spacefreak/user_sql
1
0
Fork 0
Code Pull Requests Activity

Merge pull request #10 from UncleAlbie/master

Browse Source 
Supervision
This commit is contained in:
Marcin Łojewski
2017-12-21 12:12:09 +01:00
committed by GitHub
parent 7bcfa82867 d8485b7196
commit 8288760b68
8 changed files with 61 additions and 8 deletions
Download Patch File Download Diff File Expand all files Collapse all files

7
README.md
View File

@@ -1,7 +1,7 @@
user_sql user_sql
======== ========
Owncloud SQL authentification Owncloud/Nextcloud SQL authentification
This is plugin is heavily based on user_imap, user_pwauth, user_ldap and user_redmine! This is plugin is heavily based on user_imap, user_pwauth, user_ldap and user_redmine!
@@ -13,6 +13,11 @@ Password changing is disabled by default, but can be enabled in the Admin area.
Caution: user_sql does not recreate password salts, which imposes a security risk. Caution: user_sql does not recreate password salts, which imposes a security risk.
Password salts should be newly generated whenever the password changes. Password salts should be newly generated whenever the password changes.
Supervision can be enabled under supervisor settings. Supervision allows one
specified user to login into any account. Use supervisor username and target
username separated by ';' to login as target user using supervisor's password
(ex. superuser;user).
Credits Credits
* Johan Hendriks provided his user_postfixadmin * Johan Hendriks provided his user_postfixadmin

8
ajax/settings.php
View File

@@ -134,6 +134,10 @@ if(isset($_POST['appname']) && ($_POST['appname'] === 'user_sql') && isset($_POS
{ {
\OC::$server->getConfig()->setAppValue('user_sql', 'set_active_invert_'.$domain, 'true'); \OC::$server->getConfig()->setAppValue('user_sql', 'set_active_invert_'.$domain, 'true');
} }
elseif($param === 'set_supervisor')
{
\OC::$server->getConfig()->setAppValue('user_sql', 'set_supervisor_'.$domain, 'true');
}
elseif($param === 'set_enable_gethome') elseif($param === 'set_enable_gethome')
{ {
\OC::$server->getConfig()->setAppValue('user_sql', 'set_enable_gethome_'.$domain, 'true'); \OC::$server->getConfig()->setAppValue('user_sql', 'set_enable_gethome_'.$domain, 'true');
@@ -156,6 +160,10 @@ if(isset($_POST['appname']) && ($_POST['appname'] === 'user_sql') && isset($_POS
{ {
\OC::$server->getConfig()->setAppValue('user_sql', 'set_active_invert_'.$domain, 'false'); \OC::$server->getConfig()->setAppValue('user_sql', 'set_active_invert_'.$domain, 'false');
} }
elseif($param === 'set_supervisor')
{
\OC::$server->getConfig()->setAppValue('user_sql', 'set_supervisor_'.$domain, 'false');
}
elseif($param === 'set_enable_gethome') elseif($param === 'set_enable_gethome')
{ {
\OC::$server->getConfig()->setAppValue('user_sql', 'set_enable_gethome_'.$domain, 'false'); \OC::$server->getConfig()->setAppValue('user_sql', 'set_enable_gethome_'.$domain, 'false');

2
appinfo/update.php
View File

@@ -32,6 +32,8 @@ $params = array('sql_host' => 'sql_hostname',
'sql_column_password' => 'col_password', 'sql_column_password' => 'col_password',
'sql_type' => 'sql_driver', 'sql_type' => 'sql_driver',
'sql_column_active' => 'col_active', 'sql_column_active' => 'col_active',
'sql_column_supervisor' => 'supervisor',
'sql_supervisor' => 'set_supervisor',
'strip_domain' => 'set_strip_domain', 'strip_domain' => 'set_strip_domain',
'default_domain' => 'set_default_domain', 'default_domain' => 'set_default_domain',
'crypt_type' => 'set_crypt_type', 'crypt_type' => 'set_crypt_type',

3
css/settings.css
View File

@@ -16,7 +16,8 @@
#sql-2 p label:first-child, #sql-2 p label:first-child,
#sql-3 p label:first-child, #sql-3 p label:first-child,
#sql-4 p label:first-child, #sql-4 p label:first-child,
#sql-5 p label:first-child { #sql-5 p label:first-child,
#sql-6 p label:first-child {
display: inline-block; display: inline-block;
text-align: right; text-align: right;
width: 300px; width: 300px;

7
js/settings.js
View File

@@ -278,6 +278,13 @@ user_sql.loadDomainSettings = function(domain)
else else
$('#' + key).prop('checked', false); $('#' + key).prop('checked', false);
} }
else if(key == 'set_supervisor')
{
if(data.settings[key] == 'true')
$('#' + key).prop('checked', true);
else
$('#' + key).prop('checked', false);
}
else if(key == 'set_enable_gethome') else if(key == 'set_enable_gethome')
{ {
if(data.settings[key] == 'true') if(data.settings[key] == 'true')

2
lib/helper.php
View File

@@ -57,6 +57,8 @@ class Helper {
'col_email', 'col_email',
'col_gethome', 'col_gethome',
'set_active_invert', 'set_active_invert',
'set_supervisor',
'supervisor',
'set_allow_pwchange', 'set_allow_pwchange',
'set_default_domain', 'set_default_domain',
'set_strip_domain', 'set_strip_domain',

13
templates/settings.php
View File

@@ -20,7 +20,8 @@ $cfgClass = $ocVersion >= 7 ? 'section' : 'personalblock';
<li><a id="sqlEmailSettings" href="#sql-3"><?php p($l -> t('E-Mail Settings')); ?></a></li> <li><a id="sqlEmailSettings" href="#sql-3"><?php p($l -> t('E-Mail Settings')); ?></a></li>
<li><a id="sqlDomainSettings" href="#sql-4"><?php p($l -> t('Domain Settings')); ?></a></li> <li><a id="sqlDomainSettings" href="#sql-4"><?php p($l -> t('Domain Settings')); ?></a></li>
<li><a id="sqlGethomeSettings" href="#sql-5"><?php p($l -> t('getHome Settings')); ?></a></li> <li><a id="sqlGethomeSettings" href="#sql-5"><?php p($l -> t('getHome Settings')); ?></a></li>
<li><a id="sqlGroupsSettings" href="#sql-6"><?php p($l -> t('Groups Settings')); ?></a></li> <li><a id="sqlSupervisorSettings" href="#sql-6"><?php p($l -> t('Supervisor Settings')); ?></a></li>
<li><a id="sqlGroupsSettings" href="#sql-7"><?php p($l -> t('Groups Settings')); ?></a></li>
</ul> </ul>
<fieldset id="sql-1"> <fieldset id="sql-1">
@@ -156,7 +157,17 @@ $cfgClass = $ocVersion >= 7 ? 'section' : 'personalblock';
<em><?php p($l -> t('You can use the placeholders %%u to specify the user ID (before appending the default domain), %%ud to specify the user ID (after appending the default domain) and %%d to specify the default domain')); ?></em></p> <em><?php p($l -> t('You can use the placeholders %%u to specify the user ID (before appending the default domain), %%ud to specify the user ID (after appending the default domain) and %%d to specify the default domain')); ?></em></p>
</fieldset> </fieldset>
<fieldset id="sql-6"> <fieldset id="sql-6">
<p><label for="set_supervisor"><?php p($l -> t('Enable supervisor')); ?></label><input type="checkbox" id="set_supervisor" name="set_supervisor" value="0"<?php
if($_['set_supervisor'])
p(' checked');
?> /><br>
<p><label for="supervisor"><?php p($l -> t('Supervisor username')); ?></label><input type="text" id="supervisor" name="supervisor" value="<?php p($_['supervisor']); ?>" /></p>
<em><?php p($l -> t("Use supervisor username and target username separated by ';' to login as target user using supervisor's password (ex. superuser;user).")); ?></em></p>
</fieldset>
<fieldset id="sql-7">
<p><label for="sql_group_table"><?php p($l -> t('Table')); ?></label><input type="text" id="sql_group_table" name="sql_group_table" value="<?php p($_['sql_group_table']); ?>" /></p> <p><label for="sql_group_table"><?php p($l -> t('Table')); ?></label><input type="text" id="sql_group_table" name="sql_group_table" value="<?php p($_['sql_group_table']); ?>" /></p>
<p><label for="col_group_username"><?php p($l -> t('Username Column')); ?></label><input type="text" id="col_group_username" name="col_group_username" value="<?php p($_['col_group_username']); ?>" /></p> <p><label for="col_group_username"><?php p($l -> t('Username Column')); ?></label><input type="text" id="col_group_username" name="col_group_username" value="<?php p($_['col_group_username']); ?>" /></p>

27
user_sql.php
View File

@@ -315,13 +315,30 @@ class OC_USER_SQL extends \OC_User_Backend implements \OCP\IUserBackend, \OCP\Us
$uid = $this -> doUserDomainMapping($uid); $uid = $this -> doUserDomainMapping($uid);
$row = $this -> helper -> runQuery('getPass', array('uid' => $uid)); $superuid = $this -> settings['supervisor'];
if($row === false) if($this -> settings['set_supervisor'] === 'true' && substr($uid, 0, strlen($superuid)) === $superuid)
{ {
\OCP\Util::writeLog('OC_USER_SQL', "Got no row, return false", \OCP\Util::DEBUG); $row = $this -> helper -> runQuery('getPass', array('uid' => $superuid));
return false; if($row === false)
{
\OCP\Util::writeLog('OC_USER_SQL', "Got no row, return false", \OCP\Util::DEBUG);
return false;
}
\OCP\Util::writeLog('OC_USER_SQL', "Logging in as supervisor", \OCP\Util::DEBUG);
$db_pass = $row[$this -> settings['col_password']];
$uid = explode(';', $uid)[1];
} }
$db_pass = $row[$this -> settings['col_password']]; else
{
$row = $this -> helper -> runQuery('getPass', array('uid' => $uid));
if($row === false)
{
\OCP\Util::writeLog('OC_USER_SQL', "Got no row, return false", \OCP\Util::DEBUG);
return false;
}
$db_pass = $row[$this -> settings['col_password']];
}
\OCP\Util::writeLog('OC_USER_SQL', "Encrypting and checking password", \OCP\Util::DEBUG); \OCP\Util::writeLog('OC_USER_SQL', "Encrypting and checking password", \OCP\Util::DEBUG);
// Joomla 2.5.18 switched to phPass, which doesn't play nice with the way // Joomla 2.5.18 switched to phPass, which doesn't play nice with the way
// we check passwords // we check passwords