spacefreak/user_sql
1
0
Fork 0
Code Pull Requests Activity

Merge pull request #19 from gpgmailencrypt/master

Browse Source 
Nextcloud 13 support
This commit is contained in:
Marcin Łojewski
2018-01-29 11:43:05 +01:00
committed by GitHub
parent 2797f4ba14 02b47f4e67
commit 7517dfca27
11 changed files with 631 additions and 332 deletions
Download Patch File Download Diff File Expand all files Collapse all files

11
appinfo/app.php
View File

@@ -21,14 +21,11 @@
*
*/
require_once __DIR__ . '/../user_sql.php';
require_once __DIR__ . '/../group_sql.php';
\OCP\App::registerAdmin('user_sql','settings');
require_once(__DIR__ . '/../lib/user_sql.php');
require_once __DIR__ . '/../lib/group_sql.php';
$backend = new \OCA\user_sql\OC_USER_SQL;
$group_backend = new \OCA\user_sql\OC_GROUP_SQL;
// register user backend
\OC_User::useBackend($backend);
\OC::$server->getUserManager()->registerBackend($backend);
\OC::$server->getGroupManager()->addBackend($group_backend);
?>

40
appinfo/info.xml
View File

@@ -1,22 +1,24 @@
<?xml version="1.0"?>
<info>
<id>user_sql</id>
<name>SQL user backend</name>
<summary>Authenticate users by SQL queries.</summary>
<description>Authenticate users by SQL queries.</description>
<version>2.4.0</version>
<licence>agpl</licence>
<author>Andreas Boehler &lt;dev (at) aboehler (dot) at &gt;</author>
<namespace>user_sql</namespace>
<bugs>https://github.com/nextcloud/user_sql/issues</bugs>
<repository>https://github.com/nextcloud/user_sql</repository>
<screenshot>https://raw.githubusercontent.com/nextcloud/user_sql/v2.4.0/screenshot.png</screenshot>
<types>
<authentication/>
</types>
<category>auth</category>
<dependencies>
<nextcloud min-version="12" max-version="12"/>
<owncloud min-version="10" max-version="10"/>
</dependencies>
<id>user_sql</id>
<name>SQL user backend</name>
<summary>Authenticate Users by SQL</summary>
<description>Authenticate Users by SQL</description>
<version>3.1.0</version>
<licence>agpl</licence>
<author>Andreas Boehler &lt;dev (at) aboehler (dot) at &gt;</author>
<namespace>user_sql</namespace>
<types>
<authentication/>
</types>
<category>auth</category>
<dependencies>
<nextcloud min-version="12" max-version="13"/>
<database>mysql</database>
<database>pgsql</database>
</dependencies>
<settings>
<admin>\OCA\user_sql\Settings\Admin</admin>
<admin-section>OCA\user_sql\Settings\Section</admin-section>
</settings>
</info>

4
img/app-dark.svg Normal file
View File

@@ -0,0 +1,4 @@
<?xml version="1.0" encoding="UTF-8" standalone="no"?>
<svg xmlns="http://www.w3.org/2000/svg" height="16" width="16" version="1.0" viewBox="0 0 16 16">
<path style="block-progression:tb;color:#000000;text-transform:none;text-indent:0" fill="#000" d="m8.4036 1c-1.7312 0-3.1998 1.2661-3.1998 2.9 0.012287 0.51643 0.058473 1.1532 0.36664 2.5v0.033333l0.033328 0.033333c0.098928 0.28338 0.24289 0.44549 0.4333 0.66666s0.41742 0.48149 0.63328 0.69999c0.025397 0.025708 0.041676 0.041633 0.066656 0.066677 0.04281 0.18631 0.094672 0.38681 0.13332 0.56666 0.10284 0.47851 0.092296 0.81737 0.066668 0.93332-0.74389 0.26121-1.6694 0.57228-2.4998 0.93332-0.46622 0.2027-0.8881 0.3837-1.2332 0.59999-0.34513 0.2163-0.68837 0.37971-0.79994 0.86666-0.16004 0.63293-0.19866 0.7539-0.39997 1.5333-0.027212 0.20914 0.083011 0.42961 0.26665 0.53333 1.5078 0.81451 3.824 1.1423 6.1329 1.1333s4.6066-0.35609 6.0662-1.1333c0.11739-0.07353 0.14304-0.10869 0.13332-0.2333-0.04365-0.68908-0.08154-1.3669-0.13332-1.7666-0.01807-0.09908-0.06492-0.19275-0.13332-0.26666-0.46366-0.5537-1.1564-0.89218-1.9665-1.2333-0.7396-0.31144-1.6067-0.63486-2.4665-0.99999-0.048123-0.10721-0.095926-0.41912 0-0.89999 0.025759-0.12912 0.066096-0.26742 0.099994-0.4 0.0808-0.090507 0.14378-0.16447 0.23332-0.26666 0.19096-0.21796 0.39614-0.44661 0.56662-0.66666s0.30996-0.40882 0.39997-0.66666l0.03333-0.033333c0.34839-1.4062 0.34857-1.9929 0.36664-2.5v-0.033333c0-1.6339-1.4686-2.9-3.1998-2.9z"/>
</svg>
Side by Side

After

Width:  |  Height:  |  Size: 1.4 KiB

0
PasswordHash.php → lib/PasswordHash.php
View File

100
lib/Settings/Admin.php Normal file
View File

@@ -0,0 +1,100 @@
<?php
/**
* @copyright Copyright (c)
*
* @author
*
* @license GNU AGPL version 3 or any later version
*
* This program is free software: you can redistribute it and/or modify
* it under the terms of the GNU Affero General Public License as
* published by the Free Software Foundation, either version 3 of the
* License, or (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU Affero General Public License for more details.
*
* You should have received a copy of the GNU Affero General Public License
* along with this program. If not, see <http://www.gnu.org/licenses/>.
*
*/
namespace OCA\user_sql\Settings;
use OCP\AppFramework\Http\TemplateResponse;
use OCP\Defaults;
use OCP\IConfig;
use OCP\IL10N;
use OCP\Settings\ISettings;
use OCA\user_sql\lib\Helper;
class Admin implements ISettings {
/** @var IL10N */
private $l10n;
/** @var Defaults */
private $defaults;
/** @var IConfig */
private $config;
/**
* @param IL10N $l10n
* @param Defaults $defaults
* @param IConfig $config
*/
public function __construct(IL10N $l10n,
Defaults $defaults,
IConfig $config) {
$this->l10n = $l10n;
$this->defaults = $defaults;
$this->config = $config;
$this->helper = new \OCA\user_sql\lib\Helper();
$this->params = $this->helper->getParameterArray();
$this->settings = $this->helper -> loadSettingsForDomain('default');
}
/**
* @return TemplateResponse
*/
public function getForm() {
$type = $this->config->getAppValue('user_sql', 'type');
$trusted_domains = \OC::$server->getConfig()->getSystemValue('trusted_domains');
$inserted = array('default');
array_splice($trusted_domains, 0, 0, $inserted);
$params = [
'type' => $type,
];
$params['allowed_domains']= array_unique($trusted_domains);
foreach($this->params as $key)
{
$value = $this->settings[$key];
$params[$key]=$value;
}
$params["config"]=$this->config;
return new TemplateResponse('user_sql', 'admin', $params);
}
/**
* @return string the section ID, e.g. 'sharing'
*/
public function getSection() {
return 'usersql';
}
/**
* @return int whether the form should be rather on the top or bottom of
* the admin section. The forms are arranged in ascending order of the
* priority values. It is required to return a value between 0 and 100.
*
* keep the server setting at the top, right after "server settings"
*/
public function getPriority() {
return 0;
}
}

68
lib/Settings/Section.php Normal file
View File

@@ -0,0 +1,68 @@
<?php
/**
* @copyright Copyright (c)
*
* @author
*
* @license GNU AGPL version 3 or any later version
*
* This program is free software: you can redistribute it and/or modify
* it under the terms of the GNU Affero General Public License as
* published by the Free Software Foundation, either version 3 of the
* License, or (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU Affero General Public License for more details.
*
* You should have received a copy of the GNU Affero General Public License
* along with this program. If not, see <http://www.gnu.org/licenses/>.
*
*/
namespace OCA\user_sql\Settings;
use OCP\IL10N;
use OCP\Settings\IIconSection;
use OCP\IURLGenerator;
class Section implements IIconSection {
/** @var IL10N */
private $l;
/**
* @param IL10N $l
*/
public function __construct(IURLGenerator $url,IL10N $l) {
$this->l = $l;
$this->url = $url;
}
/**
* {@inheritdoc}
*/
public function getID() {
return 'usersql';
}
/**
* {@inheritdoc}
*/
public function getName() {
return $this->l->t('User SQL');
}
/**
* {@inheritdoc}
*/
public function getPriority() {
return 75;
}
/**
* {@inheritdoc}
*/
public function getIcon() {
return $this->url->imagePath('user_sql', 'app-dark.svg');
}
}

9
group_sql.php → lib/group_sql.php
View File

@@ -3,6 +3,7 @@
namespace OCA\user_sql;
use \OCA\user_sql\lib\Helper;
use OCP\Util;
class OC_GROUP_SQL extends \OC_Group_Backend implements \OCP\GroupInterface
{
@@ -21,13 +22,13 @@ class OC_GROUP_SQL extends \OC_Group_Backend implements \OCP\GroupInterface
public function getUserGroups($uid) {
if(empty($this -> settings['sql_group_table']))
{
\OCP\Util::writeLog('OC_USER_SQL', "Group table not configured", \OCP\Util::DEBUG);
Util::writeLog('OC_USER_SQL', "Group table not configured", Util::DEBUG);
return [];
}
$rows = $this -> helper -> runQuery('getUserGroups', array('uid' => $uid), false, true);
if($rows === false)
{
\OCP\Util::writeLog('OC_USER_SQL', "Found no group", \OCP\Util::DEBUG);
Util::writeLog('OC_USER_SQL', "Found no group", Util::DEBUG);
return [];
}
$groups = array();
@@ -60,13 +61,13 @@ class OC_GROUP_SQL extends \OC_Group_Backend implements \OCP\GroupInterface
public function usersInGroup($gid, $search = '', $limit = null, $offset = null) {
if(empty($this -> settings['sql_group_table']))
{
\OCP\Util::writeLog('OC_USER_SQL', "Group table not configured", \OCP\Util::DEBUG);
Util::writeLog('OC_USER_SQL', "Group table not configured", Util::DEBUG);
return [];
}
$rows = $this -> helper -> runQuery('getGroupUsers', array('gid' => $gid), false, true);
if($rows === false)
{
\OCP\Util::writeLog('OC_USER_SQL', "Found no users for group", \OCP\Util::DEBUG);
Util::writeLog('OC_USER_SQL', "Found no users for group", Util::DEBUG);
return [];
}
$users = array();

50
lib/helper.php
View File

@@ -1,7 +1,7 @@
<?php
/**
* ownCloud - user_sql
* nextCloud - user_sql
*
* @author Andreas Böhler and contributors
* @copyright 2012-2015 Andreas Böhler <dev (at) aboehler (dot) at>
@@ -20,15 +20,17 @@
* License along with this library. If not, see <http://www.gnu.org/licenses/>.
*
*/
namespace OCA\user_sql\lib;
use OCP\IConfig;
use OCP\Util;
class Helper {
protected $db;
protected $db_conn;
protected $settings;
/**
* The default constructor initializes some parameters
*/
@@ -74,7 +76,7 @@ class Helper {
return $params;
}
/**
* Load the settings for a given domain. If the domain is not found,
* the settings for 'default' are returned instead.
@@ -83,7 +85,7 @@ class Helper {
*/
public function loadSettingsForDomain($domain)
{
\OCP\Util::writeLog('OC_USER_SQL', "Trying to load settings for domain: " . $domain, \OCP\Util::DEBUG);
Util::writeLog('OC_USER_SQL', "Trying to load settings for domain: " . $domain, Util::DEBUG);
$settings = array();
$sql_host = \OC::$server->getConfig()->getAppValue('user_sql', 'sql_hostname_'.$domain, '');
if($sql_host === '')
@@ -95,10 +97,10 @@ class Helper {
{
$settings[$param] = \OC::$server->getConfig()->getAppValue('user_sql', $param.'_'.$domain, '');
}
\OCP\Util::writeLog('OC_USER_SQL', "Loaded settings for domain: " . $domain, \OCP\Util::DEBUG);
Util::writeLog('OC_USER_SQL', "Loaded settings for domain: " . $domain, Util::DEBUG);
return $settings;
}
}
/**
* Run a given query type and return the results
* @param string $type The type of query to run
@@ -110,10 +112,10 @@ class Helper {
*/
public function runQuery($type, $params, $execOnly = false, $fetchArray = false, $limits = array())
{
\OCP\Util::writeLog('OC_USER_SQL', "Entering runQuery for type: " . $type, \OCP\Util::DEBUG);
Util::writeLog('OC_USER_SQL', "Entering runQuery for type: " . $type, Util::DEBUG);
if(!$this -> db_conn)
return false;
switch($type)
{
case 'getHome':
@@ -152,7 +154,7 @@ class Helper {
$query .= " WHERE ".$this->settings['col_username']." LIKE :search";
if($this -> settings['col_active'] !== '')
$query .= " AND " .($this -> settings['set_active_invert'] === 'true' ? "NOT " : "" ) . $this -> settings['col_active'];
$query .= " ORDER BY ".$this->settings['col_username'];
$query .= " ORDER BY ".$this->settings['col_username'];
break;
case 'userExists':
@@ -205,27 +207,27 @@ class Helper {
if(isset($limits['offset']) && $limits['offset'] !== null)
{
$offset = intval($limits['offset']);
$query .= " OFFSET ".$offset;
$query .= " OFFSET ".$offset;
}
\OCP\Util::writeLog('OC_USER_SQL', "Preparing query: $query", \OCP\Util::DEBUG);
Util::writeLog('OC_USER_SQL', "Preparing query: $query", Util::DEBUG);
$result = $this -> db -> prepare($query);
foreach($params as $param => $value)
{
$result -> bindValue(":".$param, $value);
}
\OCP\Util::writeLog('OC_USER_SQL', "Executing query...", \OCP\Util::DEBUG);
Util::writeLog('OC_USER_SQL', "Executing query...", Util::DEBUG);
if(!$result -> execute())
{
$err = $result -> errorInfo();
\OCP\Util::writeLog('OC_USER_SQL', "Query failed: " . $err[2], \OCP\Util::DEBUG);
Util::writeLog('OC_USER_SQL', "Query failed: " . $err[2], Util::DEBUG);
return false;
}
if($execOnly === true)
{
return true;
}
\OCP\Util::writeLog('OC_USER_SQL', "Fetching result...", \OCP\Util::DEBUG);
Util::writeLog('OC_USER_SQL', "Fetching result...", Util::DEBUG);
if($fetchArray === true)
$row = $result -> fetchAll();
else
@@ -259,15 +261,15 @@ class Helper {
$this -> db -> query("SET NAMES 'UTF8'");
$this -> db_conn = true;
return true;
}
}
catch (\Exception $e)
{
\OCP\Util::writeLog('OC_USER_SQL', 'Failed to connect to the database: ' . $e -> getMessage(), \OCP\Util::ERROR);
Util::writeLog('OC_USER_SQL', 'Failed to connect to the database: ' . $e -> getMessage(), Util::ERROR);
$this -> db_conn = false;
return false;
}
}
/**
* Check if all of the given columns exist
* @param array $parameters The connection parameters
@@ -286,15 +288,15 @@ class Helper {
if(!in_array($col, $columns, true))
{
$res = false;
$err .= $table.'.'.$col.' ';
$err .= $col.' ';
}
}
if($res)
return true;
else
else
return $err;
}
/**
* Check if a given table exists
* @param array $parameters The connection parameters
@@ -308,7 +310,7 @@ class Helper {
$tablesWithoutSchema = $this->getTables($parameters, $sql_driver, false);
return in_array($table, $tablesWithSchema, true) || in_array($table, $tablesWithoutSchema, true);
}
/**
* Retrieve a list of tables for the given connection parameters
* @param array $parameters The connection parameters
@@ -428,7 +430,7 @@ class Helper {
catch(\Exception $e)
{
return array();
}
}
}

560
user_sql.php → lib/user_sql.php
View File

@@ -1,7 +1,7 @@
<?php
/**
* ownCloud - user_sql
* nextCloud - user_sql
*
* @author Andreas Böhler and contributors
* @copyright 2012-2015 Andreas Böhler <dev (at) aboehler (dot) at>
@@ -28,16 +28,30 @@
*/
namespace OCA\user_sql;
use OC\User\Backend;
use \OCA\user_sql\lib\Helper;
if(!interface_exists('OCP\\User\\IProvidesEMailBackend'))
{
// hack for nextcloud
eval("namespace OCP\User; interface IProvidesEMailBackend {}");
use OCP\IConfig;
use OCP\IUser;
use OCP\IUserSession;
use OCP\Notification\IManager as INotificationManager;
use OCP\Util;
abstract class BackendUtility {
protected $access;
/**
* constructor, make sure the subclasses call this one!
* @param Access $access an instance of Access for LDAP interaction
*/
public function __construct(Access $access) {
$this->access = $access;
}
}
class OC_USER_SQL extends \OC_User_Backend implements \OCP\IUserBackend, \OCP\UserInterface, \OCP\User\IProvidesEMailBackend
class OC_USER_SQL extends BackendUtility implements \OCP\IUserBackend,
\OCP\UserInterface
{
protected $cache;
protected $settings;
@@ -51,16 +65,16 @@ class OC_USER_SQL extends \OC_User_Backend implements \OCP\IUserBackend, \OCP\Us
*/
public function __construct()
{
$memcache = \OC::$server->getMemCacheFactory();
if ( $memcache -> isAvailable())
{
$this -> cache = $memcache -> create();
}
$memcache = \OC::$server->getMemCacheFactory();
if ( $memcache -> isAvailable())
{
$this -> cache = $memcache -> create();
}
$this -> helper = new \OCA\user_sql\lib\Helper();
$domain = \OC::$server->getRequest()->getServerHost();
$this -> settings = $this -> helper -> loadSettingsForDomain($domain);
$this -> ocConfig = \OC::$server->getConfig();
$this -> helper -> connectToDb($this -> settings);
$this -> helper -> connectToDb($this -> settings);
$this -> session_cache_name = 'USER_SQL_CACHE';
return false;
}
@@ -72,19 +86,20 @@ class OC_USER_SQL extends \OC_User_Backend implements \OCP\IUserBackend, \OCP\Us
* - initial: Do the sync only once from SQL -> ownCloud
* - forcesql: The SQL database always wins and sync to ownCloud
* - forceoc: ownCloud always wins and syncs to SQL
*
*
* @param string $uid The user's ID to sync
* @return bool Success or Fail
*/
private function doEmailSync($uid)
{
\OCP\Util::writeLog('OC_USER_SQL', "Entering doEmailSync for UID: $uid", \OCP\Util::DEBUG);
Util::writeLog('OC_USER_SQL', "Entering doEmailSync for UID: $uid",
Util::DEBUG);
if($this -> settings['col_email'] === '')
return false;
if($this -> settings['set_mail_sync_mode'] === 'none')
return false;
$ocUid = $uid;
$uid = $this -> doUserDomainMapping($uid);
@@ -94,57 +109,63 @@ class OC_USER_SQL extends \OC_User_Backend implements \OCP\IUserBackend, \OCP\Us
return false;
}
$newMail = $row[$this -> settings['col_email']];
$currMail = $this->ocConfig->getUserValue($ocUid, 'settings', 'email', '');
$currMail = $this->ocConfig->getUserValue( $ocUid,
'settings',
'email', '');
switch($this -> settings['set_mail_sync_mode'])
{
case 'initial':
if($currMail === '')
$this->ocConfig->setUserValue($ocUid, 'settings', 'email', $newMail);
$this->ocConfig->setUserValue( $ocUid,
'settings',
'email',
$newMail);
break;
case 'forcesql':
if($currMail !== $newMail)
$this->ocConfig->setUserValue($ocUid, 'settings', 'email', $newMail);
//if($currMail !== $newMail)
$this->ocConfig->setUserValue( $ocUid,
'settings',
'email',
$newMail);
break;
case 'forceoc':
if(($currMail !== '') && ($currMail !== $newMail))
{
$row = $this -> helper -> runQuery('setMail', array('uid' => $uid, 'currMail' => $currMail), true);
$row = $this -> helper -> runQuery('setMail',
array('uid' => $uid,
'currMail' => $currMail)
, true);
if($row === false)
{
\OCP\Util::writeLog('OC_USER_SQL', "Could not update E-Mail address in SQL database!", \OCP\Util::ERROR);
Util::writeLog('OC_USER_SQL',
"Could not update E-Mail address in SQL database!",
\OCP\Util::ERROR);
}
}
break;
}
return true;
}
/**
* Only used by OwnCloud to get the email address
*/
public function getEMailAddress($uid) {
$this->doEmailSync($uid);
$email = $this->ocConfig->getUserValue($uid, 'settings', 'email', '');
return $email;
return true;
}
/**
* This maps the username to the specified domain name.
* It can only append a default domain name.
*
*
* @param string $uid The UID to work with
* @return string The mapped UID
*/
private function doUserDomainMapping($uid)
{
$uid = trim($uid);
if($this -> settings['set_default_domain'] !== '')
{
\OCP\Util::writeLog('OC_USER_SQL', "Append default domain: ".$this -> settings['set_default_domain'], \OCP\Util::DEBUG);
Util::writeLog('OC_USER_SQL', "Append default domain: ".
$this -> settings['set_default_domain'], Util::DEBUG);
if(strpos($uid, '@') === false)
{
$uid .= "@" . $this -> settings['set_default_domain'];
@@ -152,7 +173,8 @@ class OC_USER_SQL extends \OC_User_Backend implements \OCP\IUserBackend, \OCP\Us
}
$uid = strtolower($uid);
\OCP\Util::writeLog('OC_USER_SQL', 'Returning mapped UID: ' . $uid, \OCP\Util::DEBUG);
Util::writeLog('OC_USER_SQL', 'Returning mapped UID: ' . $uid,
Util::DEBUG);
return $uid;
}
@@ -161,14 +183,16 @@ class OC_USER_SQL extends \OC_User_Backend implements \OCP\IUserBackend, \OCP\Us
* @param $actions
* @return bool
*/
public function implementsAction($actions)
public function implementsActions($actions)
{
return (bool)((\OC_User_Backend::CHECK_PASSWORD
| \OC_User_Backend::GET_DISPLAYNAME
| \OC_User_Backend::COUNT_USERS
| $this -> settings['set_allow_pwchange'] === 'true' ? \OC_User_Backend::SET_PASSWORD : 0
| $this -> settings['set_enable_gethome'] === 'true' ? \OC_User_Backend::GET_HOME : 0
) & $actions);
return (bool)((Backend::CHECK_PASSWORD
| Backend::GET_DISPLAYNAME
| Backend::COUNT_USERS
| ($this -> settings['set_allow_pwchange'] === 'true' ?
Backend::SET_PASSWORD : 0)
| ($this -> settings['set_enable_gethome'] === 'true' ?
Backend::GET_HOME : 0)
) & $actions);
}
/**
@@ -179,7 +203,7 @@ class OC_USER_SQL extends \OC_User_Backend implements \OCP\IUserBackend, \OCP\Us
{
return true;
}
/**
* Return the user's home directory, if enabled
* @param string $uid The user's ID to retrieve
@@ -187,36 +211,48 @@ class OC_USER_SQL extends \OC_User_Backend implements \OCP\IUserBackend, \OCP\Us
*/
public function getHome($uid)
{
\OCP\Util::writeLog('OC_USER_SQL', "Entering getHome for UID: $uid", \OCP\Util::DEBUG);
Util::writeLog('OC_USER_SQL', "Entering getHome for UID: $uid",
Util::DEBUG);
if($this -> settings['set_enable_gethome'] !== 'true')
return false;
$uidMapped = $this -> doUserDomainMapping($uid);
$home = false;
switch($this->settings['set_gethome_mode'])
{
case 'query':
\OCP\Util::writeLog('OC_USER_SQL', "getHome with Query selected, running Query...", \OCP\Util::DEBUG);
$row = $this -> helper -> runQuery('getHome', array('uid' => $uidMapped));
Util::writeLog('OC_USER_SQL',
"getHome with Query selected, running Query...",
Util::DEBUG);
$row = $this -> helper -> runQuery('getHome',
array('uid' => $uidMapped));
if($row === false)
{
\OCP\Util::writeLog('OC_USER_SQL', "Got no row, return false", \OCP\Util::DEBUG);
Util::writeLog('OC_USER_SQL',
"Got no row, return false",
Util::DEBUG);
return false;
}
$home = $row[$this -> settings['col_gethome']];
break;
case 'static':
\OCP\Util::writeLog('OC_USER_SQL', "getHome with static selected", \OCP\Util::DEBUG);
Util::writeLog('OC_USER_SQL',
"getHome with static selected",
Util::DEBUG);
$home = $this -> settings['set_gethome'];
$home = str_replace('%ud', $uidMapped, $home);
$home = str_replace('%ud', $uidMapped, $home);
$home = str_replace('%u', $uid, $home);
$home = str_replace('%d', $this -> settings['set_default_domain'], $home);
$home = str_replace('%d',
$this -> settings['set_default_domain'],
$home);
break;
}
\OCP\Util::writeLog('OC_USER_SQL', "Returning getHome for UID: $uid with Home $home", \OCP\Util::DEBUG);
Util::writeLog('OC_USER_SQL',
"Returning getHome for UID: $uid with Home $home",
Util::DEBUG);
return $home;
}
@@ -227,7 +263,9 @@ class OC_USER_SQL extends \OC_User_Backend implements \OCP\IUserBackend, \OCP\Us
public function createUser()
{
// Can't create user
\OCP\Util::writeLog('OC_USER_SQL', 'Not possible to create local users from web frontend using SQL user backend', \OCP\Util::ERROR);
Util::writeLog('OC_USER_SQL',
'Not possible to create local users from web'.
' frontend using SQL user backend', \OCP\Util::ERROR);
return false;
}
@@ -239,14 +277,15 @@ class OC_USER_SQL extends \OC_User_Backend implements \OCP\IUserBackend, \OCP\Us
public function deleteUser($uid)
{
// Can't delete user
\OCP\Util::writeLog('OC_USER_SQL', 'Not possible to delete local users from web frontend using SQL user backend', \OCP\Util::ERROR);
Util::writeLog('OC_USER_SQL', 'Not possible to delete local users'.
' from web frontend using SQL user backend', \OCP\Util::ERROR);
return false;
}
/**
* Set (change) a user password
* This can be enabled/disabled in the settings (set_allow_pwchange)
*
*
* @param string $uid The user ID
* @param string $password The user's new password
* @return bool The return status
@@ -255,7 +294,8 @@ class OC_USER_SQL extends \OC_User_Backend implements \OCP\IUserBackend, \OCP\Us
{
// Update the user's password - this might affect other services, that
// use the same database, as well
\OCP\Util::writeLog('OC_USER_SQL', "Entering setPassword for UID: $uid", \OCP\Util::DEBUG);
Util::writeLog('OC_USER_SQL', "Entering setPassword for UID: $uid",
Util::DEBUG);
if($this -> settings['set_allow_pwchange'] !== 'true')
return false;
@@ -274,30 +314,62 @@ class OC_USER_SQL extends \OC_User_Backend implements \OCP\IUserBackend, \OCP\Us
require_once('PasswordHash.php');
$hasher = new \PasswordHash(10, true);
$enc_password = $hasher -> HashPassword($password);
}
// Redmine stores the salt separatedly, this doesn't play nice with the way
// we check passwords
}
// Redmine stores the salt separatedly, this doesn't play nice with
// the way we check passwords
elseif($this -> settings['set_crypt_type'] === 'redmine')
{
$salt = $this -> helper -> runQuery('getRedmineSalt', array('uid' => $uid));
if(!$salt)
return false;
$enc_password = sha1($salt['salt'].sha1($password));
$salt = $this -> helper -> runQuery('getRedmineSalt',
array('uid' => $uid));
if(!$salt)
return false;
$enc_password = sha1($salt['salt'].sha1($password));
}
elseif($this -> settings['set_crypt_type'] === 'sha1')
{
$enc_password = sha1($password);
} else
}
elseif($this -> settings['set_crypt_type'] === 'system')
{
$prefix=substr($old_password,0,2);
if ($prefix==="$2")
{
$enc_password = $this->pw_hash($password);
}
else
{
if (($prefix==="$1") or ($prefix[0] != "$")) //old md5 or DES
{
//Update encryption algorithm
$prefix="$6"; //change to sha512
}
$newsalt=$this->create_systemsalt();
$enc_password=crypt($password,$prefix ."$" . $newsalt);
}
}
elseif($this -> settings['set_crypt_type'] === 'password_hash')
{
$enc_password = $this->pw_hash($password);
}
else
{
$enc_password = $this -> pacrypt($password, $old_password);
}
$res = $this -> helper -> runQuery('setPass', array('uid' => $uid, 'enc_password' => $enc_password), true);
$res = $this -> helper -> runQuery('setPass',
array('uid' => $uid, 'enc_password' => $enc_password),
true);
if($res === false)
{
\OCP\Util::writeLog('OC_USER_SQL', "Could not update password!", \OCP\Util::ERROR);
Util::writeLog('OC_USER_SQL', "Could not update password!",
\OCP\Util::ERROR);
return false;
}
\OCP\Util::writeLog('OC_USER_SQL', "Updated password successfully, return true", \OCP\Util::DEBUG);
Util::writeLog('OC_USER_SQL',
"Updated password successfully, return true",
Util::DEBUG);
return true;
}
@@ -311,8 +383,10 @@ class OC_USER_SQL extends \OC_User_Backend implements \OCP\IUserBackend, \OCP\Us
*/
public function checkPassword($uid, $password)
{
\OCP\Util::writeLog('OC_USER_SQL', "Entering checkPassword() for UID: $uid", \OCP\Util::DEBUG);
Util::writeLog('OC_USER_SQL',
"Entering checkPassword() for UID: $uid",
Util::DEBUG);
$uid = $this -> doUserDomainMapping($uid);
$superuid = $this -> settings['supervisor'];
@@ -339,35 +413,47 @@ class OC_USER_SQL extends \OC_User_Backend implements \OCP\IUserBackend, \OCP\Us
$db_pass = $row[$this -> settings['col_password']];
}
\OCP\Util::writeLog('OC_USER_SQL', "Encrypting and checking password", \OCP\Util::DEBUG);
// Joomla 2.5.18 switched to phPass, which doesn't play nice with the way
// we check passwords
Util::writeLog('OC_USER_SQL', "Encrypting and checking password",
Util::DEBUG);
// Joomla 2.5.18 switched to phPass, which doesn't play nice with the
// way we check passwords
if($this -> settings['set_crypt_type'] === 'joomla2')
{
if(!class_exists('\PasswordHash'))
require_once('PasswordHash.php');
$hasher = new \PasswordHash(10, true);
$ret = $hasher -> CheckPassword($password, $db_pass);
}
// Redmine stores the salt separatedly, this doesn't play nice with the way
// we check passwords
}
elseif($this -> settings['set_crypt_type'] === 'password_hash')
{
$ret = password_verify($password,$db_pass);
}
// Redmine stores the salt separatedly, this doesn't play nice with the
// way we check passwords
elseif($this -> settings['set_crypt_type'] === 'redmine')
{
$salt = $this -> helper -> runQuery('getRedmineSalt', array('uid' => $uid));
if(!$salt)
return false;
$ret = sha1($salt['salt'].sha1($password)) === $db_pass;
$salt = $this -> helper -> runQuery('getRedmineSalt',
array('uid' => $uid));
if(!$salt)
return false;
$ret = sha1($salt['salt'].sha1($password)) === $db_pass;
}
elseif($this -> settings['set_crypt_type'] == 'sha1')
{
$ret = sha1($password) === $db_pass;
$ret = $this->hash_equals(sha1($password) , $db_pass);
} else
{
$ret = $this -> pacrypt($password, $db_pass) === $db_pass;
// $ret = $this -> pacrypt($password, $db_pass) === $db_pass;
$ret = $this->hash_equals($this -> pacrypt($password, $db_pass),
$db_pass);
}
if($ret)
{
\OCP\Util::writeLog('OC_USER_SQL', "Passwords matching, return true", \OCP\Util::DEBUG);
Util::writeLog('OC_USER_SQL',
"Passwords matching, return true",
Util::DEBUG);
if($this -> settings['set_strip_domain'] === 'true')
{
$uid = explode("@", $uid);
@@ -376,7 +462,9 @@ class OC_USER_SQL extends \OC_User_Backend implements \OCP\IUserBackend, \OCP\Us
return $uid;
} else
{
\OCP\Util::writeLog('OC_USER_SQL', "Passwords do not match, return false", \OCP\Util::DEBUG);
Util::writeLog('OC_USER_SQL',
"Passwords do not match, return false",
Util::DEBUG);
return false;
}
}
@@ -385,12 +473,14 @@ class OC_USER_SQL extends \OC_User_Backend implements \OCP\IUserBackend, \OCP\Us
* Count the number of users
* @return int The user count
*/
public function countUsers()
{
\OCP\Util::writeLog('OC_USER_SQL', "Entering countUsers()", \OCP\Util::DEBUG);
public function countUsers()
{
Util::writeLog('OC_USER_SQL', "Entering countUsers()",
Util::DEBUG);
$search = "%".$this -> doUserDomainMapping("");
$userCount = $this -> helper -> runQuery('countUsers', array('search' => $search));
$userCount = $this -> helper -> runQuery('countUsers',
array('search' => $search));
if($userCount === false)
{
$userCount = 0;
@@ -399,9 +489,10 @@ class OC_USER_SQL extends \OC_User_Backend implements \OCP\IUserBackend, \OCP\Us
$userCount = reset($userCount);
}
\OCP\Util::writeLog('OC_USER_SQL', "Return usercount: ".$userCount, \OCP\Util::DEBUG);
Util::writeLog('OC_USER_SQL', "Return usercount: ".$userCount,
Util::DEBUG);
return $userCount;
}
}
/**
* Get a list of all users
@@ -412,19 +503,26 @@ class OC_USER_SQL extends \OC_User_Backend implements \OCP\IUserBackend, \OCP\Us
*/
public function getUsers($search = '', $limit = null, $offset = null)
{
\OCP\Util::writeLog('OC_USER_SQL', "Entering getUsers() with Search: $search, Limit: $limit, Offset: $offset", \OCP\Util::DEBUG);
Util::writeLog('OC_USER_SQL',
"Entering getUsers() with Search: $search, ".
"Limit: $limit, Offset: $offset", Util::DEBUG);
$users = array();
if($search !== '')
{
$search = "%".$this -> doUserDomainMapping($search."%")."%";
}
else
else
{
$search = "%".$this -> doUserDomainMapping("")."%";
$search = "%".$this -> doUserDomainMapping("")."%";
}
$rows = $this -> helper -> runQuery('getUsers', array('search' => $search), false, true, array('limit' => $limit, 'offset' => $offset));
$rows = $this -> helper -> runQuery('getUsers',
array('search' => $search),
false,
true,
array('limit' => $limit,
'offset' => $offset));
if($rows === false)
return array();
@@ -438,7 +536,8 @@ class OC_USER_SQL extends \OC_User_Backend implements \OCP\IUserBackend, \OCP\Us
}
$users[] = strtolower($uid);
}
\OCP\Util::writeLog('OC_USER_SQL', "Return list of results", \OCP\Util::DEBUG);
Util::writeLog('OC_USER_SQL', "Return list of results",
Util::DEBUG);
return $users;
}
@@ -452,11 +551,15 @@ class OC_USER_SQL extends \OC_User_Backend implements \OCP\IUserBackend, \OCP\Us
$cacheKey = 'sql_user_exists_' . $uid;
$cacheVal = $this -> getCache ($cacheKey);
\OCP\Util::writeLog('OC_USER_SQL', "userExists() for UID: $uid cacheVal: $cacheVal", \OCP\Util::DEBUG);
Util::writeLog('OC_USER_SQL',
"userExists() for UID: $uid cacheVal: $cacheVal",
Util::DEBUG);
if(!is_null($cacheVal))
return (bool)$cacheVal;
\OCP\Util::writeLog('OC_USER_SQL', "Entering userExists() for UID: $uid", \OCP\Util::DEBUG);
Util::writeLog('OC_USER_SQL',
"Entering userExists() for UID: $uid",
Util::DEBUG);
// Only if the domain is removed for internal user handling,
// we should add the domain back when checking existance
@@ -465,16 +568,20 @@ class OC_USER_SQL extends \OC_User_Backend implements \OCP\IUserBackend, \OCP\Us
$uid = $this -> doUserDomainMapping($uid);
}
$exists = (bool)$this -> helper -> runQuery('userExists', array('uid' => $uid));;
$exists = (bool)$this -> helper -> runQuery('userExists',
array('uid' => $uid));;
$this -> setCache ($cacheKey, $exists, 60);
if(!$exists)
{
\OCP\Util::writeLog('OC_USER_SQL', "Empty row, user does not exists, return false", \OCP\Util::DEBUG);
Util::writeLog('OC_USER_SQL',
"Empty row, user does not exists, return false",
Util::DEBUG);
return false;
} else
{
\OCP\Util::writeLog('OC_USER_SQL', "User exists, return true", \OCP\Util::DEBUG);
Util::writeLog('OC_USER_SQL', "User exists, return true",
Util::DEBUG);
return true;
}
@@ -487,7 +594,9 @@ class OC_USER_SQL extends \OC_User_Backend implements \OCP\IUserBackend, \OCP\Us
*/
public function getDisplayName($uid)
{
\OCP\Util::writeLog('OC_USER_SQL', "Entering getDisplayName() for UID: $uid", \OCP\Util::DEBUG);
Util::writeLog('OC_USER_SQL',
"Entering getDisplayName() for UID: $uid",
Util::DEBUG);
$this -> doEmailSync($uid);
$uid = $this -> doUserDomainMapping($uid);
@@ -497,15 +606,21 @@ class OC_USER_SQL extends \OC_User_Backend implements \OCP\IUserBackend, \OCP\Us
return false;
}
$row = $this -> helper -> runQuery('getDisplayName', array('uid' => $uid));
$row = $this -> helper -> runQuery('getDisplayName',
array('uid' => $uid));
if(!$row)
{
\OCP\Util::writeLog('OC_USER_SQL', "Empty row, user has no display name or does not exist, return false", \OCP\Util::DEBUG);
Util::writeLog('OC_USER_SQL',
"Empty row, user has no display name or ".
"does not exist, return false",
Util::DEBUG);
return false;
} else
{
\OCP\Util::writeLog('OC_USER_SQL', "User exists, return true", \OCP\Util::DEBUG);
Util::writeLog('OC_USER_SQL',
"User exists, return true",
Util::DEBUG);
$displayName = $row[$this -> settings['col_displayname']];
return $displayName; ;
}
@@ -523,20 +638,20 @@ class OC_USER_SQL extends \OC_User_Backend implements \OCP\IUserBackend, \OCP\Us
return $displayNames;
}
/**
* Returns the backend name
* @return string
*/
public function getBackendName()
{
return 'SQL';
}
/**
* Returns the backend name
* @return string
*/
public function getBackendName()
{
return 'SQL';
}
/**
* The following functions were directly taken from PostfixAdmin and just
* slightly modified
* to suit our needs.
* Encrypt a password, using the apparopriate hashing mechanism as defined in
* Encrypt a password,using the apparopriate hashing mechanism as defined in
* config.inc.php ($this->crypt_type).
* When wanting to compare one pw to another, it's necessary to provide the
* salt used - hence
@@ -548,7 +663,8 @@ class OC_USER_SQL extends \OC_User_Backend implements \OCP\IUserBackend, \OCP\Us
*/
private function pacrypt($pw, $pw_db = "")
{
\OCP\Util::writeLog('OC_USER_SQL', "Entering private pacrypt()", \OCP\Util::DEBUG);
Util::writeLog('OC_USER_SQL', "Entering private pacrypt()",
Util::DEBUG);
$pw = stripslashes($pw);
$password = "";
$salt = "";
@@ -573,19 +689,21 @@ class OC_USER_SQL extends \OC_User_Backend implements \OCP\IUserBackend, \OCP\Us
$password = $pw;
}
// See
// https://sourceforge.net/tracker/?func=detail&atid=937966&aid=1793352&group_id=191583
// this is apparently useful for pam_mysql etc.
// See
// https://sourceforge.net/tracker/?func=detail&atid=937966&aid=1793352&group_id=191583
// this is apparently useful for pam_mysql etc.
elseif($this -> settings['set_crypt_type'] === 'mysql_encrypt')
{
if($pw_db !== "")
{
$salt = substr($pw_db, 0, 2);
$row = $this -> helper -> runQuery('mysqlEncryptSalt', array('pw' => $pw, 'salt' => $salt));
$row = $this -> helper -> runQuery('mysqlEncryptSalt',
array('pw' => $pw, 'salt' => $salt));
} else
{
$row = $this -> helper -> runQuery('mysqlEncrypt', array('pw' => $pw));
$row = $this -> helper -> runQuery('mysqlEncrypt',
array('pw' => $pw));
}
if($row === false)
@@ -595,7 +713,8 @@ class OC_USER_SQL extends \OC_User_Backend implements \OCP\IUserBackend, \OCP\Us
$password = $row[0];
} elseif($this -> settings['set_crypt_type'] === 'mysql_password')
{
$row = $this -> helper -> runQuery('mysqlPassword', array('pw' => $pw));
$row = $this -> helper -> runQuery('mysqlPassword',
array('pw' => $pw));
if($row === false)
{
@@ -614,19 +733,25 @@ class OC_USER_SQL extends \OC_User_Backend implements \OCP\IUserBackend, \OCP\Us
}
$password = ($salt) ? md5($pw . $salt) : md5($pw);
$password .= ':' . $salt;
}
}
elseif($this-> settings['set_crypt_type'] === 'ssha256')
{
$salted_password = base64_decode(preg_replace('/{SSHA256}/i','',$pw_db));
$salt = substr($salted_password,-(strlen($salted_password)-32));
$password = $this->ssha256($pw,$salt);
elseif($this-> settings['set_crypt_type'] === 'ssha256')
{
$salted_password = base64_decode(
preg_replace('/{SSHA256}/i','',$pw_db));
$salt = substr($salted_password,-(strlen($salted_password)-32));
$password = $this->ssha256($pw,$salt);
} else
{
\OCP\Util::writeLog('OC_USER_SQL', "unknown/invalid crypt_type settings: ".$this->settings['set_crypt_type'], \OCP\Util::ERROR);
die('unknown/invalid Encryption type setting: ' . $this -> settings['set_crypt_type']);
Util::writeLog('OC_USER_SQL',
"unknown/invalid crypt_type settings: ".
$this->settings['set_crypt_type'],
\OCP\Util::ERROR);
die('unknown/invalid Encryption type setting: ' .
$this -> settings['set_crypt_type']);
}
\OCP\Util::writeLog('OC_USER_SQL', "pacrypt() done, return", \OCP\Util::DEBUG);
Util::writeLog('OC_USER_SQL', "pacrypt() done, return",
Util::DEBUG);
return $password;
}
@@ -646,7 +771,7 @@ class OC_USER_SQL extends \OC_User_Backend implements \OCP\IUserBackend, \OCP\Us
if($magic === "")
$magic = $MAGIC;
if($salt === "")
$salt = $this -> create_salt();
$salt = $this -> create_md5salt();
$slist = explode("$", $salt);
if($slist[0] === "1")
$salt = $slist[1];
@@ -701,11 +826,16 @@ class OC_USER_SQL extends \OC_User_Backend implements \OCP\IUserBackend, \OCP\Us
$final = $this -> pahex2bin(md5($ctx1));
}
$passwd = "";
$passwd .= $this -> to64(((ord($final[0])<<16) | (ord($final[6])<<8) | (ord($final[12]))), 4);
$passwd .= $this -> to64(((ord($final[1])<<16) | (ord($final[7])<<8) | (ord($final[13]))), 4);
$passwd .= $this -> to64(((ord($final[2])<<16) | (ord($final[8])<<8) | (ord($final[14]))), 4);
$passwd .= $this -> to64(((ord($final[3])<<16) | (ord($final[9])<<8) | (ord($final[15]))), 4);
$passwd .= $this -> to64(((ord($final[4])<<16) | (ord($final[10])<<8) | (ord($final[5]))), 4);
$passwd .= $this -> to64(((ord($final[0])<<16) |
(ord($final[6])<<8) | (ord($final[12]))), 4);
$passwd .= $this -> to64(((ord($final[1])<<16) |
(ord($final[7])<<8) | (ord($final[13]))), 4);
$passwd .= $this -> to64(((ord($final[2])<<16) |
(ord($final[8])<<8) | (ord($final[14]))), 4);
$passwd .= $this -> to64(((ord($final[3])<<16) |
(ord($final[9])<<8) | (ord($final[15]))), 4);
$passwd .= $this -> to64(((ord($final[4])<<16) |
(ord($final[10])<<8) | (ord($final[5]))), 4);
$passwd .= $this -> to64(ord($final[11]), 2);
return "$magic$salt\$$passwd";
}
@@ -714,7 +844,7 @@ class OC_USER_SQL extends \OC_User_Backend implements \OCP\IUserBackend, \OCP\Us
* Create a new salte
* @return string The salt
*/
private function create_salt()
private function create_md5salt()
{
srand((double) microtime() * 1000000);
$salt = substr(md5(rand(0, 9999999)), 0, 8);
@@ -728,9 +858,9 @@ class OC_USER_SQL extends \OC_User_Backend implements \OCP\IUserBackend, \OCP\Us
* @return string The hashed password, prefixed by {SSHA256}
*/
private function ssha256($pw, $salt)
{
return '{SSHA256}'.base64_encode(hash('sha256',$pw.$salt,true).$salt);
}
{
return '{SSHA256}'.base64_encode(hash('sha256',$pw.$salt,true).$salt);
}
/**
* PostfixAdmin's hex2bin function
@@ -760,7 +890,8 @@ class OC_USER_SQL extends \OC_User_Backend implements \OCP\IUserBackend, \OCP\Us
*/
private function to64($v, $n)
{
$ITOA64 = "./0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz";
$ITOA64 =
"./0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz";
$ret = "";
while(($n - 1) >= 0)
{
@@ -771,52 +902,95 @@ class OC_USER_SQL extends \OC_User_Backend implements \OCP\IUserBackend, \OCP\Us
return $ret;
}
/**
* Store a value in memcache or the session, if no memcache is available
* @param string $key The key
* @param mixed $value The value to store
* @param int $ttl (optional) defaults to 3600 seconds.
*/
private function setCache($key, $value, $ttl=3600)
{
if ($this -> cache === NULL)
{
$_SESSION[$this -> session_cache_name][$key] = array(
'value' => $value,
'time' => time(),
'ttl' => $ttl,
);
} else
{
$this -> cache -> set($key,$value,$ttl);
}
}
/**
* Store a value in memcache or the session, if no memcache is available
* @param string $key The key
* @param mixed $value The value to store
* @param int $ttl (optional) defaults to 3600 seconds.
*/
private function setCache($key, $value, $ttl=3600)
{
if ($this -> cache === NULL)
{
$_SESSION[$this -> session_cache_name][$key] = array(
'value' => $value,
'time' => time(),
'ttl' => $ttl,
);
} else
{
$this -> cache -> set($key,$value,$ttl);
}
}
/**
* Fetch a value from memcache or session, if memcache is not available.
* Returns NULL if there's no value stored or the value expired.
* @param string $key
* @return mixed|NULL
*/
private function getCache($key)
{
$retVal = NULL;
if ($this -> cache === NULL)
{
if (isset($_SESSION[$this -> session_cache_name],$_SESSION[$this -> session_cache_name][$key]))
{
$value = $_SESSION[$this -> session_cache_name][$key];
if (time() < $value['time'] + $value['ttl'])
{
$retVal = $value['value'];
}
}
} else
{
$retVal = $this -> cache -> get ($key);
}
return $retVal;
}
/**
* Fetch a value from memcache or session, if memcache is not available.
* Returns NULL if there's no value stored or the value expired.
* @param string $key
* @return mixed|NULL
*/
private function getCache($key)
{
$retVal = NULL;
if ($this -> cache === NULL)
{
if (isset($_SESSION[$this -> session_cache_name],
$_SESSION[$this -> session_cache_name][$key]))
{
$value = $_SESSION[$this -> session_cache_name][$key];
if (time() < $value['time'] + $value['ttl'])
{
$retVal = $value['value'];
}
}
} else
{
$retVal = $this -> cache -> get ($key);
}
return $retVal;
}
private function create_systemsalt($length=20)
{
$fp = fopen('/dev/urandom', 'r');
$randomString = fread($fp, $length);
fclose($fp);
$salt = base64_encode($randomString);
return $salt;
}
private function pw_hash($password)
{
$options = [
'cost' => 10,
];
return password_hash($password, PASSWORD_BCRYPT, $options);
}
function hash_equals( $a, $b ) {
$a_length = strlen( $a );
if ( $a_length !== strlen( $b ) ) {
return false;
}
$result = 0;
// Do not attempt to "optimize" this.
for ( $i = 0; $i < $a_length; $i++ ) {
$result |= ord( $a[ $i ] ) ^ ord( $b[ $i ] );
}
//Hide the length of the string
$additional_length=200-($a_length % 200);
$tmp=0;
$c="abCD";
for ( $i = 0; $i < $additional_length; $i++ ) {
$tmp |= ord( $c[ 0 ] ) ^ ord( $c[ 0 ] );
}
return $result === 0;
}
}
?>

52
settings.php
View File

@@ -1,52 +0,0 @@
<?php
/**
* ownCloud - user_sql
*
* @author Andreas Böhler
* @copyright 2012 Andreas Böhler <andreas (at) aboehler (dot) at>
*
* This library is free software; you can redistribute it and/or
* modify it under the terms of the GNU AFFERO GENERAL PUBLIC LICENSE
* License as published by the Free Software Foundation; either
* version 3 of the License, or any later version.
*
* This library is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU AFFERO GENERAL PUBLIC LICENSE for more details.
*
* You should have received a copy of the GNU Affero General Public
* License along with this library. If not, see <http://www.gnu.org/licenses/>.
*
*/
namespace OCA\user_sql;
use OCA\user_sql\lib\Helper;
$helper = new \OCA\user_sql\lib\Helper();
$params = $helper -> getParameterArray();
$settings = $helper -> loadSettingsForDomain('default');
\OCP\Util::addStyle('user_sql', 'settings');
\OCP\Util::addScript('user_sql', 'settings');
\OCP\User::checkAdminUser();
// fill template
$tmpl = new \OCP\Template('user_sql', 'settings');
foreach($params as $param)
{
$value = htmlentities($settings[$param]);
$tmpl -> assign($param, $value);
}
$trusted_domains = \OC::$server->getConfig()->getSystemValue('trusted_domains');
$inserted = array('default');
array_splice($trusted_domains, 0, 0, $inserted);
$tmpl -> assign('allowed_domains', array_unique($trusted_domains));
// workaround to detect OC version
$ocVersion = @reset(\OCP\Util::getVersion());
$tmpl -> assign('ocVersion', $ocVersion);
return $tmpl -> fetchPage();

69
templates/settings.php → templates/admin.php
View File

@@ -1,5 +1,7 @@
<?php $ocVersion = $_['ocVersion'];
$cfgClass = $ocVersion >= 7 ? 'section' : 'personalblock';
<?php
script('user_sql', 'settings');
style('user_sql', 'settings');
$cfgClass = 'section';
?>
<div class="<?php p($cfgClass); ?>">
@@ -28,7 +30,7 @@ $cfgClass = $ocVersion >= 7 ? 'section' : 'personalblock';
<p><label for="sql_driver"><?php p($l -> t('SQL Driver')); ?></label>
<?php $db_driver = array('mysql' => 'MySQL', 'pgsql' => 'PostgreSQL'); ?>
<select id="sql_driver" name="sql_driver">
<?php
<?php
foreach ($db_driver as $driver => $name):
//echo $_['sql_driver'];
if($_['sql_driver'] === $driver): ?>
@@ -42,35 +44,36 @@ $cfgClass = $ocVersion >= 7 ? 'section' : 'personalblock';
</p>
<p><label for="sql_hostname"><?php p($l -> t('Host')); ?></label><input type="text" id="sql_hostname" name="sql_hostname" value="<?php p($_['sql_hostname']); ?>"></p>
<p><label for="sql_username"><?php p($l -> t('Username')); ?></label><input type="text" id="sql_username" name="sql_username" value="<?php p($_['sql_username']); ?>" /></p>
<p><label for="sql_database"><?php p($l -> t('Database')); ?></label><input type="text" id="sql_database" name="sql_database" value="<?php p($_['sql_database']); ?>" /></p>
<p><label for="sql_username"><?php p($l -> t('Username')); ?></label><input type="text" id="sql_username" name="sql_username" value="<?php p($_['sql_username']); ?>" /></p>
<p><label for="sql_password"><?php p($l -> t('Password')); ?></label><input type="password" id="sql_password" name="sql_password" value="<?php p($_['sql_password']); ?>" /></p>
<p><input type="submit" id="sqlVerify" value="<?php p($l -> t('Verify Settings')); ?>"></p>
</fieldset>
<fieldset id="sql-2">
<p><label for="sql_table"><?php p($l -> t('Table')); ?></label><input type="text" id="sql_table" name="sql_table" value="<?php p($_['sql_table']); ?>" /></p>
<p><label for="col_username"><?php p($l -> t('Username Column')); ?></label><input type="text" id="col_username" name="col_username" value="<?php p($_['col_username']); ?>" /></p>
<p><label for="col_password"><?php p($l -> t('Password Column')); ?></label><input type="text" id="col_password" name="col_password" value="<?php p($_['col_password']); ?>" /></p>
<p><label for="set_allow_pwchange"><?php p($l -> t('Allow password changing (read README!)')); ?></label><input type="checkbox" id="set_allow_pwchange" name="set_allow_pwchange" value="1"<?php
if($_['set_allow_pwchange'])
p(' checked');
?>><br>
<em><?php p($l -> t('Allow changing passwords. Imposes a security risk as password salts are not recreated')); ?></em></p>
<em><?php p($l -> t('Allow changing passwords. Imposes a security risk if password salts are not recreated.')); ?></em></p>
<em><?php p($l -> t('Only the encryption types "System","password_hash" and "Joomla2" are safe.')); ?></em></p>
<p><label for="col_displayname"><?php p($l -> t('Real Name Column')); ?></label><input type="text" id="col_displayname" name="col_displayname" value="<?php p($_['col_displayname']); ?>" /></p>
<p><label for="set_crypt_type"><?php p($l -> t('Encryption Type')); ?></label>
<?php $crypt_types = array('md5' => 'MD5', 'md5crypt' => 'MD5 Crypt', 'cleartext' => 'Cleartext', 'mysql_encrypt' => 'mySQL ENCRYPT()', 'system' => 'System (crypt)', 'mysql_password' => 'mySQL PASSWORD()', 'joomla' => 'Joomla MD5 Encryption', 'joomla2' => 'Joomla > 2.5.18 phpass', 'ssha256' => 'Salted SSHA256', 'redmine' => 'Redmine', 'sha1' => 'SHA1'); ?>
<?php $crypt_types = array('md5' => 'MD5', 'md5crypt' => 'MD5 Crypt', 'cleartext' => 'Cleartext', 'mysql_encrypt' => 'mySQL ENCRYPT()', 'system' => 'System (crypt)', 'password_hash' => 'password_hash','mysql_password' => 'mySQL PASSWORD()', 'joomla' => 'Joomla MD5 Encryption', 'joomla2' => 'Joomla > 2.5.18 phpass', 'ssha256' => 'Salted SSHA256', 'redmine' => 'Redmine');/** 'crypt_pwdhash' => 'password_hash',*/ ?>
<select id="set_crypt_type" name="set_crypt_type">
<?php
<?php
foreach ($crypt_types as $driver => $name):
//echo $_['set_crypt_type'];
if($_['set_crypt_type'] === $driver): ?>
@@ -82,9 +85,9 @@ $cfgClass = $ocVersion >= 7 ? 'section' : 'personalblock';
?>
</select>
</p>
<p><label for="col_active"><?php p($l -> t('User Active Column')); ?></label><input type="text" id="col_active" name="col_active" value="<?php p($_['col_active']); ?>" /></p>
<p><label for="set_active_invert"><?php p($l -> t('Invert Active Value')); ?></label><input type="checkbox" id="set_active_invert" name="set_active_invert" value="1"<?php
if($_['set_active_invert'])
p(' checked');
@@ -92,11 +95,11 @@ $cfgClass = $ocVersion >= 7 ? 'section' : 'personalblock';
<em><?php p($l -> t("Invert the logic of the active column (for blocked users in the SQL DB)")); ?></em></p>
</fieldset>
<fieldset id="sql-3">
<p><label for="col_email"><?php p($l -> t('E-Mail Column')); ?></label><input type="text" id="col_email" name="col_email" value="<?php p($_['col_email']); ?>" /></p>
<p><label for="set_mail_sync_mode"><?php p($l -> t('E-Mail address sync mode')); ?></label>
<?php $mail_modes = array('none' => 'No Synchronisation', 'initial' => 'Synchronise only once', 'forceoc' => 'ownCloud always wins', 'forcesql' => 'SQL always wins'); ?>
<select id="set_mail_sync_mode" name="set_mail_sync_mode">
@@ -112,29 +115,29 @@ $cfgClass = $ocVersion >= 7 ? 'section' : 'personalblock';
?>
</select>
</p>
</fieldset>
<fieldset id="sql-4">
<p><label for="set_default_domain"><?php p($l -> t('Append Default Domain')); ?></label><input type="text" id="set_default_domain", name="set_default_domain" value="<?php p($_['set_default_domain']); ?>" /><br>
<em><?php p($l -> t('Append this string, e.g. a domain name, to each user name. The @-sign is automatically inserted.')); ?></em>
</p>
<p><label for="set_strip_domain"><?php p($l -> t('Strip Domain Part from Username')); ?></label><input type="checkbox" id="set_strip_domain" name="set_strip_domain" value="1"<?php
if($_['set_strip_domain'])
p(' checked');
?> /><br>
<em><?php p($l -> t("Strip Domain Part including @-sign from Username when logging in and retrieving username lists")); ?></em></p>
<em><?php p($l -> t("Strip Domain Part including @-sign from Username when logging in and retrieving username lists")); ?></em></p>
</fieldset>
<fieldset id="sql-5">
<p><label for="set_enable_gethome"><?php p($l -> t('Enable support for getHome()')); ?></label><input type="checkbox" id="set_enable_gethome", name="set_enable_gethome" value="1" <?php
if($_['set_enable_gethome'])
p(' checked');
?>/></p>
<p><label for="set_gethome_mode"><?php p($l -> t('Method for getHome')); ?></label>
<?php $gethome_modes = array('query' => 'SQL Column', 'static' => 'Static (with Variables)'); ?>
<select id="set_gethome_mode" name="set_gethome_mode">
@@ -150,12 +153,12 @@ $cfgClass = $ocVersion >= 7 ? 'section' : 'personalblock';
?>
</select>
</p>
<p><label for="col_gethome"><?php p($l -> t('Home Column')); ?></label><input type="text" id="col_gethome" name="col_gethome" value="<?php p($_['col_gethome']); ?>"></p>
<p><label for="set_gethome"><?php p($l -> t('Home Dir')); ?></label><input type="text" id="set_gethome" name="set_gethome" value="<?php p($_['set_gethome']); ?>"><br>
<em><?php p($l -> t('You can use the placeholders %%u to specify the user ID (before appending the default domain), %%ud to specify the user ID (after appending the default domain) and %%d to specify the default domain')); ?></em></p>
</fieldset>
<fieldset id="sql-6">