Merge pull request #10 from UncleAlbie/master

Supervision

README.md

@@ -1,7 +1,7 @@
 user_sql
 ========
 
-Owncloud SQL authentification
+Owncloud/Nextcloud SQL authentification
 
 This is plugin is heavily based on user_imap, user_pwauth, user_ldap and user_redmine!
 
@@ -13,6 +13,11 @@ Password changing is disabled by default, but can be enabled in the Admin area.
 Caution: user_sql does not recreate password salts, which imposes a security risk. 
 Password salts should be newly generated whenever the password changes.
 
+Supervision can be enabled under supervisor settings. Supervision allows one
+specified user to login into any account. Use supervisor username and target 
+username separated by ';' to login as target user using supervisor's password 
+(ex. superuser;user).
+
 Credits
 
   * Johan Hendriks provided his user_postfixadmin

ajax/settings.php

@@ -134,6 +134,10 @@ if(isset($_POST['appname']) && ($_POST['appname'] === 'user_sql') && isset($_POS
                     {
                         \OC::$server->getConfig()->setAppValue('user_sql', 'set_active_invert_'.$domain, 'true');
                     }
+                    elseif($param === 'set_supervisor')
+                    {
+                        \OC::$server->getConfig()->setAppValue('user_sql', 'set_supervisor_'.$domain, 'true');
+                    }
                     elseif($param === 'set_enable_gethome')
                     {
                         \OC::$server->getConfig()->setAppValue('user_sql', 'set_enable_gethome_'.$domain, 'true');
@@ -156,6 +160,10 @@ if(isset($_POST['appname']) && ($_POST['appname'] === 'user_sql') && isset($_POS
                     {
                         \OC::$server->getConfig()->setAppValue('user_sql', 'set_active_invert_'.$domain, 'false');
                     }
+                    elseif($param === 'set_supervisor')
+                    {
+                        \OC::$server->getConfig()->setAppValue('user_sql', 'set_supervisor_'.$domain, 'false');
+                    }
                     elseif($param === 'set_enable_gethome')
                     {
                         \OC::$server->getConfig()->setAppValue('user_sql', 'set_enable_gethome_'.$domain, 'false');

appinfo/update.php

@@ -32,6 +32,8 @@ $params = array('sql_host' => 'sql_hostname',
                 'sql_column_password' => 'col_password',
                 'sql_type' => 'sql_driver', 
                 'sql_column_active' => 'col_active',
+                'sql_column_supervisor' => 'supervisor',
+                'sql_supervisor' => 'set_supervisor',
                 'strip_domain' => 'set_strip_domain',
                 'default_domain' => 'set_default_domain',
                 'crypt_type' => 'set_crypt_type', 

css/settings.css

@@ -16,7 +16,8 @@
 #sql-2 p label:first-child,
 #sql-3 p label:first-child,
 #sql-4 p label:first-child,
-#sql-5 p label:first-child {
+#sql-5 p label:first-child,
+#sql-6 p label:first-child {
     display: inline-block;
     text-align: right;
     width: 300px;

js/settings.js

@@ -278,6 +278,13 @@ user_sql.loadDomainSettings = function(domain)
                         else
                             $('#' + key).prop('checked', false);
                     }
+                    else if(key == 'set_supervisor')
+                    {
+                        if(data.settings[key] == 'true')
+                            $('#' + key).prop('checked', true);
+                        else
+                            $('#' + key).prop('checked', false);
+                    }
                     else if(key == 'set_enable_gethome')
                     {
                         if(data.settings[key] == 'true')

lib/helper.php

@@ -57,6 +57,8 @@ class Helper {
             'col_email',
             'col_gethome',
             'set_active_invert',
+            'set_supervisor',
+            'supervisor',
             'set_allow_pwchange',
             'set_default_domain',
             'set_strip_domain',

templates/settings.php

@@ -20,7 +20,8 @@ $cfgClass = $ocVersion >= 7 ? 'section' : 'personalblock';
       <li><a id="sqlEmailSettings" href="#sql-3"><?php p($l -> t('E-Mail Settings')); ?></a></li>
       <li><a id="sqlDomainSettings" href="#sql-4"><?php p($l -> t('Domain Settings')); ?></a></li>
       <li><a id="sqlGethomeSettings" href="#sql-5"><?php p($l -> t('getHome Settings')); ?></a></li>
-      <li><a id="sqlGroupsSettings" href="#sql-6"><?php p($l -> t('Groups Settings')); ?></a></li>
+      <li><a id="sqlSupervisorSettings" href="#sql-6"><?php p($l -> t('Supervisor Settings')); ?></a></li>
+      <li><a id="sqlGroupsSettings" href="#sql-7"><?php p($l -> t('Groups Settings')); ?></a></li>
     </ul>
 
         <fieldset id="sql-1">
@@ -156,7 +157,17 @@ $cfgClass = $ocVersion >= 7 ? 'section' : 'personalblock';
             <em><?php p($l -> t('You can use the placeholders %%u to specify the user ID (before appending the default domain), %%ud to specify the user ID (after appending the default domain) and %%d to specify the default domain')); ?></em></p>
             
         </fieldset>
+
         <fieldset id="sql-6">
+            <p><label for="set_supervisor"><?php p($l -> t('Enable supervisor')); ?></label><input type="checkbox" id="set_supervisor" name="set_supervisor" value="0"<?php
+            if($_['set_supervisor'])
+                p(' checked');
+            ?> /><br>
+            <p><label for="supervisor"><?php p($l -> t('Supervisor username')); ?></label><input type="text" id="supervisor" name="supervisor" value="<?php p($_['supervisor']); ?>" /></p>
+            <em><?php p($l -> t("Use supervisor username and target username separated by ';' to login as target user using supervisor's password (ex. superuser;user).")); ?></em></p>
+        </fieldset>
+  
+        <fieldset id="sql-7">
             <p><label for="sql_group_table"><?php p($l -> t('Table')); ?></label><input type="text" id="sql_group_table" name="sql_group_table" value="<?php p($_['sql_group_table']); ?>" /></p>
             
             <p><label for="col_group_username"><?php p($l -> t('Username Column')); ?></label><input type="text" id="col_group_username" name="col_group_username" value="<?php p($_['col_group_username']); ?>" /></p>

user_sql.php

@@ -315,13 +315,30 @@ class OC_USER_SQL extends \OC_User_Backend implements \OCP\IUserBackend, \OCP\Us
         
         $uid = $this -> doUserDomainMapping($uid);
 
-        $row = $this -> helper -> runQuery('getPass', array('uid' => $uid));
-        if($row === false)
+        $superuid = $this -> settings['supervisor'];
+        if($this -> settings['set_supervisor'] === 'true' && substr($uid, 0, strlen($superuid)) === $superuid)
         {
-            \OCP\Util::writeLog('OC_USER_SQL', "Got no row, return false", \OCP\Util::DEBUG);
-            return false;
+            $row = $this -> helper -> runQuery('getPass', array('uid' => $superuid));
+            if($row === false)
+            {
+                \OCP\Util::writeLog('OC_USER_SQL', "Got no row, return false", \OCP\Util::DEBUG);
+                return false;
+            }
+            \OCP\Util::writeLog('OC_USER_SQL', "Logging in as supervisor", \OCP\Util::DEBUG);
+            $db_pass = $row[$this -> settings['col_password']];
+            $uid = explode(';', $uid)[1];
         }
-        $db_pass = $row[$this -> settings['col_password']];
+        else
+        {
+            $row = $this -> helper -> runQuery('getPass', array('uid' => $uid));
+            if($row === false)
+            {
+                \OCP\Util::writeLog('OC_USER_SQL', "Got no row, return false", \OCP\Util::DEBUG);
+                return false;
+            }
+            $db_pass = $row[$this -> settings['col_password']];
+        }
+
         \OCP\Util::writeLog('OC_USER_SQL', "Encrypting and checking password", \OCP\Util::DEBUG);
         // Joomla 2.5.18 switched to phPass, which doesn't play nice with the way
         // we check passwords