starting to create the ldap group backend (with some inspiration from Yoann...

starting to create the ldap group backend (with some inspiration from Yoann Gini) and preparing an general LDAP class

apps/user_ldap/appinfo/app.php

@@ -21,7 +21,9 @@
 *
 */
 
+require_once('apps/user_ldap/lib_ldap.php');
 require_once('apps/user_ldap/user_ldap.php');
+require_once('apps/user_ldap/group_ldap.php');
 
 OC_APP::registerAdmin('user_ldap','settings');
 
@@ -33,6 +35,7 @@ define('OC_USER_BACKEND_LDAP_DEFAULT_DISPLAY_NAME', 'uid');
 
 // register user backend
 OC_User::useBackend( 'LDAP' );
+OC_Group::useBackend( 'LDAP' );
 
 // add settings page to navigation
 $entry = array(

apps/user_ldap/group_ldap.php

+<?php
+
+/**
+ * ownCloud – LDAP group backend
+ *
+ * @author Arthur Schiwon
+ * @copyright 2012 Arthur Schiwon blizzz@owncloud.com
+ *
+ * This library is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU AFFERO GENERAL PUBLIC LICENSE
+ * License as published by the Free Software Foundation; either
+ * version 3 of the License, or any later version.
+ *
+ * This library is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU AFFERO GENERAL PUBLIC LICENSE for more details.
+ *
+ * You should have received a copy of the GNU Affero General Public
+ * License along with this library.  If not, see <http://www.gnu.org/licenses/>.
+ *
+ */
+
+ class OC_GROUP_LDAP extends OC_Group_Backend {
+// 	//group specific settings
+	protected $ldapGroupFilter;
+	protected $ldapGroupDisplayName;
+
+	public function __construct() {
+		$this->ldapGroupFilter      = OC_Appconfig::getValue('user_ldap', 'ldap_group_filter', '(objectClass=posixGroup)');
+		$this->ldapGroupDisplayName = OC_Appconfig::getValue('user_ldap', 'ldap_group_display_name', 'cn');
+	}
+
+	/**
+	 * @brief is user in group?
+	 * @param $uid uid of the user
+	 * @param $gid gid of the group
+	 * @returns true/false
+	 *
+	 * Checks whether the user is member of a group or not.
+	 */
+	public function inGroup($uid, $gid) {
+	}
+
+	/**
+	 * @brief Get all groups a user belongs to
+	 * @param $uid Name of the user
+	 * @returns array with group names
+	 *
+	 * This function fetches all groups a user belongs to. It does not check
+	 * if the user exists at all.
+	 */
+	public function getUserGroups($uid) {
+	}
+
+	/**
+	 * @brief get a list of all users in a group
+	 * @returns array with user ids
+	 */
+	public function getUsersInGroup($gid) {
+	}
+
+	/**
+	 * @brief get a list of all groups
+	 * @returns array with group names
+	 *
+	 * Returns a list with all groups
+	 */
+	public function getGroups() {
+		$groups = OC_LDAP::search($this->ldapGroupFilter, $this->ldapGroupDisplayName);
+
+		if(count($groups) == 0 )
+			return array();
+		else {
+			return array_unique($groups, SORT_LOCALE_STRING);
+		}
+	}
+
+ }
\ No newline at end of file

apps/user_ldap/lib_ldap.php

+<?php
+
+/**
+ * ownCloud – LDAP lib
+ *
+ * @author Arthur Schiwon
+ * @copyright 2012 Arthur Schiwon blizzz@owncloud.com
+ *
+ * This library is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU AFFERO GENERAL PUBLIC LICENSE
+ * License as published by the Free Software Foundation; either
+ * version 3 of the License, or any later version.
+ *
+ * This library is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU AFFERO GENERAL PUBLIC LICENSE for more details.
+ *
+ * You should have received a copy of the GNU Affero General Public
+ * License along with this library.  If not, see <http://www.gnu.org/licenses/>.
+ *
+ */
+
+ class OC_LDAP {
+	static protected $ldapConnectionRes = false;
+	static protected $configured = false;
+
+	//cached settings
+	static protected $ldapHost;
+	static protected $ldapPort;
+	static protected $ldapBase;
+	static protected $ldapAgentName;
+	static protected $ldapAgentPassword;
+	static protected $ldapTLS;
+	static protected $ldapNoCase;
+
+	static public function init() {
+		self::readConfiguration();
+		self::establishConnection();
+	}
+
+	static public function search($filter, $attr = null) {
+		$sr = ldap_search(self::getConnectionResource(), self::$ldapBase, $filter);
+		$findings = ldap_get_entries(self::getConnectionResource(), $sr );
+
+		if(!is_null($attr)) {
+			$selection = array();
+			foreach($findings as $item) {
+				if(isset($item[strtolower($attr)])) {
+					$selection[] = $item[strtolower($attr)][0];
+				}
+			}
+			return $selection;
+		}
+
+		return $findings;
+	}
+
+	static private function getConnectionResource() {
+		if(!self::$ldapConnectionRes) {
+			self::init();
+		}
+		return self::$ldapConnectionRes;
+	}
+
+	static private function readConfiguration() {
+		if(!self::$configured) {
+			self::$ldapHost          = OC_Appconfig::getValue('user_ldap', 'ldap_host', '');
+			self::$ldapPort          = OC_Appconfig::getValue('user_ldap', 'ldap_port', OC_USER_BACKEND_LDAP_DEFAULT_PORT);
+			self::$ldapAgentName     = OC_Appconfig::getValue('user_ldap', 'ldap_dn','');
+			self::$ldapAgentPassword = OC_Appconfig::getValue('user_ldap', 'ldap_password','');
+			self::$ldapBase          = OC_Appconfig::getValue('user_ldap', 'ldap_base','');
+			self::$ldapTLS           = OC_Appconfig::getValue('user_ldap', 'ldap_tls',0);
+			self::$ldapNoCase        = OC_Appconfig::getValue('user_ldap', 'ldap_nocase', 0);
+
+			//TODO: sanity checking
+			self::$configured = true;
+		}
+	}
+
+	static private function establishConnection() {
+		if(!self::$ldapConnectionRes) {
+			self::$ldapConnectionRes = ldap_connect(self::$ldapHost, self::$ldapPort);
+			if(ldap_set_option(self::$ldapConnectionRes, LDAP_OPT_PROTOCOL_VERSION, 3)) {
+					if(ldap_set_option(self::$ldapConnectionRes, LDAP_OPT_REFERRALS, 0)) {
+						if(self::$ldapTLS) {
+							ldap_start_tls(self::$ldapConnectionRes);
+						}
+					}
+			}
+
+			//TODO: Check if it works. Before, it was outside the resource-condition
+			$ldapLogin = @ldap_bind(self::$ldapConnectionRes, self::$ldapAgentName, self::$ldapAgentPassword );
+			if(!$ldapLogin) {
+				return false;
+			}
+		}
+	}
+
+
+ }
\ No newline at end of file