
+++ b/apps/user_ldap/lib/access.php
@@ -23,12 +23,13 @@
namespace OCA\user_ldap\lib;
-abstract class Access {
- protected $connection;
+class Access extends LDAPUtility {
+ public $connection;
//never ever check this var directly, always use getPagedSearchResultState
protected $pagedSearchedSuccessful;
- public function setConnector(Connection &$connection) {
+ public function __construct(Connection $connection, ILDAPWrapper $ldap) {
+ parent::__construct($ldap);
$this->connection = $connection;
}
@@ -54,14 +55,14 @@ abstract class Access {
return false;
}
$cr = $this->connection->getConnectionResource();
- if(!is_resource($cr)) {
+ if(!$this->ldap->isResource($cr)) {
//LDAP not available
\OCP\Util::writeLog('user_ldap', 'LDAP resource not available.', \OCP\Util::DEBUG);
return false;
}
$dn = $this->DNasBaseParameter($dn);
- $rr = @ldap_read($cr, $dn, $filter, array($attr));
- if(!is_resource($rr)) {
+ $rr = @$this->ldap->read($cr, $dn, $filter, array($attr));
+ if(!$this->ldap->isResource($rr)) {
if(!empty($attr)) {
//do not throw this message on userExists check, irritates
\OCP\Util::writeLog('user_ldap', 'readAttribute failed for DN '.$dn, \OCP\Util::DEBUG);
@@ -73,13 +74,14 @@ abstract class Access {
\OCP\Util::writeLog('user_ldap', 'readAttribute: '.$dn.' found', \OCP\Util::DEBUG);
return array();
}
- $er = ldap_first_entry($cr, $rr);
- if(!is_resource($er)) {
+ $er = $this->ldap->firstEntry($cr, $rr);
+ if(!$this->ldap->isResource($er)) {
//did not match the filter, return false
return false;
}
//LDAP attributes are not case sensitive
- $result = \OCP\Util::mb_array_change_key_case(ldap_get_attributes($cr, $er), MB_CASE_LOWER, 'UTF-8');
+ $result = \OCP\Util::mb_array_change_key_case(
+ $this->ldap->getAttributes($cr, $er), MB_CASE_LOWER, 'UTF-8');
$attr = mb_strtolower($attr, 'UTF-8');
if(isset($result[$attr]) && $result[$attr]['count'] > 0) {
@@ -653,7 +655,7 @@ abstract class Access {
// See if we have a resource, in case not cancel with message
$link_resource = $this->connection->getConnectionResource();
- if(!is_resource($link_resource)) {
+ if(!$this->ldap->isResource($link_resource)) {
// Seems like we didn't find any resource.
// Return an empty array just like before.
\OCP\Util::writeLog('user_ldap', 'Could not search, because resource is missing.', \OCP\Util::DEBUG);
@@ -664,11 +666,12 @@ abstract class Access {
$pagedSearchOK = $this->initPagedSearch($filter, $base, $attr, $limit, $offset);
$linkResources = array_pad(array(), count($base), $link_resource);
- $sr = ldap_search($linkResources, $base, $filter, $attr);
- $error = ldap_errno($link_resource);
+ $sr = $this->ldap->search($linkResources, $base, $filter, $attr);
+ $error = $this->ldap->errno($link_resource);
if(!is_array($sr) || $error !== 0) {
\OCP\Util::writeLog('user_ldap',
- 'Error when searching: '.ldap_error($link_resource).' code '.ldap_errno($link_resource),
+ 'Error when searching: '.$this->ldap->error($link_resource).
+ ' code '.$this->ldap->errno($link_resource),
\OCP\Util::ERROR);
\OCP\Util::writeLog('user_ldap', 'Attempt for Paging? '.print_r($pagedSearchOK, true), \OCP\Util::ERROR);
return array();
@@ -677,19 +680,19 @@ abstract class Access {
// Do the server-side sorting
foreach(array_reverse($attr) as $sortAttr){
foreach($sr as $searchResource) {
- ldap_sort($link_resource, $searchResource, $sortAttr);
+ $this->ldap->sort($link_resource, $searchResource, $sortAttr);
}
}
$findings = array();
foreach($sr as $key => $res) {
- $findings = array_merge($findings, ldap_get_entries($link_resource, $res ));
+ $findings = array_merge($findings, $this->ldap->getEntries($link_resource, $res ));
}
if($pagedSearchOK) {
\OCP\Util::writeLog('user_ldap', 'Paged search successful', \OCP\Util::INFO);
foreach($sr as $key => $res) {
$cookie = null;
- if(ldap_control_paged_result_response($link_resource, $res, $cookie)) {
+ if($this->ldap->controlPagedResultResponse($link_resource, $res, $cookie)) {
\OCP\Util::writeLog('user_ldap', 'Set paged search cookie', \OCP\Util::INFO);
$this->setPagedResultCookie($base[$key], $filter, $limit, $offset, $cookie);
}
@@ -1103,8 +1106,9 @@ abstract class Access {
if($offset > 0) {
\OCP\Util::writeLog('user_ldap', 'Cookie '.$cookie, \OCP\Util::INFO);
}
- $pagedSearchOK = ldap_control_paged_result($this->connection->getConnectionResource(),
- $limit, false, $cookie);
+ $pagedSearchOK = $this->ldap->controlPagedResult(
+ $this->connection->getConnectionResource(), $limit,
+ false, $cookie);
if(!$pagedSearchOK) {
return false;
}
diff --git a/apps/user_ldap/lib/backendutility.php b/apps/user_ldap/lib/backendutility.php
new file mode 100644
index 0000000000000000000000000000000000000000..815757a1a11682bb360bbb923348fe7331662d45
--- /dev/null
+++ b/apps/user_ldap/lib/backendutility.php
@@ -0,0 +1,38 @@
+<?php
+
+/**
+ * ownCloud – LDAP BackendUtility
+ *
+ * @author Arthur Schiwon
+ * @copyright 2013 Arthur Schiwon blizzz@owncloud.com
+ *
+ * This library is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU AFFERO GENERAL PUBLIC LICENSE
+ * License as published by the Free Software Foundation; either
+ * version 3 of the License, or any later version.
+ *
+ * This library is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU AFFERO GENERAL PUBLIC LICENSE for more details.
+ *
+ * You should have received a copy of the GNU Affero General Public
+ * License along with this library. If not, see <http://www.gnu.org/licenses/>.
+ *
+ */
+
+namespace OCA\user_ldap\lib;
+
+use OCA\user_ldap\lib\Access;
+
+abstract class BackendUtility {
+ protected $access;
+
+ /**
+ * @brief constructor, make sure the subclasses call this one!
+ * @param $access an instance of Access for LDAP interaction
+ */
+ public function __construct(Access $access) {
+ $this->access = $access;
+ }
+}
diff --git a/apps/user_ldap/lib/connection.php b/apps/user_ldap/lib/connection.php
index e5d9b4d5b40eaf99135c3333f4d87b747a165d9c..a53022c27b3231b23c5aee02a92288402e490c56 100644
--- a/apps/user_ldap/lib/connection.php
+++ b/apps/user_ldap/lib/connection.php
@@ -23,7 +23,7 @@
namespace OCA\user_ldap\lib;
-class Connection {
+class Connection extends LDAPUtility {
private $ldapConnectionRes = null;
private $configPrefix;
private $configID;
@@ -60,7 +60,7 @@ class Connection {
'ldapQuotaDefault' => null,
'ldapEmailAttribute' => null,
'ldapCacheTTL' => null,
- 'ldapUuidAttribute' => null,
+ 'ldapUuidAttribute' => 'auto',
'ldapOverrideUuidAttribute' => null,
'ldapOverrideMainServer' => false,
'ldapConfigurationActive' => false,
@@ -77,7 +77,8 @@ class Connection {
* @param $configPrefix a string with the prefix for the configkey column (appconfig table)
* @param $configID a string with the value for the appid column (appconfig table) or null for on-the-fly connections
*/
- public function __construct($configPrefix = '', $configID = 'user_ldap') {
+ public function __construct(ILDAPWrapper $ldap, $configPrefix = '', $configID = 'user_ldap') {
+ parent::__construct($ldap);
$this->configPrefix = $configPrefix;
$this->configID = $configID;
$memcache = new \OC\Memcache\Factory();
@@ -86,13 +87,14 @@ class Connection {
} else {
$this->cache = \OC_Cache::getGlobalCache();
}
- $this->config['hasPagedResultSupport'] = (function_exists('ldap_control_paged_result')
- && function_exists('ldap_control_paged_result_response'));
+ $this->config['hasPagedResultSupport'] =
+ $this->ldap->hasPagedResultSupport();
}
public function __destruct() {
- if(!$this->dontDestruct && is_resource($this->ldapConnectionRes)) {
- @ldap_unbind($this->ldapConnectionRes);
+ if(!$this->dontDestruct &&
+ $this->ldap->isResource($this->ldapConnectionRes)) {
+ @$this->ldap->unbind($this->ldapConnectionRes);
};
}
@@ -148,7 +150,7 @@ class Connection {
public function getConnectionResource() {
if(!$this->ldapConnectionRes) {
$this->init();
- } else if(!is_resource($this->ldapConnectionRes)) {
+ } else if(!$this->ldap->isResource($this->ldapConnectionRes)) {
$this->ldapConnectionRes = null;
$this->establishConnection();
}
@@ -361,6 +363,14 @@ class Connection {
&& $params[$parameter] === 'homeFolderNamingRule'))
&& !empty($value)) {
$value = 'attr:'.$value;
+ } else if (strpos($parameter, 'ldapBase') !== false
+ || (isset($params[$parameter])
+ && strpos($params[$parameter], 'ldapBase') !== false)) {
+ $this->readBase($params[$parameter], $value);
+ if(is_array($setParameters)) {
+ $setParameters[] = $parameter;
+ }
+ continue;
}
if(isset($this->config[$parameter])) {
$this->config[$parameter] = $value;
@@ -386,7 +396,8 @@ class Connection {
public function saveConfiguration() {
$trans = array_flip($this->getConfigTranslationArray());
foreach($this->config as $key => $value) {
- \OCP\Util::writeLog('user_ldap', 'LDAP: storing key '.$key.' value '.$value, \OCP\Util::DEBUG);
+ \OCP\Util::writeLog('user_ldap', 'LDAP: storing key '.$key.
+ ' value '.print_r($value, true), \OCP\Util::DEBUG);
switch ($key) {
case 'ldapAgentPassword':
$value = base64_encode($value);
@@ -431,8 +442,9 @@ class Connection {
$config[$dbKey] = '';
}
continue;
- } else if((strpos($classKey, 'ldapBase') !== false)
- || (strpos($classKey, 'ldapAttributes') !== false)) {
+ } else if((strpos($classKey, 'ldapBase') !== false
+ || strpos($classKey, 'ldapAttributes') !== false)
+ && is_array($this->config[$classKey])) {
$config[$dbKey] = implode("\n", $this->config[$classKey]);
continue;
}
@@ -551,7 +563,7 @@ class Connection {
* @returns an associative array with the default values. Keys are correspond
* to config-value entries in the database table
*/
- public function getDefaults() {
+ static public function getDefaults() {
return array(
'ldap_host' => '',
'ldap_port' => '389',
@@ -603,7 +615,7 @@ class Connection {
return false;
}
if(!$this->ldapConnectionRes) {
- if(!function_exists('ldap_connect')) {
+ if(!$this->ldap->areLDAPFunctionsAvailable()) {
$phpLDAPinstalled = false;
\OCP\Util::writeLog('user_ldap',
'function ldap_connect is not available. Make sure that the PHP ldap module is installed.',
@@ -623,7 +635,8 @@ class Connection {
if(!$this->config['ldapOverrideMainServer'] && !$this->getFromCache('overrideMainServer')) {
$this->doConnect($this->config['ldapHost'], $this->config['ldapPort']);
$bindStatus = $this->bind();
- $error = is_resource($this->ldapConnectionRes) ? ldap_errno($this->ldapConnectionRes) : -1;
+ $error = $this->ldap->isResource($this->ldapConnectionRes) ?
+ $this->ldap->errno($this->ldapConnectionRes) : -1;
} else {
$bindStatus = false;
$error = null;
@@ -653,11 +666,11 @@ class Connection {
//ldap_connect ignores port paramater when URLs are passed
$host .= ':' . $port;
}
- $this->ldapConnectionRes = ldap_connect($host, $port);
- if(ldap_set_option($this->ldapConnectionRes, LDAP_OPT_PROTOCOL_VERSION, 3)) {
- if(ldap_set_option($this->ldapConnectionRes, LDAP_OPT_REFERRALS, 0)) {
+ $this->ldapConnectionRes = $this->ldap->connect($host, $port);
+ if($this->ldap->setOption($this->ldapConnectionRes, LDAP_OPT_PROTOCOL_VERSION, 3)) {
+ if($this->ldap->setOption($this->ldapConnectionRes, LDAP_OPT_REFERRALS, 0)) {
if($this->config['ldapTLS']) {
- ldap_start_tls($this->ldapConnectionRes);
+ $this->ldap->startTls($this->ldapConnectionRes);
}
}
}
@@ -678,13 +691,15 @@ class Connection {
$getConnectionResourceAttempt = true;
$cr = $this->getConnectionResource();
$getConnectionResourceAttempt = false;
- if(!is_resource($cr)) {
+ if(!$this->ldap->isResource($cr)) {
return false;
}
- $ldapLogin = @ldap_bind($cr, $this->config['ldapAgentName'], $this->config['ldapAgentPassword']);
+ $ldapLogin = @$this->ldap->bind($cr,
+ $this->config['ldapAgentName'],
+ $this->config['ldapAgentPassword']);
if(!$ldapLogin) {
\OCP\Util::writeLog('user_ldap',
- 'Bind failed: ' . ldap_errno($cr) . ': ' . ldap_error($cr),
+ 'Bind failed: ' . $this->ldap->errno($cr) . ': ' . $this->ldap->error($cr),
\OCP\Util::ERROR);
$this->ldapConnectionRes = null;
return false;
diff --git a/apps/user_ldap/lib/ildapwrapper.php b/apps/user_ldap/lib/ildapwrapper.php
new file mode 100644
index 0000000000000000000000000000000000000000..9e6bd56ef2a0920087e259030b02ce756bafdc4f
--- /dev/null
+++ b/apps/user_ldap/lib/ildapwrapper.php
@@ -0,0 +1,180 @@
+<?php
+
+/**
+ * ownCloud – LDAP Wrapper Interface
+ *
+ * @author Arthur Schiwon
+ * @copyright 2013 Arthur Schiwon blizzz@owncloud.com
+ *
+ * This library is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU AFFERO GENERAL PUBLIC LICENSE
+ * License as published by the Free Software Foundation; either
+ * version 3 of the License, or any later version.
+ *
+ * This library is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU AFFERO GENERAL PUBLIC LICENSE for more details.
+ *
+ * You should have received a copy of the GNU Affero General Public
+ * License along with this library. If not, see <http://www.gnu.org/licenses/>.
+ *
+ */
+
+namespace OCA\user_ldap\lib;
+
+interface ILDAPWrapper {
+
+ //LDAP functions in use
+
+ /**
+ * @brief Bind to LDAP directory
+ * @param $link LDAP link resource
+ * @param $dn an RDN to log in with
+ * @param $password the password
+ * @return true on success, false otherwise
+ *
+ * with $dn and $password as null a anonymous bind is attempted.
+ */
+ public function bind($link, $dn, $password);
+
+ /**
+ * @brief connect to an LDAP server
+ * @param $host The host to connect to
+ * @param $port The port to connect to
+ * @return a link resource on success, otherwise false
+ */
+ public function connect($host, $port);
+
+ /**
+ * @brief Send LDAP pagination control
+ * @param $link LDAP link resource
+ * @param $pagesize number of results per page
+ * @param $isCritical Indicates whether the pagination is critical of not.
+ * @param $cookie structure sent by LDAP server
+ * @return true on success, false otherwise
+ */
+ public function controlPagedResult($link, $pagesize, $isCritical, $cookie);
+
+ /**
+ * @brief Retrieve the LDAP pagination cookie
+ * @param $link LDAP link resource
+ * @param $result LDAP result resource
+ * @param $cookie structure sent by LDAP server
+ * @return true on success, false otherwise
+ *
+ * Corresponds to ldap_control_paged_result_response
+ */
+ public function controlPagedResultResponse($link, $result, &$cookie);
+
+ /**
+ * @brief Return the LDAP error number of the last LDAP command
+ * @param $link LDAP link resource
+ * @return error message as string
+ */
+ public function errno($link);
+
+ /**
+ * @brief Return the LDAP error message of the last LDAP command
+ * @param $link LDAP link resource
+ * @return error code as integer
+ */
+ public function error($link);
+
+ /**
+ * @brief Return first result id
+ * @param $link LDAP link resource
+ * @param $result LDAP result resource
+ * @return an LDAP search result resource
+ * */
+ public function firstEntry($link, $result);
+
+ /**
+ * @brief Get attributes from a search result entry
+ * @param $link LDAP link resource
+ * @param $result LDAP result resource
+ * @return array containing the results, false on error
+ * */
+ public function getAttributes($link, $result);
+
+ /**
+ * @brief Get all result entries
+ * @param $link LDAP link resource
+ * @param $result LDAP result resource
+ * @return array containing the results, false on error
+ */
+ public function getEntries($link, $result);
+
+ /**
+ * @brief Read an entry
+ * @param $link LDAP link resource
+ * @param $baseDN The DN of the entry to read from
+ * @param $filter An LDAP filter
+ * @param $attr array of the attributes to read
+ * @return an LDAP search result resource
+ */
+ public function read($link, $baseDN, $filter, $attr);
+
+ /**
+ * @brief Search LDAP tree
+ * @param $link LDAP link resource
+ * @param $baseDN The DN of the entry to read from
+ * @param $filter An LDAP filter
+ * @param $attr array of the attributes to read
+ * @return an LDAP search result resource, false on error
+ */
+ public function search($link, $baseDN, $filter, $attr);
+
+ /**
+ * @brief Sets the value of the specified option to be $value
+ * @param $link LDAP link resource
+ * @param $option a defined LDAP Server option
+ * @param $value the new value for the option
+ * @return true on success, false otherwise
+ */
+ public function setOption($link, $option, $value);
+
+ /**
+ * @brief establish Start TLS
+ * @param $link LDAP link resource
+ * @return true on success, false otherwise
+ */
+ public function startTls($link);
+
+ /**
+ * @brief Sort the result of a LDAP search
+ * @param $link LDAP link resource
+ * @param $result LDAP result resource
+ * @param $sortfilter attribute to use a key in sort
+ */
+ public function sort($link, $result, $sortfilter);
+
+ /**
+ * @brief Unbind from LDAP directory
+ * @param $link LDAP link resource
+ * @return true on success, false otherwise
+ */
+ public function unbind($link);
+
+ //additional required methods in owncloud
+
+ /**
+ * @brief Checks whether the server supports LDAP
+ * @return true if it the case, false otherwise
+ * */
+ public function areLDAPFunctionsAvailable();
+
+ /**
+ * @brief Checks whether PHP supports LDAP Paged Results
+ * @return true if it the case, false otherwise
+ * */
+ public function hasPagedResultSupport();
+
+ /**
+ * @brief Checks whether the submitted parameter is a resource
+ * @param $resource the resource variable to check
+ * @return true if it is a resource, false otherwise
+ */
+ public function isResource($resource);
+
+}
diff --git a/apps/user_ldap/lib/jobs.php b/apps/user_ldap/lib/jobs.php
index 6b7666d4ca1752ee869221fb41ff03ee9998832e..2f90da3bfb617e082e44e6d2a6db5707519cabe9 100644
--- a/apps/user_ldap/lib/jobs.php
+++ b/apps/user_ldap/lib/jobs.php
@@ -139,13 +139,14 @@ class Jobs extends \OC\BackgroundJob\TimedJob {
return self::$groupBE;
}
$configPrefixes = Helper::getServerConfigurationPrefixes(true);
- if(count($configPrefixes) == 1) {
+ $ldapWrapper = new OCA\user_ldap\lib\LDAP();
+ if(count($configPrefixes) === 1) {
//avoid the proxy when there is only one LDAP server configured
- $connector = new Connection($configPrefixes[0]);
- self::$groupBE = new \OCA\user_ldap\GROUP_LDAP();
- self::$groupBE->setConnector($connector);
+ $connector = new OCA\user_ldap\lib\Connection($ldapWrapper, $configPrefixes[0]);
+ $ldapAccess = new OCA\user_ldap\lib\Access($connector, $ldapWrapper);
+ self::$groupBE = new OCA\user_ldap\GROUP_LDAP($ldapAccess);
} else {
- self::$groupBE = new \OCA\user_ldap\Group_Proxy($configPrefixes);
+ self::$groupBE = new \OCA\user_ldap\Group_Proxy($configPrefixes, $ldapWrapper);
}
return self::$groupBE;
diff --git a/apps/user_ldap/lib/ldap.php b/apps/user_ldap/lib/ldap.php
new file mode 100644
index 0000000000000000000000000000000000000000..b63e969912a129515f7f5977e3c1b613229f5c2e
--- /dev/null
+++ b/apps/user_ldap/lib/ldap.php
@@ -0,0 +1,167 @@
+<?php
+
+/**
+ * ownCloud – LDAP Wrapper
+ *
+ * @author Arthur Schiwon
+ * @copyright 2013 Arthur Schiwon blizzz@owncloud.com
+ *
+ * This library is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU AFFERO GENERAL PUBLIC LICENSE
+ * License as published by the Free Software Foundation; either
+ * version 3 of the License, or any later version.
+ *
+ * This library is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU AFFERO GENERAL PUBLIC LICENSE for more details.
+ *
+ * You should have received a copy of the GNU Affero General Public
+ * License along with this library. If not, see <http://www.gnu.org/licenses/>.
+ *
+ */
+
+namespace OCA\user_ldap\lib;
+
+class LDAP implements ILDAPWrapper {
+ protected $curFunc = '';
+ protected $curArgs = array();
+
+ public function bind($link, $dn, $password) {
+ return $this->invokeLDAPMethod('bind', $link, $dn, $password);
+ }
+
+ public function connect($host, $port) {
+ return $this->invokeLDAPMethod('connect', $host, $port);
+ }
+
+ public function controlPagedResultResponse($link, $result, &$cookie) {
+ $this->preFunctionCall('ldap_control_paged_result_response',
+ array($link, $result, $cookie));
+ $result = ldap_control_paged_result_response($link, $result, $cookie);
+ $this->postFunctionCall();
+
+ return $result;
+ }
+
+ public function controlPagedResult($link, $pagesize, $isCritical, $cookie) {
+ return $this->invokeLDAPMethod('control_paged_result', $link, $pagesize,
+ $isCritical, $cookie);
+ }
+
+ public function errno($link) {
+ return $this->invokeLDAPMethod('errno', $link);
+ }
+
+ public function error($link) {
+ return $this->invokeLDAPMethod('error', $link);
+ }
+
+ public function firstEntry($link, $result) {
+ return $this->invokeLDAPMethod('first_entry', $link, $result);
+ }
+
+ public function getAttributes($link, $result) {
+ return $this->invokeLDAPMethod('get_attributes', $link, $result);
+ }
+
+ public function getEntries($link, $result) {
+ return $this->invokeLDAPMethod('get_entries', $link, $result);
+ }
+
+ public function read($link, $baseDN, $filter, $attr) {
+ return $this->invokeLDAPMethod('read', $link, $baseDN, $filter, $attr);
+ }
+
+ public function search($link, $baseDN, $filter, $attr) {
+ return $this->invokeLDAPMethod('search', $link, $baseDN,
+ $filter, $attr);
+ }
+
+ public function setOption($link, $option, $value) {
+ $this->invokeLDAPMethod('set_option', $link, $option, $value);
+ }
+
+ public function sort($link, $result, $sortfilter) {
+ return $this->invokeLDAPMethod('sort', $link, $result, $sortfilter);
+ }
+
+ public function startTls($link) {
+ return $this->invokeLDAPMethod('start_tls', $link);
+ }
+
+ public function unbind($link) {
+ return $this->invokeLDAPMethod('unbind', $link);
+ }
+
+ /**
+ * @brief Checks whether the server supports LDAP
+ * @return true if it the case, false otherwise
+ * */
+ public function areLDAPFunctionsAvailable() {
+ return function_exists('ldap_connect');
+ }
+
+ /**
+ * @brief Checks whether PHP supports LDAP Paged Results
+ * @return true if it the case, false otherwise
+ * */
+ public function hasPagedResultSupport() {
+ $hasSupport = function_exists('ldap_control_paged_result')
+ && function_exists('ldap_control_paged_result_response');
+ return $hasSupport;
+ }
+
+ /**
+ * @brief Checks whether the submitted parameter is a resource
+ * @param $resource the resource variable to check
+ * @return true if it is a resource, false otherwise
+ */
+ public function isResource($resource) {
+ return is_resource($resource);
+ }
+
+ private function invokeLDAPMethod() {
+ $arguments = func_get_args();
+ $func = 'ldap_' . array_shift($arguments);
+ if(function_exists($func)) {
+ $this->preFunctionCall($func, $arguments);
+ $result = call_user_func_array($func, $arguments);
+ $this->postFunctionCall();
+ return $result;
+ }
+ }
+
+ private function preFunctionCall($functionName, $args) {
+ $this->curFunc = $functionName;
+ $this->curArgs = $args;
+ }
+
+ private function postFunctionCall() {
+ if($this->isResource($this->curArgs[0])) {
+ $errorCode = ldap_errno($this->curArgs[0]);
+ $errorMsg = ldap_error($this->curArgs[0]);
+ if($errorCode !== 0) {
+ if($this->curFunc === 'ldap_sort' && $errorCode === -4) {
+ //You can safely ignore that decoding error.
+ //… says https://bugs.php.net/bug.php?id=18023
+ } else if($this->curFunc === 'ldap_get_entries'
+ && $errorCode === -4) {
+ } else if ($errorCode === 32) {
+ //for now
+ } else if ($errorCode === 10) {
+ //referrals, we switch them off, but then there is AD :)
+ } else {
+ \OCP\Util::writeLog('user_ldap',
+ 'LDAP error '.$errorMsg.' (' .
+ $errorCode.') after calling '.
+ $this->curFunc,
+ \OCP\Util::DEBUG);
+ }
+ }
+ }
+
+ $this->curFunc = '';
+ $this->curArgs = array();
+ }
+}
\ No newline at end of file
diff --git a/apps/user_ldap/lib/ldaputility.php b/apps/user_ldap/lib/ldaputility.php
new file mode 100644
index 0000000000000000000000000000000000000000..7fffd9c88d18c1efe5cdd97624738594b830bceb
--- /dev/null
+++ b/apps/user_ldap/lib/ldaputility.php
@@ -0,0 +1,36 @@
+<?php
+
+/**
+ * ownCloud – LDAP LDAPUtility
+ *
+ * @author Arthur Schiwon
+ * @copyright 2013 Arthur Schiwon blizzz@owncloud.com
+ *
+ * This library is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU AFFERO GENERAL PUBLIC LICENSE
+ * License as published by the Free Software Foundation; either
+ * version 3 of the License, or any later version.
+ *
+ * This library is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU AFFERO GENERAL PUBLIC LICENSE for more details.
+ *
+ * You should have received a copy of the GNU Affero General Public
+ * License along with this library. If not, see <http://www.gnu.org/licenses/>.
+ *
+ */
+
+namespace OCA\user_ldap\lib;
+
+abstract class LDAPUtility {
+ protected $ldap;
+
+ /**
+ * @brief constructor, make sure the subclasses call this one!
+ * @param $ldapWrapper an instance of an ILDAPWrapper
+ */
+ public function __construct(ILDAPWrapper $ldapWrapper) {
+ $this->ldap = $ldapWrapper;
+ }
+}
diff --git a/apps/user_ldap/lib/proxy.php b/apps/user_ldap/lib/proxy.php
index ae3e3be73611e355c3b16dfca5d0662e537424e3..c74b357bdd2fa77fdb564878fe31d9f6e6b4cac0 100644
--- a/apps/user_ldap/lib/proxy.php
+++ b/apps/user_ldap/lib/proxy.php
@@ -23,26 +23,27 @@
namespace OCA\user_ldap\lib;
+use OCA\user_ldap\lib\Access;
+
abstract class Proxy {
- static private $connectors = array();
+ static private $accesses = array();
+ private $ldap = null;
- public function __construct() {
+ public function __construct(ILDAPWrapper $ldap) {
+ $this->ldap = $ldap;
$this->cache = \OC_Cache::getGlobalCache();
}
- private function addConnector($configPrefix) {
- self::$connectors[$configPrefix] = new \OCA\user_ldap\lib\Connection($configPrefix);
+ private function addAccess($configPrefix) {
+ $connector = new Connection($this->ldap, $configPrefix);
+ self::$accesses[$configPrefix] = new Access($connector, $this->ldap);
}
- protected function getConnector($configPrefix) {
- if(!isset(self::$connectors[$configPrefix])) {
- $this->addConnector($configPrefix);
+ protected function getAccess($configPrefix) {
+ if(!isset(self::$accesses[$configPrefix])) {
+ $this->addAccess($configPrefix);
}
- return self::$connectors[$configPrefix];
- }
-
- protected function getConnectors() {
- return self::$connectors;
+ return self::$accesses[$configPrefix];
}
protected function getUserCacheKey($uid) {
diff --git a/apps/user_ldap/settings.php b/apps/user_ldap/settings.php
index 7169192a18e4a94e4eb3d087e594577aed43a8e5..b7070f23183b00b2c5cd73fe6d62b21ae7f2652f 100644
--- a/apps/user_ldap/settings.php
+++ b/apps/user_ldap/settings.php
@@ -49,14 +49,9 @@ $tmpl->assign('serverConfigurationPrefixes', $prefixes);
$tmpl->assign('serverConfigurationHosts', $hosts);
// assign default values
-if(!isset($ldap)) {
- $ldap = new \OCA\user_ldap\lib\Connection();
-}
-$defaults = $ldap->getDefaults();
+$defaults = \OCA\user_ldap\lib\Connection::getDefaults();
foreach($defaults as $key => $default) {
$tmpl->assign($key.'_default', $default);
}
-// $tmpl->assign();
-
return $tmpl->fetchPage();
diff --git a/apps/user_ldap/tests/group_ldap.php b/apps/user_ldap/tests/group_ldap.php
deleted file mode 100644
index ae635597b71fcd15de2fa6b707e58fead4f3fc00..0000000000000000000000000000000000000000
--- a/apps/user_ldap/tests/group_ldap.php
+++ /dev/null
@@ -1,46 +0,0 @@
-<?php
-/**
-* ownCloud
-*
-* @author Arthur Schiwon
-* @copyright 2012 Arthur Schiwon blizzz@owncloud.com
-*
-* This library is free software; you can redistribute it and/or
-* modify it under the terms of the GNU AFFERO GENERAL PUBLIC LICENSE
-* License as published by the Free Software Foundation; either
-* version 3 of the License, or any later version.
-*
-* This library is distributed in the hope that it will be useful,
-* but WITHOUT ANY WARRANTY; without even the implied warranty of
-* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
-* GNU AFFERO GENERAL PUBLIC LICENSE for more details.
-*
-* You should have received a copy of the GNU Affero General Public
-* License along with this library. If not, see <http://www.gnu.org/licenses/>.
-*
-*/
-
-class Test_Group_Ldap extends PHPUnit_Framework_TestCase {
- function setUp() {
- OC_Group::clearBackends();
- }
-
- function testSingleBackend() {
- OC_Group::useBackend(new OCA\user_ldap\GROUP_LDAP());
- $group_ldap = new OCA\user_ldap\GROUP_LDAP();
-
- $this->assertIsA(OC_Group::getGroups(), gettype(array()));
- $this->assertIsA($group_ldap->getGroups(), gettype(array()));
-
- $this->assertFalse(OC_Group::inGroup('john', 'dosers'), gettype(false));
- $this->assertFalse($group_ldap->inGroup('john', 'dosers'), gettype(false));
- //TODO: check also for expected true result. This backend won't be able to do any modifications, maybe use a dummy for this.
-
- $this->assertIsA(OC_Group::getUserGroups('john doe'), gettype(array()));
- $this->assertIsA($group_ldap->getUserGroups('john doe'), gettype(array()));
-
- $this->assertIsA(OC_Group::usersInGroup('campers'), gettype(array()));
- $this->assertIsA($group_ldap->usersInGroup('campers'), gettype(array()));
- }
-
-}
diff --git a/apps/user_ldap/tests/user_ldap.php b/apps/user_ldap/tests/user_ldap.php
new file mode 100644
index 0000000000000000000000000000000000000000..6b9b8b3e18503162fcfc90638c5b09250df6b126
--- /dev/null
+++ b/apps/user_ldap/tests/user_ldap.php
@@ -0,0 +1,411 @@
+<?php
+/**
+* ownCloud
+*
+* @author Arthur Schiwon
+* @copyright 2013 Arthur Schiwon blizzz@owncloud.com
+*
+* This library is free software; you can redistribute it and/or
+* modify it under the terms of the GNU AFFERO GENERAL PUBLIC LICENSE
+* License as published by the Free Software Foundation; either
+* version 3 of the License, or any later version.
+*
+* This library is distributed in the hope that it will be useful,
+* but WITHOUT ANY WARRANTY; without even the implied warranty of
+* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+* GNU AFFERO GENERAL PUBLIC LICENSE for more details.
+*
+* You should have received a copy of the GNU Affero General Public
+* License along with this library. If not, see <http://www.gnu.org/licenses/>.
+*
+*/
+
+namespace OCA\user_ldap\tests;
+
+use \OCA\user_ldap\USER_LDAP as UserLDAP;
+use \OCA\user_ldap\lib\Access;
+use \OCA\user_ldap\lib\Connection;
+use \OCA\user_ldap\lib\ILDAPWrapper;
+
+class Test_User_Ldap_Direct extends \PHPUnit_Framework_TestCase {
+ protected $backend;
+
+ public function setUp() {
+ \OC_User::clearBackends();
+ \OC_Group::clearBackends();
+ }
+
+ private function getAccessMock() {
+ static $conMethods;
+ static $accMethods;
+
+ if(is_null($conMethods) || is_null($accMethods)) {
+ $conMethods = get_class_methods('\OCA\user_ldap\lib\Connection');
+ $accMethods = get_class_methods('\OCA\user_ldap\lib\Access');
+ }
+ $lw = $this->getMock('\OCA\user_ldap\lib\ILDAPWrapper');
+ $connector = $this->getMock('\OCA\user_ldap\lib\Connection',
+ $conMethods,
+ array($lw, null, null));
+ $access = $this->getMock('\OCA\user_ldap\lib\Access',
+ $accMethods,
+ array($connector, $lw));
+
+ return $access;
+ }
+
+ private function prepareMockForUserExists(&$access) {
+ $access->expects($this->any())
+ ->method('username2dn')
+ ->will($this->returnCallback(function($uid) {
+ switch ($uid) {
+ case 'gunslinger':
+ return 'dnOfRoland';
+ break;
+ case 'formerUser':
+ return 'dnOfFormerUser';
+ break;
+ case 'newyorker':
+ return 'dnOfNewYorker';
+ break;
+ case 'ladyofshadows':
+ return 'dnOfLadyOfShadows';
+ break;
+ defautl:
+ return false;
+ }
+ }));
+ }
+
+ /**
+ * @brief Prepares the Access mock for checkPassword tests
+ * @param $access mock of \OCA\user_ldap\lib\Access
+ * @return void
+ */
+ private function prepareAccessForCheckPassword(&$access) {
+ $access->connection->expects($this->any())
+ ->method('__get')
+ ->will($this->returnCallback(function($name) {
+ if($name === 'ldapLoginFilter') {
+ return '%uid';
+ }
+ return null;
+ }));
+
+ $access->expects($this->any())
+ ->method('fetchListOfUsers')
+ ->will($this->returnCallback(function($filter) {
+ if($filter === 'roland') {
+ return array('dnOfRoland');
+ }
+ return array();
+ }));
+
+ $access->expects($this->any())
+ ->method('dn2username')
+ ->with($this->equalTo('dnOfRoland'))
+ ->will($this->returnValue('gunslinger'));
+
+ $access->expects($this->any())
+ ->method('areCredentialsValid')
+ ->will($this->returnCallback(function($dn, $pwd) {
+ if($pwd === 'dt19') {
+ return true;
+ }
+ return false;
+ }));
+ }
+
+ public function testCheckPassword() {
+ $access = $this->getAccessMock();
+ $this->prepareAccessForCheckPassword($access);
+ $backend = new UserLDAP($access);
+ \OC_User::useBackend($backend);
+
+ $result = $backend->checkPassword('roland', 'dt19');
+ $this->assertEquals('gunslinger', $result);
+
+ $result = $backend->checkPassword('roland', 'wrong');
+ $this->assertFalse($result);
+
+ $result = $backend->checkPassword('mallory', 'evil');
+ $this->assertFalse($result);
+ }
+
+ public function testCheckPasswordPublicAPI() {
+ $access = $this->getAccessMock();
+ $this->prepareAccessForCheckPassword($access);
+ $backend = new UserLDAP($access);
+ \OC_User::useBackend($backend);
+
+ $result = \OCP\User::checkPassword('roland', 'dt19');
+ $this->assertEquals('gunslinger', $result);
+
+ $result = \OCP\User::checkPassword('roland', 'wrong');
+ $this->assertFalse($result);
+
+ $result = \OCP\User::checkPassword('mallory', 'evil');
+ $this->assertFalse($result);
+ }
+
+ /**
+ * @brief Prepares the Access mock for getUsers tests
+ * @param $access mock of \OCA\user_ldap\lib\Access
+ * @return void
+ */
+ private function prepareAccessForGetUsers(&$access) {
+ $access->expects($this->any())
+ ->method('getFilterPartForUserSearch')
+ ->will($this->returnCallback(function($search) {
+ return $search;
+ }));
+
+ $access->expects($this->any())
+ ->method('combineFilterWithAnd')
+ ->will($this->returnCallback(function($param) {
+ return $param[1];
+ }));
+
+ $access->expects($this->any())
+ ->method('fetchListOfUsers')
+ ->will($this->returnCallback(function($search, $a, $l, $o) {
+ $users = array('gunslinger', 'newyorker', 'ladyofshadows');
+ if(empty($search)) {
+ $result = $users;
+ } else {
+ $result = array();
+ foreach($users as $user) {
+ if(stripos($user, $search) !== false) {
+ $result[] = $user;
+ }
+ }
+ }
+ if(!is_null($l) || !is_null($o)) {
+ $result = array_slice($result, $o, $l);
+ }
+ return $result;
+ }));
+
+ $access->expects($this->any())
+ ->method('ownCloudUserNames')
+ ->will($this->returnArgument(0));
+ }
+
+ public function testGetUsers() {
+ $access = $this->getAccessMock();
+ $this->prepareAccessForGetUsers($access);
+ $backend = new UserLDAP($access);
+
+ $result = $backend->getUsers();
+ $this->assertEquals(3, count($result));
+
+ $result = $backend->getUsers('', 1, 2);
+ $this->assertEquals(1, count($result));
+
+ $result = $backend->getUsers('', 2, 1);
+ $this->assertEquals(2, count($result));
+
+ $result = $backend->getUsers('yo');
+ $this->assertEquals(2, count($result));
+
+ $result = $backend->getUsers('nix');
+ $this->assertEquals(0, count($result));
+ }
+
+ public function testGetUsersViaAPI() {
+ $access = $this->getAccessMock();
+ $this->prepareAccessForGetUsers($access);
+ $backend = new UserLDAP($access);
+ \OC_User::useBackend($backend);
+
+ $result = \OCP\User::getUsers();
+ $this->assertEquals(3, count($result));
+
+ $result = \OCP\User::getUsers('', 1, 2);
+ $this->assertEquals(1, count($result));
+
+ $result = \OCP\User::getUsers('', 2, 1);
+ $this->assertEquals(2, count($result));
+
+ $result = \OCP\User::getUsers('yo');
+ $this->assertEquals(2, count($result));
+
+ $result = \OCP\User::getUsers('nix');
+ $this->assertEquals(0, count($result));
+ }
+
+ public function testUserExists() {
+ $access = $this->getAccessMock();
+ $backend = new UserLDAP($access);
+ $this->prepareMockForUserExists($access);
+
+ $access->expects($this->any())
+ ->method('readAttribute')
+ ->will($this->returnCallback(function($dn) {
+ if($dn === 'dnOfRoland') {
+ return array();
+ }
+ return false;
+ }));
+
+ //test for existing user
+ $result = $backend->userExists('gunslinger');
+ $this->assertTrue($result);
+
+ //test for deleted user
+ $result = $backend->userExists('formerUser');
+ $this->assertFalse($result);
+
+ //test for never-existing user
+ $result = $backend->userExists('mallory');
+ $this->assertFalse($result);
+ }
+
+ public function testUserExistsPublicAPI() {
+ $access = $this->getAccessMock();
+ $backend = new UserLDAP($access);
+ $this->prepareMockForUserExists($access);
+ \OC_User::useBackend($backend);
+
+ $access->expects($this->any())
+ ->method('readAttribute')
+ ->will($this->returnCallback(function($dn) {
+ if($dn === 'dnOfRoland') {
+ return array();
+ }
+ return false;
+ }));
+
+ //test for existing user
+ $result = \OCP\User::userExists('gunslinger');
+ $this->assertTrue($result);
+
+ //test for deleted user
+ $result = \OCP\User::userExists('formerUser');
+ $this->assertFalse($result);
+
+ //test for never-existing user
+ $result = \OCP\User::userExists('mallory');
+ $this->assertFalse($result);
+ }
+
+ public function testDeleteUser() {
+ $access = $this->getAccessMock();
+ $backend = new UserLDAP($access);
+
+ //we do not support deleting users at all
+ $result = $backend->deleteUser('gunslinger');
+ $this->assertFalse($result);
+ }
+
+ public function testGetHome() {
+ $access = $this->getAccessMock();
+ $backend = new UserLDAP($access);
+ $this->prepareMockForUserExists($access);
+
+ $access->connection->expects($this->any())
+ ->method('__get')
+ ->will($this->returnCallback(function($name) {
+ if($name === 'homeFolderNamingRule') {
+ return 'attr:testAttribute';
+ }
+ return null;
+ }));
+
+ $access->expects($this->any())
+ ->method('readAttribute')
+ ->will($this->returnCallback(function($dn, $attr) {
+ switch ($dn) {
+ case 'dnOfRoland':
+ if($attr === 'testAttribute') {
+ return array('/tmp/rolandshome/');
+ }
+ return array();
+ break;
+ case 'dnOfLadyOfShadows':
+ if($attr === 'testAttribute') {
+ return array('susannah/');
+ }
+ return array();
+ break;
+ default:
+ return false;
+ }
+ }));
+
+ //absolut path
+ $result = $backend->getHome('gunslinger');
+ $this->assertEquals('/tmp/rolandshome/', $result);
+
+ //datadir-relativ path
+ $result = $backend->getHome('ladyofshadows');
+ $datadir = \OCP\Config::getSystemValue('datadirectory',
+ \OC::$SERVERROOT.'/data');
+ $this->assertEquals($datadir.'/susannah/', $result);
+
+ //no path at all – triggers OC default behaviour
+ $result = $backend->getHome('newyorker');
+ $this->assertFalse($result);
+ }
+
+ private function prepareAccessForGetDisplayName(&$access) {
+ $access->connection->expects($this->any())
+ ->method('__get')
+ ->will($this->returnCallback(function($name) {
+ if($name === 'ldapUserDisplayName') {
+ return 'displayname';
+ }
+ return null;
+ }));
+
+ $access->expects($this->any())
+ ->method('readAttribute')
+ ->will($this->returnCallback(function($dn, $attr) {
+ switch ($dn) {
+ case 'dnOfRoland':
+ if($attr === 'displayname') {
+ return array('Roland Deschain');
+ }
+ return array();
+ break;
+
+ default:
+ return false;
+ }
+ }));
+ }
+
+ public function testGetDisplayName() {
+ $access = $this->getAccessMock();
+ $this->prepareAccessForGetDisplayName($access);
+ $backend = new UserLDAP($access);
+ $this->prepareMockForUserExists($access);
+
+ //with displayName
+ $result = $backend->getDisplayName('gunslinger');
+ $this->assertEquals('Roland Deschain', $result);
+
+ //empty displayname retrieved
+ $result = $backend->getDisplayName('newyorker');
+ $this->assertEquals(null, $result);
+ }
+
+ public function testGetDisplayNamePublicAPI() {
+ $access = $this->getAccessMock();
+ $this->prepareAccessForGetDisplayName($access);
+ $backend = new UserLDAP($access);
+ $this->prepareMockForUserExists($access);
+ \OC_User::useBackend($backend);
+
+ //with displayName
+ $result = \OCP\User::getDisplayName('gunslinger');
+ $this->assertEquals('Roland Deschain', $result);
+
+ //empty displayname retrieved
+ $result = \OCP\User::getDisplayName('newyorker');
+ $this->assertEquals('newyorker', $result);
+ }
+
+ //no test for getDisplayNames, because it just invokes getUsers and
+ //getDisplayName
+}
\ No newline at end of file
diff --git a/apps/user_ldap/user_ldap.php b/apps/user_ldap/user_ldap.php
index 850ca0df99546d339203931242aefe0df324337a..6f52bbdf233b3c85b5ad0b9617073640f7cba9d5 100644
--- a/apps/user_ldap/user_ldap.php
+++ b/apps/user_ldap/user_ldap.php
@@ -25,37 +25,46 @@
namespace OCA\user_ldap;
-class USER_LDAP extends lib\Access implements \OCP\UserInterface {
+use OCA\user_ldap\lib\ILDAPWrapper;
+use OCA\user_ldap\lib\BackendUtility;
+
+class USER_LDAP extends BackendUtility implements \OCP\UserInterface {
private function updateQuota($dn) {
$quota = null;
- $quotaDefault = $this->connection->ldapQuotaDefault;
- $quotaAttribute = $this->connection->ldapQuotaAttribute;
+ $quotaDefault = $this->access->connection->ldapQuotaDefault;
+ $quotaAttribute = $this->access->connection->ldapQuotaAttribute;
if(!empty($quotaDefault)) {
$quota = $quotaDefault;
}
if(!empty($quotaAttribute)) {
- $aQuota = $this->readAttribute($dn, $quotaAttribute);
+ $aQuota = $this->access->readAttribute($dn, $quotaAttribute);
if($aQuota && (count($aQuota) > 0)) {
$quota = $aQuota[0];
}
}
if(!is_null($quota)) {
- \OCP\Config::setUserValue($this->dn2username($dn), 'files', 'quota', \OCP\Util::computerFileSize($quota));
+ \OCP\Config::setUserValue( $this->access->dn2username($dn),
+ 'files',
+ 'quota',
+ \OCP\Util::computerFileSize($quota));
}
}
private function updateEmail($dn) {
$email = null;
- $emailAttribute = $this->connection->ldapEmailAttribute;
+ $emailAttribute = $this->access->connection->ldapEmailAttribute;
if(!empty($emailAttribute)) {
- $aEmail = $this->readAttribute($dn, $emailAttribute);
+ $aEmail = $this->access->readAttribute($dn, $emailAttribute);
if($aEmail && (count($aEmail) > 0)) {
$email = $aEmail[0];
}
if(!is_null($email)) {
- \OCP\Config::setUserValue($this->dn2username($dn), 'settings', 'email', $email);
+ \OCP\Config::setUserValue( $this->access->dn2username($dn),
+ 'settings',
+ 'email',
+ $email);
}
}
}
@@ -70,15 +79,16 @@ class USER_LDAP extends lib\Access implements \OCP\UserInterface {
*/
public function checkPassword($uid, $password) {
//find out dn of the user name
- $filter = \OCP\Util::mb_str_replace('%uid', $uid, $this->connection->ldapLoginFilter, 'UTF-8');
- $ldap_users = $this->fetchListOfUsers($filter, 'dn');
+ $filter = \OCP\Util::mb_str_replace(
+ '%uid', $uid, $this->access->connection->ldapLoginFilter, 'UTF-8');
+ $ldap_users = $this->access->fetchListOfUsers($filter, 'dn');
if(count($ldap_users) < 1) {
return false;
}
$dn = $ldap_users[0];
//do we have a username for him/her?
- $ocname = $this->dn2username($dn);
+ $ocname = $this->access->dn2username($dn);
if($ocname) {
//update some settings, if necessary
@@ -86,7 +96,7 @@ class USER_LDAP extends lib\Access implements \OCP\UserInterface {
$this->updateEmail($dn);
//are the credentials OK?
- if(!$this->areCredentialsValid($dn, $password)) {
+ if(!$this->access->areCredentialsValid($dn, $password)) {
return false;
}
@@ -107,7 +117,7 @@ class USER_LDAP extends lib\Access implements \OCP\UserInterface {
$cachekey = 'getUsers-'.$search.'-'.$limit.'-'.$offset;
//check if users are cached, if so return
- $ldap_users = $this->connection->getFromCache($cachekey);
+ $ldap_users = $this->access->connection->getFromCache($cachekey);
if(!is_null($ldap_users)) {
return $ldap_users;
}
@@ -117,21 +127,23 @@ class USER_LDAP extends lib\Access implements \OCP\UserInterface {
if($limit <= 0) {
$limit = null;
}
- $filter = $this->combineFilterWithAnd(array(
- $this->connection->ldapUserFilter,
- $this->getFilterPartForUserSearch($search)
+ $filter = $this->access->combineFilterWithAnd(array(
+ $this->access->connection->ldapUserFilter,
+ $this->access->getFilterPartForUserSearch($search)
));
\OCP\Util::writeLog('user_ldap',
'getUsers: Options: search '.$search.' limit '.$limit.' offset '.$offset.' Filter: '.$filter,
\OCP\Util::DEBUG);
//do the search and translate results to owncloud names
- $ldap_users = $this->fetchListOfUsers($filter, array($this->connection->ldapUserDisplayName, 'dn'),
+ $ldap_users = $this->access->fetchListOfUsers(
+ $filter,
+ array($this->access->connection->ldapUserDisplayName, 'dn'),
$limit, $offset);
- $ldap_users = $this->ownCloudUserNames($ldap_users);
+ $ldap_users = $this->access->ownCloudUserNames($ldap_users);
\OCP\Util::writeLog('user_ldap', 'getUsers: '.count($ldap_users). ' Users found', \OCP\Util::DEBUG);
- $this->connection->writeToCache($cachekey, $ldap_users);
+ $this->access->connection->writeToCache($cachekey, $ldap_users);
return $ldap_users;
}
@@ -141,24 +153,25 @@ class USER_LDAP extends lib\Access implements \OCP\UserInterface {
* @return boolean
*/
public function userExists($uid) {
- if($this->connection->isCached('userExists'.$uid)) {
- return $this->connection->getFromCache('userExists'.$uid);
+ if($this->access->connection->isCached('userExists'.$uid)) {
+ return $this->access->connection->getFromCache('userExists'.$uid);
}
-
//getting dn, if false the user does not exist. If dn, he may be mapped only, requires more checking.
- $dn = $this->username2dn($uid);
+ $dn = $this->access->username2dn($uid);
if(!$dn) {
- $this->connection->writeToCache('userExists'.$uid, false);
+ \OCP\Util::writeLog('user_ldap', 'No DN found for '.$uid.' on '.
+ $this->access->connection->ldapHost, \OCP\Util::DEBUG);
+ $this->access->connection->writeToCache('userExists'.$uid, false);
return false;
}
-
//check if user really still exists by reading its entry
- if(!is_array($this->readAttribute($dn, ''))) {
- $this->connection->writeToCache('userExists'.$uid, false);
+ if(!is_array($this->access->readAttribute($dn, ''))) {
+ \OCP\Util::writeLog('user_ldap', 'LDAP says no user '.$dn, \OCP\Util::DEBUG);
+ $this->access->connection->writeToCache('userExists'.$uid, false);
return false;
}
- $this->connection->writeToCache('userExists'.$uid, true);
+ $this->access->connection->writeToCache('userExists'.$uid, true);
$this->updateQuota($dn);
return true;
}
@@ -186,12 +199,13 @@ class USER_LDAP extends lib\Access implements \OCP\UserInterface {
}
$cacheKey = 'getHome'.$uid;
- if($this->connection->isCached($cacheKey)) {
- return $this->connection->getFromCache($cacheKey);
+ if($this->access->connection->isCached($cacheKey)) {
+ return $this->access->connection->getFromCache($cacheKey);
}
- if(strpos($this->connection->homeFolderNamingRule, 'attr:') === 0) {
- $attr = substr($this->connection->homeFolderNamingRule, strlen('attr:'));
- $homedir = $this->readAttribute($this->username2dn($uid), $attr);
+ if(strpos($this->access->connection->homeFolderNamingRule, 'attr:') === 0) {
+ $attr = substr($this->access->connection->homeFolderNamingRule, strlen('attr:'));
+ $homedir = $this->access->readAttribute(
+ $this->access->username2dn($uid), $attr);
if($homedir && isset($homedir[0])) {
$path = $homedir[0];
//if attribute's value is an absolute path take this, otherwise append it to data dir
@@ -206,13 +220,13 @@ class USER_LDAP extends lib\Access implements \OCP\UserInterface {
$homedir = \OCP\Config::getSystemValue('datadirectory',
\OC::$SERVERROOT.'/data' ) . '/' . $homedir[0];
}
- $this->connection->writeToCache($cacheKey, $homedir);
+ $this->access->connection->writeToCache($cacheKey, $homedir);
return $homedir;
}
}
//false will apply default behaviour as defined and done by OC_User
- $this->connection->writeToCache($cacheKey, false);
+ $this->access->connection->writeToCache($cacheKey, false);
return false;
}
@@ -227,16 +241,16 @@ class USER_LDAP extends lib\Access implements \OCP\UserInterface {
}
$cacheKey = 'getDisplayName'.$uid;
- if(!is_null($displayName = $this->connection->getFromCache($cacheKey))) {
+ if(!is_null($displayName = $this->access->connection->getFromCache($cacheKey))) {
return $displayName;
}
- $displayName = $this->readAttribute(
- $this->username2dn($uid),
- $this->connection->ldapUserDisplayName);
+ $displayName = $this->access->readAttribute(
+ $this->access->username2dn($uid),
+ $this->access->connection->ldapUserDisplayName);
if($displayName && (count($displayName) > 0)) {
- $this->connection->writeToCache($cacheKey, $displayName[0]);
+ $this->access->connection->writeToCache($cacheKey, $displayName[0]);
return $displayName[0];
}
@@ -251,7 +265,7 @@ class USER_LDAP extends lib\Access implements \OCP\UserInterface {
*/
public function getDisplayNames($search = '', $limit = null, $offset = null) {
$cacheKey = 'getDisplayNames-'.$search.'-'.$limit.'-'.$offset;
- if(!is_null($displayNames = $this->connection->getFromCache($cacheKey))) {
+ if(!is_null($displayNames = $this->access->connection->getFromCache($cacheKey))) {
return $displayNames;
}
@@ -260,7 +274,7 @@ class USER_LDAP extends lib\Access implements \OCP\UserInterface {
foreach ($users as $user) {
$displayNames[$user] = $this->getDisplayName($user);
}
- $this->connection->writeToCache($cacheKey, $displayNames);
+ $this->access->connection->writeToCache($cacheKey, $displayNames);
return $displayNames;
}
diff --git a/apps/user_ldap/user_proxy.php b/apps/user_ldap/user_proxy.php
index 0722d8871a42ce06eb097b7a6f4fe403d200ad17..092fdbf7c782c55d8b2f1d4417e8ef7f397abc8e 100644
--- a/apps/user_ldap/user_proxy.php
+++ b/apps/user_ldap/user_proxy.php
@@ -23,6 +23,8 @@
namespace OCA\user_ldap;
+use OCA\user_ldap\lib\ILDAPWrapper;
+
class User_Proxy extends lib\Proxy implements \OCP\UserInterface {
private $backends = array();
private $refBackend = null;
@@ -31,12 +33,11 @@ class User_Proxy extends lib\Proxy implements \OCP\UserInterface {
* @brief Constructor
* @param $serverConfigPrefixes array containing the config Prefixes
*/
- public function __construct($serverConfigPrefixes) {
- parent::__construct();
+ public function __construct($serverConfigPrefixes, ILDAPWrapper $ldap) {
+ parent::__construct($ldap);
foreach($serverConfigPrefixes as $configPrefix) {
- $this->backends[$configPrefix] = new \OCA\user_ldap\USER_LDAP();
- $connector = $this->getConnector($configPrefix);
- $this->backends[$configPrefix]->setConnector($connector);
+ $this->backends[$configPrefix] =
+ new \OCA\user_ldap\USER_LDAP($this->getAccess($configPrefix));
if(is_null($this->refBackend)) {
$this->refBackend = &$this->backends[$configPrefix];
}
diff --git a/autotest.sh b/autotest.sh
index 83f184fa9c065fa12088d700536b4405d4b57182..3831e1812451577c1a020be83c90926743b2ba83 100755
--- a/autotest.sh
+++ b/autotest.sh
@@ -12,6 +12,16 @@ DATABASEUSER=oc_autotest$EXECUTOR_NUMBER
ADMINLOGIN=admin$EXECUTOR_NUMBER
BASEDIR=$PWD
+if ! [ -w config -a -w config/config.php ]; then
+ echo "Please enable write permissions on config and config/config.php" >&2
+ exit 1
+fi
+
+# Back up existing (dev) config if one exists
+if [ -f config/config.php ]; then
+ mv config/config.php config/config-autotest-backup.php
+fi
+
# use tmpfs for datadir - should speedup unit test execution
if [ -d /dev/shm ]; then
DATADIR=/dev/shm/data-autotest$EXECUTOR_NUMBER
@@ -158,6 +168,13 @@ else
execute_tests $1 $2 $3
fi
+cd $BASEDIR
+
+# Restore existing config
+if [ -f config/config-autotest-backup.php ]; then
+ mv config/config-autotest-backup.php config/config.php
+fi
+
#
# NOTES on mysql:
# - CREATE DATABASE oc_autotest;
diff --git a/core/css/styles.css b/core/css/styles.css
index 06b61f0fa689d792a3e61b46e1c867c1baf6a30b..481fb6d5f39caec48e7c66bc890353eb3cd1bd65 100644
--- a/core/css/styles.css
+++ b/core/css/styles.css
@@ -43,6 +43,10 @@ body { background:#fefefe; font:normal .8em/1.6em "Helvetica Neue",Helvetica,Ari
display: inline-block;
}
+#header .avatardiv img {
+ opacity: 1;
+}
+
/* INPUTS */
input[type="text"], input[type="password"], input[type="search"], input[type="number"], input[type="email"], input[type="url"],
textarea, select,
@@ -152,22 +156,37 @@ input[type="submit"].enabled { background:#66f866; border:1px solid #5e5; -moz-b
/* CONTENT ------------------------------------------------------------------ */
#controls {
+ -moz-box-sizing: border-box;
+ -webkit-box-sizing: border-box;
+ box-sizing: border-box;
position: fixed;
- height: 36px;
+ height: 44px;
width: 100%;
- padding: 0 75px 0 6px;
+ padding-right: 75px;
margin: 0;
background: #eee;
border-bottom: 1px solid #e7e7e7;
z-index: 50;
- -moz-box-sizing: border-box; box-sizing: border-box;
}
-#controls .button {
+#controls .button,
+#controls button,
+#controls input[type='submit'],
+#controls input[type='text'],
+#controls input[type='password'],
+#controls select {
+ -moz-box-sizing: border-box;
+ -webkit-box-sizing: border-box;
+ box-sizing: border-box;
display: inline-block;
+ height: 36px;
+ padding: 7px 10px
}
#content { position:relative; height:100%; width:100%; }
-#content .hascontrols { position: relative; top: 2.9em; }
+#content .hascontrols {
+ position: relative;
+ top: 45px;
+}
#content-wrapper {
position:absolute; height:100%; width:100%; padding-top:3.5em; padding-left:80px;
-moz-box-sizing:border-box; box-sizing:border-box;
@@ -746,15 +765,38 @@ span.ui-icon {float: left; margin: 3px 7px 30px 0;}
.arrow.left { left:-13px; bottom:1.2em; -webkit-transform:rotate(270deg); -moz-transform:rotate(270deg); -o-transform:rotate(270deg); -ms-transform:rotate(270deg); transform:rotate(270deg); }
.arrow.up { top:-8px; right:2em; }
.arrow.down { -webkit-transform:rotate(180deg); -moz-transform:rotate(180deg); -o-transform:rotate(180deg); -ms-transform:rotate(180deg); transform:rotate(180deg); }
-.help-includes {overflow: hidden; width: 100%; height: 100%; -moz-box-sizing: border-box; box-sizing: border-box; padding-top: 2.8em; }
+.help-includes {
+ overflow: hidden;
+ width: 100%;
+ height: 100%;
+ -moz-box-sizing: border-box;
+ box-sizing: border-box;
+ padding-top: 44px;
+}
.help-iframe {width: 100%; height: 100%; margin: 0;padding: 0; border: 0; overflow: auto;}
/* ---- BREADCRUMB ---- */
-div.crumb { float:left; display:block; background:url('../img/breadcrumb.svg') no-repeat right 0; padding:.75em 1.5em 0 1em; height:2.9em; -moz-box-sizing:border-box; box-sizing:border-box; }
-div.crumb:first-child { padding:10px 20px 10px 5px; }
-div.crumb.last { font-weight:bold; background:none; padding-right:10px; }
-div.crumb a{ padding: 0.9em 0 0.7em 0; }
+div.crumb {
+ float: left;
+ display: block;
+ background: url('../img/breadcrumb.svg') no-repeat right center;
+ height: 44px;
+}
+div.crumb a {
+ position: relative;
+ top: 12px;
+ padding: 14px 24px 14px 17px;
+ color: #555;
+}
+div.crumb:first-child a {
+ position: relative;
+ top: 13px;
+}
+div.crumb.last {
+ font-weight: bold;
+ margin-right: 10px;
+}
/* some feedback for hover/tap on breadcrumbs */
div.crumb:hover,
diff --git a/core/img/breadcrumb-start.png b/core/img/breadcrumb-start.png
deleted file mode 100644
index b0df5f44037637c322fb4eb867f90c18c6e8f613..0000000000000000000000000000000000000000
Binary files a/core/img/breadcrumb-start.png and /dev/null differ
diff --git a/core/img/breadcrumb-start.svg b/core/img/breadcrumb-start.svg
deleted file mode 100644
index 7f36231cdf8d370d8abc8ea1cb2ea50b21f0c657..0000000000000000000000000000000000000000
--- a/core/img/breadcrumb-start.svg
+++ /dev/null
@@ -1,6 +0,0 @@
-<?xml version="1.0" encoding="UTF-8" standalone="no"?>
-<svg xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#" xmlns="http://www.w3.org/2000/svg" height="36" width="11" version="1.1" xmlns:cc="http://creativecommons.org/ns#" xmlns:dc="http://purl.org/dc/elements/1.1/">
- <g transform="translate(0 -1016.4)">
- <path d="m0 0 11 18-11 18z" transform="translate(0 1016.4)" fill="#ddd"/>
- </g>
-</svg>
diff --git a/core/img/breadcrumb.png b/core/img/breadcrumb.png
index 84992be0d9350d7a94455cfe46dcea2fcc669e64..7e9593a36bf9a2fc123ee6237fdfc88c022df0a6 100644
Binary files a/core/img/breadcrumb.png and b/core/img/breadcrumb.png differ
diff --git a/core/img/breadcrumb.svg b/core/img/breadcrumb.svg
index 05a216e50a9eaec7a20be7274957dc6e8ae2f46f..f0b5c9218d50b5b05e9a7446519bad8743464440 100644
--- a/core/img/breadcrumb.svg
+++ b/core/img/breadcrumb.svg
@@ -1,6 +1,12 @@
-<?xml version="1.0" encoding="UTF-8" standalone="no"?>
-<svg xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#" xmlns="http://www.w3.org/2000/svg" height="36" width="11" version="1.1" xmlns:cc="http://creativecommons.org/ns#" xmlns:dc="http://purl.org/dc/elements/1.1/">
- <g transform="translate(0 -1016.4)">
- <path d="m0.5 0 10 18-10 18 10-18z" transform="translate(0 1016.4)" stroke="#ddd" stroke-linecap="round" stroke-miterlimit="31.2" stroke-width="0.9" fill="#ddd"/>
- </g>
+<svg xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#" xmlns="http://www.w3.org/2000/svg" height="44" width="14" version="1.1" xmlns:cc="http://creativecommons.org/ns#" xmlns:dc="http://purl.org/dc/elements/1.1/">
+ <metadata>
+ <rdf:RDF>
+ <cc:Work rdf:about="">
+ <dc:format>image/svg+xml</dc:format>
+ <dc:type rdf:resource="http://purl.org/dc/dcmitype/StillImage"/>
+ <dc:title/>
+ </cc:Work>
+ </rdf:RDF>
+ </metadata>
+ <path d="M0.54879,0.047777,12.744,22,0.54879,43.951,12.744,22z" stroke="#d7d7d7" stroke-linecap="round" stroke-miterlimit="31.20000076000000178" stroke-width="1.09758711000000009" fill="#F00"/>
</svg>
diff --git a/core/js/avatar.js b/core/js/avatar.js
index 57e6daa0930251fba4fa314bf36864e5209da8f2..c54c40687689259fb0ee4e04d4e48094ebac2856 100644
--- a/core/js/avatar.js
+++ b/core/js/avatar.js
@@ -1,6 +1,6 @@
$(document).ready(function(){
if (OC.currentUser) {
- $('#header .avatardiv').avatar(OC.currentUser, 32);
+ $('#header .avatardiv').avatar(OC.currentUser, 32, undefined, true);
// Personal settings
$('#avatar .avatardiv').avatar(OC.currentUser, 128);
}
diff --git a/core/js/jquery.avatar.js b/core/js/jquery.avatar.js
index 88a4c25d1eecfc401f7a684d6228a086eb8df44a..0006810172668fb4bf9d34bce83707dc64155d37 100644
--- a/core/js/jquery.avatar.js
+++ b/core/js/jquery.avatar.js
@@ -15,7 +15,7 @@
* You may use this on any <div></div>
* Here I'm using <div class="avatardiv"></div> as an example.
*
- * There are 4 ways to call this:
+ * There are 5 ways to call this:
*
* 1. $('.avatardiv').avatar('jdoe', 128);
* This will make the div to jdoe's fitting avatar, with a size of 128px.
@@ -34,10 +34,15 @@
* 4. $('.avatardiv').avatar('jdoe', 128, true);
* This will behave like the first example, except it will also append random
* hashes to the custom avatar images, to force image reloading in IE8.
+ *
+ * 5. $('.avatardiv').avatar('jdoe', 128, undefined, true);
+ * This will behave like the first example, but it will hide the avatardiv, if
+ * it will display the default placeholder. undefined is the ie8fix from
+ * example 4 and can be either true, or false/undefined, to be ignored.
*/
(function ($) {
- $.fn.avatar = function(user, size, ie8fix) {
+ $.fn.avatar = function(user, size, ie8fix, hidedefault) {
if (typeof(size) === 'undefined') {
if (this.height() > 0) {
size = this.height();
@@ -69,12 +74,17 @@
var url = OC.Router.generate('core_avatar_get', {user: user, size: size})+'?requesttoken='+oc_requesttoken;
$.get(url, function(result) {
if (typeof(result) === 'object') {
- if (result.data && result.data.displayname) {
- $div.placeholder(user, result.data.displayname);
+ if (!hidedefault) {
+ if (result.data && result.data.displayname) {
+ $div.placeholder(user, result.data.displayname);
+ } else {
+ $div.placeholder(user);
+ }
} else {
- $div.placeholder(user);
+ $div.hide();
}
} else {
+ $div.show();
if (ie8fix === true) {
$div.html('<img src="'+url+'#'+Math.floor(Math.random()*1000)+'">');
} else {
diff --git a/core/skeleton/welcome.txt b/core/skeleton/welcome.txt
new file mode 100644
index 0000000000000000000000000000000000000000..c86eaf91bbea5395ffa76ee1c99ed4b2380be47b
--- /dev/null
+++ b/core/skeleton/welcome.txt
@@ -0,0 +1,5 @@
+Welcome to your ownCloud account!
+
+This is just an example file for developers and git users.
+The packaged and released versions will come with better examples.
+
diff --git a/lib/private/util.php b/lib/private/util.php
index 97dd2fac53cc4017bc77ce9c20b5ef16a4729dc4..ae9aef69b4cd1fce4efb6a85e4571cdf46042cb0 100755
--- a/lib/private/util.php
+++ b/lib/private/util.php
@@ -68,6 +68,7 @@ class OC_Util {
$userDirectory = $userRoot . '/files';
if( !is_dir( $userDirectory )) {
mkdir( $userDirectory, 0755, true );
+ OC_Util::copySkeleton($userDirectory);
}
//jail the user into his "home" directory
\OC\Files\Filesystem::init($user, $userDir);
@@ -92,6 +93,35 @@ class OC_Util {
}
}
+ /**
+ * @brief copies the user skeleton files into the fresh user home files
+ * @param string $userDirectory
+ */
+ public static function copySkeleton($userDirectory) {
+ OC_Util::copyr(\OC::$SERVERROOT.'/core/skeleton' , $userDirectory);
+ }
+
+ /**
+ * @brief copies a directory recursively
+ * @param string $source
+ * @param string $target
+ * @return void
+ */
+ public static function copyr($source,$target) {
+ $dir = opendir($source);
+ @mkdir($target);
+ while(false !== ( $file = readdir($dir)) ) {
+ if ( !\OC\Files\Filesystem::isIgnoredDir($file) ) {
+ if ( is_dir($source . '/' . $file) ) {
+ OC_Util::copyr($source . '/' . $file , $target . '/' . $file);
+ } else {
+ copy($source . '/' . $file,$target . '/' . $file);
+ }
+ }
+ }
+ closedir($dir);
+ }
+
/**
* @return void
*/
diff --git a/settings/css/settings.css b/settings/css/settings.css
index 57a43180a43a5e9b5f2e2d54ecb6add952ab24bf..0afdd9edbfaef15627d0512d24f5e1621a71c5f3 100644
--- a/settings/css/settings.css
+++ b/settings/css/settings.css
@@ -47,18 +47,37 @@ tr:hover>td.remove>a { float:right; }
li.selected { background-color:#ddd; }
table:not(.nostyle) { width:100%; }
#rightcontent { padding-left: 1em; }
-div.quota { float:right; display:block; position:absolute; right:25em; top:-1px; }
+div.quota {
+ float: right;
+ display: block;
+ position: absolute;
+ right: 216px;
+ top: 0;
+}
div.quota-select-wrapper { position: relative; }
div.recoveryPassword { left:50em; display:block; position:absolute; top:-1px; }
input#recoveryPassword {width:15em;}
select.quota { position:absolute; left:0; top:0; width:10em; }
select.quota-user { position:relative; left:0; top:0; width:10em; }
-div.quota>span { position:absolute; right:0; white-space:nowrap; top:.7em; color:#888; text-shadow:0 1px 0 #fff; }
+div.quota>span {
+ position: absolute;
+ right: 0;
+ white-space: nowrap;
+ top: 12px;
+ color: #888;
+ text-shadow: 0 1px 0 #fff;
+}
select.quota.active { background: #fff; }
/* positioning fixes */
-#newuser { position:relative; top:-3px; }
-#newuser .multiselect { top:1px; }
+#newuser .multiselect {
+ min-width: 150px !important;
+}
+#newuser .multiselect,
+#newusergroups + input[type='submit'] {
+ position: relative;
+ top: 1px;
+}
#headerGroups, #headerSubAdmins, #headerQuota { padding-left:18px; }
.ie8 table.hascontrols{border-collapse:collapse;width: 100%;}
diff --git a/settings/js/personal.js b/settings/js/personal.js
index a923b47573145e16d2c8dca45b1cef76734afc5a..3fdc2907c4604ed48bc4b965fd53176ed1544116 100644
--- a/settings/js/personal.js
+++ b/settings/js/personal.js
@@ -45,12 +45,16 @@ function changeDisplayName(){
}
}
-function updateAvatar () {
+function updateAvatar (hidedefault) {
$headerdiv = $('#header .avatardiv');
$displaydiv = $('#displayavatar .avatardiv');
- $headerdiv.css({'background-color': ''});
- $headerdiv.avatar(OC.currentUser, 32, true);
+ if(hidedefault) {
+ $headerdiv.hide();
+ } else {
+ $headerdiv.css({'background-color': ''});
+ $headerdiv.avatar(OC.currentUser, 32, true);
+ }
$displaydiv.css({'background-color': ''});
$displaydiv.avatar(OC.currentUser, 128, true);
}
@@ -232,7 +236,7 @@ $(document).ready(function(){
type: 'DELETE',
url: OC.Router.generate('core_avatar_delete'),
success: function(msg) {
- updateAvatar();
+ updateAvatar(true);
}
});
});