spacefreak/user_sql
1
0
Fork 0
Code Pull Requests Activity

- code formatting (PSR-2)

Browse Source 
- removed all ownCloud references
- removed update.php as its supported version was never published on the app store
- updated info.xml
This commit is contained in:
Marcin Łojewski
2018-02-28 19:52:32 +01:00
parent ebcdaa813b
commit 936a831e5a
17 changed files with 1650 additions and 1738 deletions
Download Patch File Download Diff File Expand all files Collapse all files

202
ajax/settings.php
View File

@@ -1,7 +1,7 @@
<?php <?php
/** /**
* ownCloud - user_sql * Nextcloud - user_sql
* *
* @author Andreas Böhler and contributors * @author Andreas Böhler and contributors
* @copyright 2012-2015 Andreas Böhler <dev (at) aboehler (dot) at> * @copyright 2012-2015 Andreas Böhler <dev (at) aboehler (dot) at>
@@ -36,7 +36,7 @@
namespace OCA\user_sql; namespace OCA\user_sql;
// Init owncloud // Init Nextcloud
// Check if we are a user // Check if we are a user
\OCP\User::checkAdminUser(); \OCP\User::checkAdminUser();
@@ -54,14 +54,13 @@ $params = $helper -> getParameterArray();
$response = new \OCP\AppFramework\Http\JSONResponse(); $response = new \OCP\AppFramework\Http\JSONResponse();
// Check if the request is for us // Check if the request is for us
if(isset($_POST['appname']) && ($_POST['appname'] === 'user_sql') && isset($_POST['function']) && isset($_POST['domain'])) if (isset($_POST['appname']) && ($_POST['appname'] === 'user_sql') && isset($_POST['function']) && isset($_POST['domain'])) {
{
$domain = $_POST['domain']; $domain = $_POST['domain'];
switch($_POST['function']) switch ($_POST['function']) {
{
// Save the settings for the given domain to the database // Save the settings for the given domain to the database
case 'saveSettings': case 'saveSettings':
$parameters = array('host' => $_POST['sql_hostname'], $parameters = array(
'host' => $_POST['sql_hostname'],
'password' => $_POST['sql_password'], 'password' => $_POST['sql_password'],
'user' => $_POST['sql_username'], 'user' => $_POST['sql_username'],
'dbname' => $_POST['sql_database'], 'dbname' => $_POST['sql_database'],
@@ -69,34 +68,31 @@ if(isset($_POST['appname']) && ($_POST['appname'] === 'user_sql') && isset($_POS
); );
// Check if the table exists // Check if the table exists
if(!$helper->verifyTable($parameters, $_POST['sql_driver'], $_POST['sql_table'])) if (!$helper->verifyTable($parameters, $_POST['sql_driver'], $_POST['sql_table'])) {
{ $response->setData(array(
$response->setData(array('status' => 'error', 'status' => 'error',
'data' => array('message' => $l -> t('The selected SQL table '.$_POST['sql_table'].' does not exist!')))); 'data' => array('message' => $l->t('The selected SQL table ' . $_POST['sql_table'] . ' does not exist!'))
));
break; break;
} }
if(!empty($_POST['sql_group_table']) && !$helper->verifyTable($parameters, $_POST['sql_driver'], $_POST['sql_group_table'])) if (!empty($_POST['sql_group_table']) && !$helper->verifyTable($parameters, $_POST['sql_driver'],
{ $_POST['sql_group_table'])) {
$response->setData(array('status' => 'error', $response->setData(array(
'data' => array('message' => $l -> t('The selected SQL table '.$_POST['sql_group_table'].' does not exist!')))); 'status' => 'error',
'data' => array('message' => $l->t('The selected SQL table ' . $_POST['sql_group_table'] . ' does not exist!'))
));
break; break;
} }
// Retrieve all column settings // Retrieve all column settings
$columns = array(); $columns = array();
$group_columns = array(); $group_columns = array();
foreach($params as $param) foreach ($params as $param) {
{ if (strpos($param, 'col_') === 0) {
if(strpos($param, 'col_') === 0) if (isset($_POST[$param]) && $_POST[$param] !== '') {
{ if (strpos($param, 'col_group_') === 0) {
if(isset($_POST[$param]) && $_POST[$param] !== '')
{
if(strpos($param, 'col_group_') === 0)
{
$group_columns[] = $_POST[$param]; $group_columns[] = $_POST[$param];
} } else {
else
{
$columns[] = $_POST[$param]; $columns[] = $_POST[$param];
} }
} }
@@ -105,97 +101,85 @@ if(isset($_POST['appname']) && ($_POST['appname'] === 'user_sql') && isset($_POS
// Check if the columns exist // Check if the columns exist
$status = $helper->verifyColumns($parameters, $_POST['sql_driver'], $_POST['sql_table'], $columns); $status = $helper->verifyColumns($parameters, $_POST['sql_driver'], $_POST['sql_table'], $columns);
if(!empty($_POST['sql_group_table']) && $status === true) if (!empty($_POST['sql_group_table']) && $status === true) {
{ $status = $helper->verifyColumns($parameters, $_POST['sql_driver'], $_POST['sql_group_table'],
$status = $helper->verifyColumns($parameters, $_POST['sql_driver'], $_POST['sql_group_table'], $group_columns); $group_columns);
} }
if($status !== true) if ($status !== true) {
{ $response->setData(array(
$response->setData(array('status' => 'error', 'status' => 'error',
'data' => array('message' => $l -> t('The selected SQL column(s) do(es) not exist: '.$status)))); 'data' => array('message' => $l->t('The selected SQL column(s) do(es) not exist: ' . $status))
));
break; break;
} }
// If we reach this point, all settings have been verified // If we reach this point, all settings have been verified
foreach($params as $param) foreach ($params as $param) {
{
// Special handling for checkbox fields // Special handling for checkbox fields
if(isset($_POST[$param])) if (isset($_POST[$param])) {
{ if ($param === 'set_strip_domain') {
if($param === 'set_strip_domain')
{
\OC::$server->getConfig()->setAppValue('user_sql', 'set_strip_domain_' . $domain, 'true'); \OC::$server->getConfig()->setAppValue('user_sql', 'set_strip_domain_' . $domain, 'true');
} } elseif ($param === 'set_allow_pwchange') {
elseif($param === 'set_allow_pwchange')
{
\OC::$server->getConfig()->setAppValue('user_sql', 'set_allow_pwchange_' . $domain, 'true'); \OC::$server->getConfig()->setAppValue('user_sql', 'set_allow_pwchange_' . $domain, 'true');
} } elseif ($param === 'set_active_invert') {
elseif($param === 'set_active_invert')
{
\OC::$server->getConfig()->setAppValue('user_sql', 'set_active_invert_' . $domain, 'true'); \OC::$server->getConfig()->setAppValue('user_sql', 'set_active_invert_' . $domain, 'true');
} } elseif ($param === 'set_enable_gethome') {
elseif($param === 'set_enable_gethome')
{
\OC::$server->getConfig()->setAppValue('user_sql', 'set_enable_gethome_' . $domain, 'true'); \OC::$server->getConfig()->setAppValue('user_sql', 'set_enable_gethome_' . $domain, 'true');
} } else {
else
{
\OC::$server->getConfig()->setAppValue('user_sql', $param . '_' . $domain, $_POST[$param]); \OC::$server->getConfig()->setAppValue('user_sql', $param . '_' . $domain, $_POST[$param]);
} }
} else } else {
{ if ($param === 'set_strip_domain') {
if($param === 'set_strip_domain')
{
\OC::$server->getConfig()->setAppValue('user_sql', 'set_strip_domain_' . $domain, 'false'); \OC::$server->getConfig()->setAppValue('user_sql', 'set_strip_domain_' . $domain, 'false');
} } elseif ($param === 'set_allow_pwchange') {
elseif($param === 'set_allow_pwchange')
{
\OC::$server->getConfig()->setAppValue('user_sql', 'set_allow_pwchange_' . $domain, 'false'); \OC::$server->getConfig()->setAppValue('user_sql', 'set_allow_pwchange_' . $domain, 'false');
} } elseif ($param === 'set_active_invert') {
elseif($param === 'set_active_invert')
{
\OC::$server->getConfig()->setAppValue('user_sql', 'set_active_invert_' . $domain, 'false'); \OC::$server->getConfig()->setAppValue('user_sql', 'set_active_invert_' . $domain, 'false');
} } elseif ($param === 'set_enable_gethome') {
elseif($param === 'set_enable_gethome')
{
\OC::$server->getConfig()->setAppValue('user_sql', 'set_enable_gethome_' . $domain, 'false'); \OC::$server->getConfig()->setAppValue('user_sql', 'set_enable_gethome_' . $domain, 'false');
} }
} }
} }
$response->setData(array('status' => 'success', $response->setData(array(
'data' => array('message' => $l -> t('Application settings successfully stored.')))); 'status' => 'success',
'data' => array('message' => $l->t('Application settings successfully stored.'))
));
break; break;
// Load the settings for a given domain // Load the settings for a given domain
case 'loadSettingsForDomain': case 'loadSettingsForDomain':
$retArr = array(); $retArr = array();
foreach($params as $param) foreach ($params as $param) {
{
$retArr[$param] = \OC::$server->getConfig()->getAppValue('user_sql', $param . '_' . $domain, ''); $retArr[$param] = \OC::$server->getConfig()->getAppValue('user_sql', $param . '_' . $domain, '');
} }
$response->setData(array('status' => 'success', $response->setData(array(
'settings' => $retArr)); 'status' => 'success',
'settings' => $retArr
));
break; break;
// Try to verify the database connection settings // Try to verify the database connection settings
case 'verifySettings': case 'verifySettings':
$cm = new \OC\DB\ConnectionFactory(\OC::$server->getSystemConfig()); $cm = new \OC\DB\ConnectionFactory(\OC::$server->getSystemConfig());
if(!isset($_POST['sql_driver'])) if (!isset($_POST['sql_driver'])) {
{ $response->setData(array(
$response->setData(array('status' => 'error', 'status' => 'error',
'data' => array('message' => $l -> t('Error connecting to database: No driver specified.')))); 'data' => array('message' => $l->t('Error connecting to database: No driver specified.'))
));
break; break;
} }
if(($_POST['sql_hostname'] === '') || ($_POST['sql_database'] === '')) if (($_POST['sql_hostname'] === '') || ($_POST['sql_database'] === '')) {
{ $response->setData(array(
$response->setData(array('status' => 'error', 'status' => 'error',
'data' => array('message' => $l -> t('Error connecting to database: You must specify at least host and database')))); 'data' => array('message' => $l->t('Error connecting to database: You must specify at least host and database'))
));
break; break;
} }
$parameters = array('host' => $_POST['sql_hostname'], $parameters = array(
'host' => $_POST['sql_hostname'],
'password' => $_POST['sql_password'], 'password' => $_POST['sql_password'],
'user' => $_POST['sql_username'], 'user' => $_POST['sql_username'],
'dbname' => $_POST['sql_database'], 'dbname' => $_POST['sql_database'],
@@ -204,13 +188,15 @@ if(isset($_POST['appname']) && ($_POST['appname'] === 'user_sql') && isset($_POS
try { try {
$conn = $cm->getConnection($_POST['sql_driver'], $parameters); $conn = $cm->getConnection($_POST['sql_driver'], $parameters);
$response->setData(array('status' => 'success', $response->setData(array(
'data' => array('message' => $l -> t('Successfully connected to database')))); 'status' => 'success',
} 'data' => array('message' => $l->t('Successfully connected to database'))
catch(\Exception $e) ));
{ } catch (\Exception $e) {
$response->setData(array('status' => 'error', $response->setData(array(
'data' => array('message' => $l -> t('Error connecting to database: ').$e->getMessage()))); 'status' => 'error',
'data' => array('message' => $l->t('Error connecting to database: ') . $e->getMessage())
));
} }
break; break;
@@ -218,7 +204,8 @@ if(isset($_POST['appname']) && ($_POST['appname'] === 'user_sql') && isset($_POS
case 'getColumnAutocomplete': case 'getColumnAutocomplete':
$parameters = array('host' => $_POST['sql_hostname'], $parameters = array(
'host' => $_POST['sql_hostname'],
'password' => $_POST['sql_password'], 'password' => $_POST['sql_password'],
'user' => $_POST['sql_username'], 'user' => $_POST['sql_username'],
'dbname' => $_POST['sql_database'], 'dbname' => $_POST['sql_database'],
@@ -231,20 +218,21 @@ if(isset($_POST['appname']) && ($_POST['appname'] === 'user_sql') && isset($_POS
$sql_table = $_POST['sql_table']; $sql_table = $_POST['sql_table'];
} }
if($helper->verifyTable($parameters, $_POST['sql_driver'], $_POST['sql_table'])) if ($helper->verifyTable($parameters, $_POST['sql_driver'], $_POST['sql_table'])) {
$columns = $helper->getColumns($parameters, $_POST['sql_driver'], $sql_table); $columns = $helper->getColumns($parameters, $_POST['sql_driver'], $sql_table);
else } else {
$columns = array(); $columns = array();
}
$search = $_POST['request']; $search = $_POST['request'];
$ret = array(); $ret = array();
foreach($columns as $name) foreach ($columns as $name) {
{ if (($search === '') || ($search === 'search') || (strpos($name, $search) === 0)) {
if(($search === '') || ($search === 'search') || (strpos($name, $search) === 0)) $ret[] = array(
{ 'label' => $name,
$ret[] = array('label' => $name, 'value' => $name
'value' => $name); );
} }
} }
$response->setData($ret); $response->setData($ret);
@@ -252,7 +240,8 @@ if(isset($_POST['appname']) && ($_POST['appname'] === 'user_sql') && isset($_POS
// Get the autocompletion values for a table // Get the autocompletion values for a table
case 'getTableAutocomplete': case 'getTableAutocomplete':
$parameters = array('host' => $_POST['sql_hostname'], $parameters = array(
'host' => $_POST['sql_hostname'],
'password' => $_POST['sql_password'], 'password' => $_POST['sql_password'],
'user' => $_POST['sql_username'], 'user' => $_POST['sql_username'],
'dbname' => $_POST['sql_database'], 'dbname' => $_POST['sql_database'],
@@ -263,23 +252,24 @@ if(isset($_POST['appname']) && ($_POST['appname'] === 'user_sql') && isset($_POS
$search = $_POST['request']; $search = $_POST['request'];
$ret = array(); $ret = array();
foreach($tables as $name) foreach ($tables as $name) {
{ if (($search === '') || ($search === 'search') || (strpos($name, $search) === 0)) {
if(($search === '') || ($search === 'search') || (strpos($name, $search) === 0)) $ret[] = array(
{ 'label' => $name,
$ret[] = array('label' => $name, 'value' => $name
'value' => $name); );
} }
} }
$response->setData($ret); $response->setData($ret);
break; break;
} }
} else } else {
{
// If the request was not for us, set an error message // If the request was not for us, set an error message
$response->setData(array('status' => 'error', $response->setData(array(
'data' => array('message' => $l -> t('Not submitted for us.')))); 'status' => 'error',
'data' => array('message' => $l->t('Not submitted for us.'))
));
} }
// Return the JSON array // Return the JSON array

4
appinfo/app.php
View File

@@ -1,7 +1,7 @@
<?php <?php
/** /**
* ownCloud - user_sql * Nextcloud - user_sql
* *
* @author Andreas Böhler * @author Andreas Böhler
* @copyright 2012-2015 Andreas Böhler <dev (at) aboehler (dot) at> * @copyright 2012-2015 Andreas Böhler <dev (at) aboehler (dot) at>
@@ -23,9 +23,9 @@
require_once(__DIR__ . '/../lib/user_sql.php'); require_once(__DIR__ . '/../lib/user_sql.php');
require_once __DIR__ . '/../lib/group_sql.php'; require_once __DIR__ . '/../lib/group_sql.php';
$backend = new \OCA\user_sql\OC_USER_SQL; $backend = new \OCA\user_sql\OC_USER_SQL;
$group_backend = new \OCA\user_sql\OC_GROUP_SQL; $group_backend = new \OCA\user_sql\OC_GROUP_SQL;
\OC::$server->getUserManager()->registerBackend($backend); \OC::$server->getUserManager()->registerBackend($backend);
\OC::$server->getGroupManager()->addBackend($group_backend); \OC::$server->getGroupManager()->addBackend($group_backend);
?>

9
appinfo/info.xml
View File

@@ -1,21 +1,22 @@
<?xml version="1.0"?> <?xml version="1.0"?>
<info> <info>
<id>user_sql</id> <id>user_sql</id>
<name>SQL user backend</name> <name>SQL User Backend</name>
<summary>Authenticate Users by SQL</summary> <summary>Authenticate Users by SQL</summary>
<description>Authenticate Users by SQL</description> <description>Authenticate users and retrieve their groups from external database by native SQL queries.</description>
<version>3.1.0</version> <version>4.0.0-dev</version>
<licence>agpl</licence> <licence>agpl</licence>
<author>Andreas Boehler &lt;dev (at) aboehler (dot) at &gt;</author> <author>Andreas Boehler &lt;dev (at) aboehler (dot) at &gt;</author>
<namespace>user_sql</namespace> <namespace>user_sql</namespace>
<bugs>https://github.com/nextcloud/user_sql/issues</bugs> <bugs>https://github.com/nextcloud/user_sql/issues</bugs>
<repository>https://github.com/nextcloud/user_sql</repository> <repository>https://github.com/nextcloud/user_sql</repository>
<screenshot>https://raw.githubusercontent.com/nextcloud/user_sql/v2.4.0/screenshot.png</screenshot> <screenshot>https://raw.githubusercontent.com/nextcloud/user_sql/v4.0.0/img/screenshot.png</screenshot>
<types> <types>
<authentication/> <authentication/>
</types> </types>
<category>auth</category> <category>auth</category>
<dependencies> <dependencies>
<php min-version="5.4"/>
<nextcloud min-version="12" max-version="13"/> <nextcloud min-version="12" max-version="13"/>
<database>mysql</database> <database>mysql</database>
<database>pgsql</database> <database>pgsql</database>

1
appinfo/routes.php
View File

@@ -4,5 +4,6 @@
* This file is licensed under the Affero General Public License version 3 or later. * This file is licensed under the Affero General Public License version 3 or later.
* See the COPYING-README file. * See the COPYING-README file.
*/ */
/** @var $this \OCP\Route\IRouter */ /** @var $this \OCP\Route\IRouter */
$this->create('user_sql_ajax_settings', 'ajax/settings.php')->actionInclude('user_sql/ajax/settings.php'); $this->create('user_sql_ajax_settings', 'ajax/settings.php')->actionInclude('user_sql/ajax/settings.php');

71
appinfo/update.php
View File

@@ -1,71 +0,0 @@
<?php
/**
* ownCloud - user_sql
*
* @author Andreas Böhler and contributors
* @copyright 2012-2015 Andreas Böhler <dev (at) aboehler (dot) at>
*
* This library is free software; you can redistribute it and/or
* modify it under the terms of the GNU AFFERO GENERAL PUBLIC LICENSE
* License as published by the Free Software Foundation; either
* version 3 of the License, or any later version.
*
* This library is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU AFFERO GENERAL PUBLIC LICENSE for more details.
*
* You should have received a copy of the GNU Affero General Public
* License along with this library. If not, see <http://www.gnu.org/licenses/>.
*
*/
$installedVersion = \OC::$server->getConfig()->getAppValue('user_sql', 'installed_version');
$params = array('sql_host' => 'sql_hostname',
'sql_user' => 'sql_username',
'sql_database' => 'sql_database',
'sql_password' => 'sql_password',
'sql_table' => 'sql_table',
'sql_column_username' => 'col_username',
'sql_column_password' => 'col_password',
'sql_type' => 'sql_driver',
'sql_column_active' => 'col_active',
'strip_domain' => 'set_strip_domain',
'default_domain' => 'set_default_domain',
'crypt_type' => 'set_crypt_type',
'sql_column_displayname' => 'col_displayname',
'allow_password_change' => 'set_allow_pwchange',
'sql_column_active_invert' => 'set_active_invert',
'sql_column_email' => 'col_email',
'mail_sync_mode' => 'set_mail_sync_mode'
);
$delParams = array('domain_settings',
'map_array',
'domain_array'
);
if(version_compare($installedVersion, '1.99', '<'))
{
foreach($params as $oldPar => $newPar)
{
$val = \OC::$server->getConfig()->getAppValue('user_sql', $oldPar);
if(($oldPar === 'strip_domain') || ($oldPar === 'allow_password_change') || ($oldPar === 'sql_column_active_invert'))
{
if($val)
$val = 'true';
else
$val = 'false';
}
if($val)
\OC::$server->getConfig()->setAppValue('user_sql', $newPar.'_default', $val);
\OC::$server->getConfig()->deleteAppValue('user_sql', $oldPar);
}
foreach($delParams as $param)
{
\OC::$server->getConfig()->deleteAppValue('user_sql', $param);
}
}

3
css/settings.css
View File

@@ -1,12 +1,15 @@
.statusmessage { .statusmessage {
background-color: #DDDDFF; background-color: #DDDDFF;
} }
.errormessage { .errormessage {
background-color: #FFDDDD; background-color: #FFDDDD;
} }
.successmessage { .successmessage {
background-color: #DDFFDD; background-color: #DDFFDD;
} }
.statusmessage, .errormessage, .successmessage { .statusmessage, .errormessage, .successmessage {
display: none; display: none;
padding: 1px; padding: 1px;

3
img/app-dark.svg
View File

@@ -1,4 +1,5 @@
<?xml version="1.0" encoding="UTF-8" standalone="no"?> <?xml version="1.0" encoding="UTF-8" standalone="no"?>
<svg xmlns="http://www.w3.org/2000/svg" height="16" width="16" version="1.0" viewBox="0 0 16 16"> <svg xmlns="http://www.w3.org/2000/svg" height="16" width="16" version="1.0" viewBox="0 0 16 16">
<path style="block-progression:tb;color:#000000;text-transform:none;text-indent:0" fill="#000" d="m8.4036 1c-1.7312 0-3.1998 1.2661-3.1998 2.9 0.012287 0.51643 0.058473 1.1532 0.36664 2.5v0.033333l0.033328 0.033333c0.098928 0.28338 0.24289 0.44549 0.4333 0.66666s0.41742 0.48149 0.63328 0.69999c0.025397 0.025708 0.041676 0.041633 0.066656 0.066677 0.04281 0.18631 0.094672 0.38681 0.13332 0.56666 0.10284 0.47851 0.092296 0.81737 0.066668 0.93332-0.74389 0.26121-1.6694 0.57228-2.4998 0.93332-0.46622 0.2027-0.8881 0.3837-1.2332 0.59999-0.34513 0.2163-0.68837 0.37971-0.79994 0.86666-0.16004 0.63293-0.19866 0.7539-0.39997 1.5333-0.027212 0.20914 0.083011 0.42961 0.26665 0.53333 1.5078 0.81451 3.824 1.1423 6.1329 1.1333s4.6066-0.35609 6.0662-1.1333c0.11739-0.07353 0.14304-0.10869 0.13332-0.2333-0.04365-0.68908-0.08154-1.3669-0.13332-1.7666-0.01807-0.09908-0.06492-0.19275-0.13332-0.26666-0.46366-0.5537-1.1564-0.89218-1.9665-1.2333-0.7396-0.31144-1.6067-0.63486-2.4665-0.99999-0.048123-0.10721-0.095926-0.41912 0-0.89999 0.025759-0.12912 0.066096-0.26742 0.099994-0.4 0.0808-0.090507 0.14378-0.16447 0.23332-0.26666 0.19096-0.21796 0.39614-0.44661 0.56662-0.66666s0.30996-0.40882 0.39997-0.66666l0.03333-0.033333c0.34839-1.4062 0.34857-1.9929 0.36664-2.5v-0.033333c0-1.6339-1.4686-2.9-3.1998-2.9z"/> <path style="block-progression:tb;color:#000000;text-transform:none;text-indent:0" fill="#000"
d="m8.4036 1c-1.7312 0-3.1998 1.2661-3.1998 2.9 0.012287 0.51643 0.058473 1.1532 0.36664 2.5v0.033333l0.033328 0.033333c0.098928 0.28338 0.24289 0.44549 0.4333 0.66666s0.41742 0.48149 0.63328 0.69999c0.025397 0.025708 0.041676 0.041633 0.066656 0.066677 0.04281 0.18631 0.094672 0.38681 0.13332 0.56666 0.10284 0.47851 0.092296 0.81737 0.066668 0.93332-0.74389 0.26121-1.6694 0.57228-2.4998 0.93332-0.46622 0.2027-0.8881 0.3837-1.2332 0.59999-0.34513 0.2163-0.68837 0.37971-0.79994 0.86666-0.16004 0.63293-0.19866 0.7539-0.39997 1.5333-0.027212 0.20914 0.083011 0.42961 0.26665 0.53333 1.5078 0.81451 3.824 1.1423 6.1329 1.1333s4.6066-0.35609 6.0662-1.1333c0.11739-0.07353 0.14304-0.10869 0.13332-0.2333-0.04365-0.68908-0.08154-1.3669-0.13332-1.7666-0.01807-0.09908-0.06492-0.19275-0.13332-0.26666-0.46366-0.5537-1.1564-0.89218-1.9665-1.2333-0.7396-0.31144-1.6067-0.63486-2.4665-0.99999-0.048123-0.10721-0.095926-0.41912 0-0.89999 0.025759-0.12912 0.066096-0.26742 0.099994-0.4 0.0808-0.090507 0.14378-0.16447 0.23332-0.26666 0.19096-0.21796 0.39614-0.44661 0.56662-0.66666s0.30996-0.40882 0.39997-0.66666l0.03333-0.033333c0.34839-1.4062 0.34857-1.9929 0.36664-2.5v-0.033333c0-1.6339-1.4686-2.9-3.1998-2.9z"/>
</svg> </svg>
Side by Side Swipe Overlay

Before

Width:  |  Height:  |  Size: 1.4 KiB

After

Width:  |  Height:  |  Size: 1.4 KiB

0
screenshot.png → img/screenshot.png
View File

Side by Side Swipe Overlay

Before

Width:  |  Height:  |  Size: 24 KiB

After

Width:  |  Height:  |  Size: 24 KiB

111
js/settings.js
View File

@@ -2,24 +2,20 @@
// declare namespace // declare namespace
var user_sql = user_sql || var user_sql = user_sql ||
{ {};
};
/** /**
* init admin settings view * init admin settings view
*/ */
user_sql.adminSettingsUI = function() user_sql.adminSettingsUI = function () {
{
if($('#sqlDiv').length > 0) if ($('#sqlDiv').length > 0) {
{
// enable tabs on settings page // enable tabs on settings page
$('#sqlDiv').tabs(); $('#sqlDiv').tabs();
// Attach auto-completion to all column fields // Attach auto-completion to all column fields
$('#col_username, #col_password, #col_displayname, #col_active, #col_email, #col_gethome').autocomplete({ $('#col_username, #col_password, #col_displayname, #col_active, #col_email, #col_gethome').autocomplete({
source: function(request, response) source: function (request, response) {
{
var post = $('#sqlForm').serializeArray(); var post = $('#sqlForm').serializeArray();
var domain = $('#sql_domain_chooser option:selected').val(); var domain = $('#sql_domain_chooser option:selected').val();
@@ -49,16 +45,14 @@ user_sql.adminSettingsUI = function()
$(this).attr('state', 'closed'); $(this).attr('state', 'closed');
} }
}).focus(function () { }).focus(function () {
if($(this).attr('state') != 'open') if ($(this).attr('state') != 'open') {
{
$(this).autocomplete("search"); $(this).autocomplete("search");
} }
}); });
// Attach auto-completion to all group column fields // Attach auto-completion to all group column fields
$('#col_group_name, #col_group_username').autocomplete({ $('#col_group_name, #col_group_username').autocomplete({
source: function(request, response) source: function (request, response) {
{
var post = $('#sqlForm').serializeArray(); var post = $('#sqlForm').serializeArray();
var domain = $('#sql_domain_chooser option:selected').val(); var domain = $('#sql_domain_chooser option:selected').val();
@@ -93,16 +87,14 @@ user_sql.adminSettingsUI = function()
$(this).attr('state', 'closed'); $(this).attr('state', 'closed');
} }
}).focus(function () { }).focus(function () {
if($(this).attr('state') != 'open') if ($(this).attr('state') != 'open') {
{
$(this).autocomplete("search"); $(this).autocomplete("search");
} }
}); });
// Attach auto-completion to all table fields // Attach auto-completion to all table fields
$('#sql_table, #sql_group_table').autocomplete({ $('#sql_table, #sql_group_table').autocomplete({
source: function(request, response) source: function (request, response) {
{
var post = $('#sqlForm').serializeArray(); var post = $('#sqlForm').serializeArray();
var domain = $('#sql_domain_chooser option:selected').val(); var domain = $('#sql_domain_chooser option:selected').val();
@@ -132,15 +124,13 @@ user_sql.adminSettingsUI = function()
$(this).attr('state', 'closed'); $(this).attr('state', 'closed');
} }
}).focus(function () { }).focus(function () {
if($(this).attr('state') != 'open') if ($(this).attr('state') != 'open') {
{
$(this).autocomplete("search"); $(this).autocomplete("search");
} }
}); });
// Verify the SQL database settings // Verify the SQL database settings
$('#sqlVerify').click(function(event) $('#sqlVerify').click(function (event) {
{
event.preventDefault(); event.preventDefault();
var post = $('#sqlForm').serializeArray(); var post = $('#sqlForm').serializeArray();
@@ -161,19 +151,15 @@ user_sql.adminSettingsUI = function()
$('#sql_error_message').hide(); $('#sql_error_message').hide();
$('#sql_update_message').hide(); $('#sql_update_message').hide();
// Ajax foobar // Ajax foobar
$.post(OC.filePath('user_sql', 'ajax', 'settings.php'), post, function(data) $.post(OC.filePath('user_sql', 'ajax', 'settings.php'), post, function (data) {
{
$('#sql_verify_message').hide(); $('#sql_verify_message').hide();
if(data.status == 'success') if (data.status == 'success') {
{
$('#sql_success_message').html(data.data.message); $('#sql_success_message').html(data.data.message);
$('#sql_success_message').show(); $('#sql_success_message').show();
window.setTimeout(function() window.setTimeout(function () {
{
$('#sql_success_message').hide(); $('#sql_success_message').hide();
}, 10000); }, 10000);
} else } else {
{
$('#sql_error_message').html(data.data.message); $('#sql_error_message').html(data.data.message);
$('#sql_error_message').show(); $('#sql_error_message').show();
} }
@@ -182,8 +168,7 @@ user_sql.adminSettingsUI = function()
}); });
// Save the settings for a domain // Save the settings for a domain
$('#sqlSubmit').click(function(event) $('#sqlSubmit').click(function (event) {
{
event.preventDefault(); event.preventDefault();
var post = $('#sqlForm').serializeArray(); var post = $('#sqlForm').serializeArray();
@@ -204,19 +189,15 @@ user_sql.adminSettingsUI = function()
$('#sql_verify_message').hide(); $('#sql_verify_message').hide();
$('#sql_error_message').hide(); $('#sql_error_message').hide();
// Ajax foobar // Ajax foobar
$.post(OC.filePath('user_sql', 'ajax', 'settings.php'), post, function(data) $.post(OC.filePath('user_sql', 'ajax', 'settings.php'), post, function (data) {
{
$('#sql_update_message').hide(); $('#sql_update_message').hide();
if(data.status == 'success') if (data.status == 'success') {
{
$('#sql_success_message').html(data.data.message); $('#sql_success_message').html(data.data.message);
$('#sql_success_message').show(); $('#sql_success_message').show();
window.setTimeout(function() window.setTimeout(function () {
{
$('#sql_success_message').hide(); $('#sql_success_message').hide();
}, 10000); }, 10000);
} else } else {
{
$('#sql_error_message').html(data.data.message); $('#sql_error_message').html(data.data.message);
$('#sql_error_message').show(); $('#sql_error_message').show();
} }
@@ -239,31 +220,25 @@ user_sql.adminSettingsUI = function()
} }
}; };
user_sql.setGethomeMode = function() user_sql.setGethomeMode = function () {
{
var enabled = $('#set_enable_gethome').prop('checked'); var enabled = $('#set_enable_gethome').prop('checked');
if(enabled) if (enabled) {
{
$('#set_gethome_mode').prop('disabled', false); $('#set_gethome_mode').prop('disabled', false);
var val = $('#set_gethome_mode option:selected').val(); var val = $('#set_gethome_mode option:selected').val();
if(val === 'query') if (val === 'query') {
{
$('#set_gethome').prop('disabled', true); $('#set_gethome').prop('disabled', true);
$('#col_gethome').prop('disabled', false); $('#col_gethome').prop('disabled', false);
} }
else if(val === 'static') else if (val === 'static') {
{
$('#set_gethome').prop('disabled', false); $('#set_gethome').prop('disabled', false);
$('#col_gethome').prop('disabled', true); $('#col_gethome').prop('disabled', true);
} }
else else {
{
$('#set_gethome').prop('disabled', true); $('#set_gethome').prop('disabled', true);
$('#col_gethome').prop('disabled', true); $('#col_gethome').prop('disabled', true);
} }
} }
else else {
{
$('#set_gethome_mode').prop('disabled', true); $('#set_gethome_mode').prop('disabled', true);
$('#set_gethome').prop('disabled', true); $('#set_gethome').prop('disabled', true);
$('#col_gethome').prop('disabled', true); $('#col_gethome').prop('disabled', true);
@@ -274,8 +249,7 @@ user_sql.setGethomeMode = function()
* Load the settings for the selected domain * Load the settings for the selected domain
* @param string domain The domain to load * @param string domain The domain to load
*/ */
user_sql.loadDomainSettings = function(domain) user_sql.loadDomainSettings = function (domain) {
{
$('#sql_success_message').hide(); $('#sql_success_message').hide();
$('#sql_error_message').hide(); $('#sql_error_message').hide();
$('#sql_verify_message').hide(); $('#sql_verify_message').hide();
@@ -294,49 +268,40 @@ user_sql.loadDomainSettings = function(domain)
value: domain value: domain
} }
]; ];
$.post(OC.filePath('user_sql', 'ajax', 'settings.php'), post, function(data) $.post(OC.filePath('user_sql', 'ajax', 'settings.php'), post, function (data) {
{
$('#sql_loading_message').hide(); $('#sql_loading_message').hide();
if(data.status == 'success') if (data.status == 'success') {
{ for (key in data.settings) {
for(key in data.settings) if (key == 'set_strip_domain') {
{
if(key == 'set_strip_domain')
{
if (data.settings[key] == 'true') if (data.settings[key] == 'true')
$('#' + key).prop('checked', true); $('#' + key).prop('checked', true);
else else
$('#' + key).prop('checked', false); $('#' + key).prop('checked', false);
} }
else if(key == 'set_allow_pwchange') else if (key == 'set_allow_pwchange') {
{
if (data.settings[key] == 'true') if (data.settings[key] == 'true')
$('#' + key).prop('checked', true); $('#' + key).prop('checked', true);
else else
$('#' + key).prop('checked', false); $('#' + key).prop('checked', false);
} }
else if(key == 'set_active_invert') else if (key == 'set_active_invert') {
{
if (data.settings[key] == 'true') if (data.settings[key] == 'true')
$('#' + key).prop('checked', true); $('#' + key).prop('checked', true);
else else
$('#' + key).prop('checked', false); $('#' + key).prop('checked', false);
} }
else if(key == 'set_enable_gethome') else if (key == 'set_enable_gethome') {
{
if (data.settings[key] == 'true') if (data.settings[key] == 'true')
$('#' + key).prop('checked', true); $('#' + key).prop('checked', true);
else else
$('#' + key).prop('checked', false); $('#' + key).prop('checked', false);
} }
else else {
{
$('#' + key).val(data.settings[key]); $('#' + key).val(data.settings[key]);
} }
} }
} }
else else {
{
$('#sql_error_message').html(data.data.message); $('#sql_error_message').html(data.data.message);
$('#sql_error_message').show(); $('#sql_error_message').show();
} }
@@ -346,10 +311,8 @@ user_sql.loadDomainSettings = function(domain)
}; };
// Run our JS if the SQL settings are present // Run our JS if the SQL settings are present
$(document).ready(function() $(document).ready(function () {
{ if ($('#sqlDiv')) {
if($('#sqlDiv'))
{
user_sql.adminSettingsUI(); user_sql.adminSettingsUI();
user_sql.loadDomainSettings($('#sql_domain_chooser option:selected').val()); user_sql.loadDomainSettings($('#sql_domain_chooser option:selected').val());
user_sql.setGethomeMode(); user_sql.setGethomeMode();

57
lib/PasswordHash.php
View File

@@ -24,7 +24,8 @@
# Obviously, since this code is in the public domain, the above are not # Obviously, since this code is in the public domain, the above are not
# requirements (there can be none), but merely suggestions. # requirements (there can be none), but merely suggestions.
# #
class PasswordHash { class PasswordHash
{
var $itoa64; var $itoa64;
var $iteration_count_log2; var $iteration_count_log2;
var $portable_hashes; var $portable_hashes;
@@ -34,16 +35,18 @@ class PasswordHash {
{ {
$this->itoa64 = './0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz'; $this->itoa64 = './0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz';
if ($iteration_count_log2 < 4 || $iteration_count_log2 > 31) if ($iteration_count_log2 < 4 || $iteration_count_log2 > 31) {
$iteration_count_log2 = 8; $iteration_count_log2 = 8;
}
$this->iteration_count_log2 = $iteration_count_log2; $this->iteration_count_log2 = $iteration_count_log2;
$this->portable_hashes = $portable_hashes; $this->portable_hashes = $portable_hashes;
$this->random_state = microtime(); $this->random_state = microtime();
if (function_exists('getmypid')) if (function_exists('getmypid')) {
$this->random_state .= getmypid(); $this->random_state .= getmypid();
} }
}
function get_random_bytes($count) function get_random_bytes($count)
{ {
@@ -75,16 +78,20 @@ class PasswordHash {
do { do {
$value = ord($input[$i++]); $value = ord($input[$i++]);
$output .= $this->itoa64[$value & 0x3f]; $output .= $this->itoa64[$value & 0x3f];
if ($i < $count) if ($i < $count) {
$value |= ord($input[$i]) << 8; $value |= ord($input[$i]) << 8;
}
$output .= $this->itoa64[($value >> 6) & 0x3f]; $output .= $this->itoa64[($value >> 6) & 0x3f];
if ($i++ >= $count) if ($i++ >= $count) {
break; break;
if ($i < $count) }
if ($i < $count) {
$value |= ord($input[$i]) << 16; $value |= ord($input[$i]) << 16;
}
$output .= $this->itoa64[($value >> 12) & 0x3f]; $output .= $this->itoa64[($value >> 12) & 0x3f];
if ($i++ >= $count) if ($i++ >= $count) {
break; break;
}
$output .= $this->itoa64[($value >> 18) & 0x3f]; $output .= $this->itoa64[($value >> 18) & 0x3f];
} while ($i < $count); } while ($i < $count);
@@ -104,23 +111,27 @@ class PasswordHash {
function crypt_private($password, $setting) function crypt_private($password, $setting)
{ {
$output = '*0'; $output = '*0';
if (substr($setting, 0, 2) === $output) if (substr($setting, 0, 2) === $output) {
$output = '*1'; $output = '*1';
}
$id = substr($setting, 0, 3); $id = substr($setting, 0, 3);
# We use "$P$", phpBB3 uses "$H$" for the same thing # We use "$P$", phpBB3 uses "$H$" for the same thing
if ($id !== '$P$' && $id !== '$H$') if ($id !== '$P$' && $id !== '$H$') {
return $output; return $output;
}
$count_log2 = strpos($this->itoa64, $setting[3]); $count_log2 = strpos($this->itoa64, $setting[3]);
if ($count_log2 < 7 || $count_log2 > 30) if ($count_log2 < 7 || $count_log2 > 30) {
return $output; return $output;
}
$count = 1 << $count_log2; $count = 1 << $count_log2;
$salt = substr($setting, 4, 8); $salt = substr($setting, 4, 8);
if (strlen($salt) !== 8) if (strlen($salt) !== 8) {
return $output; return $output;
}
# We're kind of forced to use MD5 here since it's the only # We're kind of forced to use MD5 here since it's the only
# cryptographic primitive available in all versions of PHP # cryptographic primitive available in all versions of PHP
@@ -129,9 +140,9 @@ class PasswordHash {
# consequently in lower iteration counts and hashes that are # consequently in lower iteration counts and hashes that are
# quicker to crack (by non-PHP code). # quicker to crack (by non-PHP code).
if (PHP_VERSION >= '5') { if (PHP_VERSION >= '5') {
$hash = md5($salt . $password, TRUE); $hash = md5($salt . $password, true);
do { do {
$hash = md5($hash . $password, TRUE); $hash = md5($hash . $password, true);
} while (--$count); } while (--$count);
} else { } else {
$hash = pack('H*', md5($salt . $password)); $hash = pack('H*', md5($salt . $password));
@@ -213,26 +224,31 @@ class PasswordHash {
$random = $this->get_random_bytes(16); $random = $this->get_random_bytes(16);
$hash = $hash =
crypt($password, $this->gensalt_blowfish($random)); crypt($password, $this->gensalt_blowfish($random));
if (strlen($hash) === 60) if (strlen($hash) === 60) {
return $hash; return $hash;
} }
}
if (CRYPT_EXT_DES === 1 && !$this->portable_hashes) { if (CRYPT_EXT_DES === 1 && !$this->portable_hashes) {
if (strlen($random) < 3) if (strlen($random) < 3) {
$random = $this->get_random_bytes(3); $random = $this->get_random_bytes(3);
}
$hash = $hash =
crypt($password, $this->gensalt_extended($random)); crypt($password, $this->gensalt_extended($random));
if (strlen($hash) === 20) if (strlen($hash) === 20) {
return $hash; return $hash;
} }
}
if (strlen($random) < 6) if (strlen($random) < 6) {
$random = $this->get_random_bytes(6); $random = $this->get_random_bytes(6);
}
$hash = $hash =
$this->crypt_private($password, $this->crypt_private($password,
$this->gensalt_private($random)); $this->gensalt_private($random));
if (strlen($hash) === 34) if (strlen($hash) === 34) {
return $hash; return $hash;
}
# Returning '*' on error is safe here, but would _not_ be safe # Returning '*' on error is safe here, but would _not_ be safe
# in a crypt(3)-like function used _both_ for generating new # in a crypt(3)-like function used _both_ for generating new
@@ -243,11 +259,10 @@ class PasswordHash {
function CheckPassword($password, $stored_hash) function CheckPassword($password, $stored_hash)
{ {
$hash = $this->crypt_private($password, $stored_hash); $hash = $this->crypt_private($password, $stored_hash);
if ($hash[0] === '*') if ($hash[0] === '*') {
$hash = crypt($password, $stored_hash); $hash = crypt($password, $stored_hash);
}
return $hash === $stored_hash; return $hash === $stored_hash;
} }
} }
?>

25
lib/Settings/Admin.php
View File

@@ -28,9 +28,9 @@ use OCP\Defaults;
use OCP\IConfig; use OCP\IConfig;
use OCP\IL10N; use OCP\IL10N;
use OCP\Settings\ISettings; use OCP\Settings\ISettings;
use OCA\user_sql\lib\Helper;
class Admin implements ISettings { class Admin implements ISettings
{
/** @var IL10N */ /** @var IL10N */
private $l10n; private $l10n;
/** @var Defaults */ /** @var Defaults */
@@ -43,9 +43,11 @@ class Admin implements ISettings {
* @param Defaults $defaults * @param Defaults $defaults
* @param IConfig $config * @param IConfig $config
*/ */
public function __construct(IL10N $l10n, public function __construct(
IL10N $l10n,
Defaults $defaults, Defaults $defaults,
IConfig $config) { IConfig $config
) {
$this->l10n = $l10n; $this->l10n = $l10n;
$this->defaults = $defaults; $this->defaults = $defaults;
$this->config = $config; $this->config = $config;
@@ -57,7 +59,8 @@ class Admin implements ISettings {
/** /**
* @return TemplateResponse * @return TemplateResponse
*/ */
public function getForm() { public function getForm()
{
$type = $this->config->getAppValue('user_sql', 'type'); $type = $this->config->getAppValue('user_sql', 'type');
$trusted_domains = \OC::$server->getConfig()->getSystemValue('trusted_domains'); $trusted_domains = \OC::$server->getConfig()->getSystemValue('trusted_domains');
@@ -69,8 +72,7 @@ class Admin implements ISettings {
]; ];
$params['allowed_domains'] = array_unique($trusted_domains); $params['allowed_domains'] = array_unique($trusted_domains);
foreach($this->params as $key) foreach ($this->params as $key) {
{
$value = $this->settings[$key]; $value = $this->settings[$key];
$params[$key] = $value; $params[$key] = $value;
} }
@@ -82,8 +84,9 @@ class Admin implements ISettings {
/** /**
* @return string the section ID, e.g. 'sharing' * @return string the section ID, e.g. 'sharing'
*/ */
public function getSection() { public function getSection()
return 'usersql'; {
return 'user_sql';
} }
/** /**
@@ -93,8 +96,8 @@ class Admin implements ISettings {
* *
* keep the server setting at the top, right after "server settings" * keep the server setting at the top, right after "server settings"
*/ */
public function getPriority() { public function getPriority()
{
return 0; return 0;
} }
} }

21
lib/Settings/Section.php
View File

@@ -27,14 +27,16 @@ use OCP\IL10N;
use OCP\Settings\IIconSection; use OCP\Settings\IIconSection;
use OCP\IURLGenerator; use OCP\IURLGenerator;
class Section implements IIconSection { class Section implements IIconSection
{
/** @var IL10N */ /** @var IL10N */
private $l; private $l;
/** /**
* @param IL10N $l * @param IL10N $l
*/ */
public function __construct(IURLGenerator $url,IL10N $l) { public function __construct(IURLGenerator $url, IL10N $l)
{
$this->l = $l; $this->l = $l;
$this->url = $url; $this->url = $url;
} }
@@ -42,27 +44,32 @@ class Section implements IIconSection {
/** /**
* {@inheritdoc} * {@inheritdoc}
*/ */
public function getID() { public function getID()
return 'usersql'; {
return 'user_sql';
} }
/** /**
* {@inheritdoc} * {@inheritdoc}
*/ */
public function getName() { public function getName()
{
return $this->l->t('User SQL'); return $this->l->t('User SQL');
} }
/** /**
* {@inheritdoc} * {@inheritdoc}
*/ */
public function getPriority() { public function getPriority()
{
return 75; return 75;
} }
/** /**
* {@inheritdoc} * {@inheritdoc}
*/ */
public function getIcon() { public function getIcon()
{
return $this->url->imagePath('user_sql', 'app-dark.svg'); return $this->url->imagePath('user_sql', 'app-dark.svg');
} }
} }

57
lib/drupal.php
View File

@@ -39,7 +39,8 @@ define('HASH_LENGTH', 55);
/** /**
* Returns a string for mapping an int to the corresponding base 64 character. * Returns a string for mapping an int to the corresponding base 64 character.
*/ */
function _password_itoa64() { function _password_itoa64()
{
return './0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz'; return './0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz';
} }
@@ -54,7 +55,8 @@ function _password_itoa64() {
* @return * @return
* Encoded string * Encoded string
*/ */
function _password_base64_encode($input, $count) { function _password_base64_encode($input, $count)
{
$output = ''; $output = '';
$i = 0; $i = 0;
$itoa64 = _password_itoa64(); $itoa64 = _password_itoa64();
@@ -80,6 +82,7 @@ function _password_base64_encode($input, $count) {
return $output; return $output;
} }
/** /**
* Returns a string of highly randomized bytes (over the full 8-bit range). * Returns a string of highly randomized bytes (over the full 8-bit range).
* *
@@ -92,7 +95,8 @@ function _password_base64_encode($input, $count) {
* The number of characters (bytes) to return in the string. * The number of characters (bytes) to return in the string.
*/ */
function _random_bytes($count) { function _random_bytes($count)
{
// $random_state does not use static as it stores random bytes. // $random_state does not use static as it stores random bytes.
static $random_state, $bytes, $has_openssl; static $random_state, $bytes, $has_openssl;
@@ -102,7 +106,8 @@ function _password_base64_encode($input, $count) {
// PHP versions prior 5.3.4 experienced openssl_random_pseudo_bytes() // PHP versions prior 5.3.4 experienced openssl_random_pseudo_bytes()
// locking on Windows and rendered it unusable. // locking on Windows and rendered it unusable.
if (!isset($has_openssl)) { if (!isset($has_openssl)) {
$has_openssl = version_compare(PHP_VERSION, '5.3.4', '>=') && function_exists('openssl_random_pseudo_bytes'); $has_openssl = version_compare(PHP_VERSION, '5.3.4',
'>=') && function_exists('openssl_random_pseudo_bytes');
} }
// openssl_random_pseudo_bytes() will find entropy in a system-dependent // openssl_random_pseudo_bytes() will find entropy in a system-dependent
@@ -133,7 +138,7 @@ function _password_base64_encode($input, $count) {
// Initialize on the first call. The contents of $_SERVER includes a mix of // Initialize on the first call. The contents of $_SERVER includes a mix of
// user-specific and system information that varies a little with each page. // user-specific and system information that varies a little with each page.
if (!isset($random_state)) { if (!isset($random_state)) {
$random_state = print_r($_SERVER, TRUE); $random_state = print_r($_SERVER, true);
if (function_exists('getmypid')) { if (function_exists('getmypid')) {
// Further initialize with the somewhat random PHP process ID. // Further initialize with the somewhat random PHP process ID.
$random_state .= getmypid(); $random_state .= getmypid();
@@ -143,9 +148,8 @@ function _password_base64_encode($input, $count) {
do { do {
$random_state = hash('sha256', microtime() . mt_rand() . $random_state); $random_state = hash('sha256', microtime() . mt_rand() . $random_state);
$bytes .= hash('sha256', mt_rand() . $random_state, TRUE); $bytes .= hash('sha256', mt_rand() . $random_state, true);
} } while (strlen($bytes) < $count);
while (strlen($bytes) < $count);
} }
} }
$output = substr($bytes, 0, $count); $output = substr($bytes, 0, $count);
@@ -169,7 +173,8 @@ function _password_base64_encode($input, $count) {
* @return * @return
* A 12 character string containing the iteration count and a random salt. * A 12 character string containing the iteration count and a random salt.
*/ */
function _password_generate_salt($count_log2) { function _password_generate_salt($count_log2)
{
$output = '$S$'; $output = '$S$';
// Ensure that $count_log2 is within set bounds. // Ensure that $count_log2 is within set bounds.
$count_log2 = _password_enforce_log2_boundaries($count_log2); $count_log2 = _password_enforce_log2_boundaries($count_log2);
@@ -191,11 +196,11 @@ function _password_generate_salt($count_log2) {
* @return * @return
* Integer within set bounds that is closest to $count_log2. * Integer within set bounds that is closest to $count_log2.
*/ */
function _password_enforce_log2_boundaries($count_log2) { function _password_enforce_log2_boundaries($count_log2)
{
if ($count_log2 < MIN_HASH_COUNT) { if ($count_log2 < MIN_HASH_COUNT) {
return MIN_HASH_COUNT; return MIN_HASH_COUNT;
} } elseif ($count_log2 > MAX_HASH_COUNT) {
elseif ($count_log2 > MAX_HASH_COUNT) {
return MAX_HASH_COUNT; return MAX_HASH_COUNT;
} }
@@ -222,35 +227,36 @@ function _password_enforce_log2_boundaries($count_log2) {
* A string containing the hashed password (and salt) or FALSE on failure. * A string containing the hashed password (and salt) or FALSE on failure.
* The return string will be truncated at DRUPAL_HASH_LENGTH characters max. * The return string will be truncated at DRUPAL_HASH_LENGTH characters max.
*/ */
function _password_crypt($algo, $password, $setting) { function _password_crypt($algo, $password, $setting)
{
// Prevent DoS attacks by refusing to hash large passwords. // Prevent DoS attacks by refusing to hash large passwords.
if (strlen($password) > 512) { if (strlen($password) > 512) {
return FALSE; return false;
} }
// The first 12 characters of an existing hash are its setting string. // The first 12 characters of an existing hash are its setting string.
$setting = substr($setting, 0, 12); $setting = substr($setting, 0, 12);
if ($setting[0] != '$' || $setting[2] != '$') { if ($setting[0] != '$' || $setting[2] != '$') {
return FALSE; return false;
} }
$count_log2 = _password_get_count_log2($setting); $count_log2 = _password_get_count_log2($setting);
// Hashes may be imported from elsewhere, so we allow != DRUPAL_HASH_COUNT // Hashes may be imported from elsewhere, so we allow != DRUPAL_HASH_COUNT
if ($count_log2 < MIN_HASH_COUNT || $count_log2 > MAX_HASH_COUNT) { if ($count_log2 < MIN_HASH_COUNT || $count_log2 > MAX_HASH_COUNT) {
return FALSE; return false;
} }
$salt = substr($setting, 4, 8); $salt = substr($setting, 4, 8);
// Hashes must have an 8 character salt. // Hashes must have an 8 character salt.
if (strlen($salt) != 8) { if (strlen($salt) != 8) {
return FALSE; return false;
} }
// Convert the base 2 logarithm into an integer. // Convert the base 2 logarithm into an integer.
$count = 1 << $count_log2; $count = 1 << $count_log2;
// We rely on the hash() function being available in PHP 5.2+. // We rely on the hash() function being available in PHP 5.2+.
$hash = hash($algo, $salt . $password, TRUE); $hash = hash($algo, $salt . $password, true);
do { do {
$hash = hash($algo, $hash . $password, TRUE); $hash = hash($algo, $hash . $password, true);
} while (--$count); } while (--$count);
$len = strlen($hash); $len = strlen($hash);
@@ -258,13 +264,14 @@ function _password_crypt($algo, $password, $setting) {
// _password_base64_encode() of a 16 byte MD5 will always be 22 characters. // _password_base64_encode() of a 16 byte MD5 will always be 22 characters.
// _password_base64_encode() of a 64 byte sha512 will always be 86 characters. // _password_base64_encode() of a 64 byte sha512 will always be 86 characters.
$expected = 12 + ceil((8 * $len) / 6); $expected = 12 + ceil((8 * $len) / 6);
return (strlen($output) == $expected) ? substr($output, 0, HASH_LENGTH) : FALSE; return (strlen($output) == $expected) ? substr($output, 0, HASH_LENGTH) : false;
} }
/** /**
* Parse the log2 iteration count from a stored hash or setting string. * Parse the log2 iteration count from a stored hash or setting string.
*/ */
function _password_get_count_log2($setting) { function _password_get_count_log2($setting)
{
$itoa64 = _password_itoa64(); $itoa64 = _password_itoa64();
return strpos($itoa64, $setting[3]); return strpos($itoa64, $setting[3]);
} }
@@ -281,7 +288,8 @@ function _password_get_count_log2($setting) {
* @return * @return
* A string containing the hashed password (and a salt), or FALSE on failure. * A string containing the hashed password (and a salt), or FALSE on failure.
*/ */
function user_hash_password($password, $count_log2 = 0) { function user_hash_password($password, $count_log2 = 0)
{
if (empty($count_log2)) { if (empty($count_log2)) {
// Use the standard iteration count. // Use the standard iteration count.
$count_log2 = variable_get('password_count_log2', DRUPAL_HASH_COUNT); $count_log2 = variable_get('password_count_log2', DRUPAL_HASH_COUNT);
@@ -299,7 +307,8 @@ function user_hash_password($password, $count_log2 = 0) {
* @return * @return
* TRUE or FALSE. * TRUE or FALSE.
*/ */
function user_check_password($password, $hashpass) { function user_check_password($password, $hashpass)
{
$stored_hash = $hashpass; $stored_hash = $hashpass;
$type = substr($stored_hash, 0, 3); $type = substr($stored_hash, 0, 3);
switch ($type) { switch ($type) {
@@ -315,7 +324,7 @@ function user_check_password($password, $hashpass) {
$hash = _password_crypt('md5', $password, $stored_hash); $hash = _password_crypt('md5', $password, $stored_hash);
break; break;
default: default:
return FALSE; return false;
} }
return ($hash && $stored_hash == $hash); return ($hash && $stored_hash == $hash);
} }

42
lib/group_sql.php
View File

@@ -2,7 +2,6 @@
namespace OCA\user_sql; namespace OCA\user_sql;
use \OCA\user_sql\lib\Helper;
use OCP\Util; use OCP\Util;
class OC_GROUP_SQL extends \OC_Group_Backend implements \OCP\GroupInterface class OC_GROUP_SQL extends \OC_Group_Backend implements \OCP\GroupInterface
@@ -19,78 +18,71 @@ class OC_GROUP_SQL extends \OC_Group_Backend implements \OCP\GroupInterface
return false; return false;
} }
public function getUserGroups($uid) { public function getUserGroups($uid)
if(empty($this -> settings['sql_group_table']))
{ {
if (empty($this->settings['sql_group_table'])) {
Util::writeLog('OC_USER_SQL', "Group table not configured", Util::DEBUG); Util::writeLog('OC_USER_SQL', "Group table not configured", Util::DEBUG);
return []; return [];
} }
$rows = $this->helper->runQuery('getUserGroups', array('uid' => $uid), false, true); $rows = $this->helper->runQuery('getUserGroups', array('uid' => $uid), false, true);
if($rows === false) if ($rows === false) {
{
Util::writeLog('OC_USER_SQL', "Found no group", Util::DEBUG); Util::writeLog('OC_USER_SQL', "Found no group", Util::DEBUG);
return []; return [];
} }
$groups = array(); $groups = array();
foreach($rows as $row) foreach ($rows as $row) {
{
$groups[] = $row[$this->settings['col_group_name']]; $groups[] = $row[$this->settings['col_group_name']];
} }
return $groups; return $groups;
} }
public function getGroups($search = '', $limit = null, $offset = null) { public function getGroups($search = '', $limit = null, $offset = null)
if(empty($this -> settings['sql_group_table']))
{ {
if (empty($this->settings['sql_group_table'])) {
return []; return [];
} }
$search = "%" . $search . "%"; $search = "%" . $search . "%";
$rows = $this -> helper -> runQuery('getGroups', array('search' => $search), false, true, array('limit' => $limit, 'offset' => $offset)); $rows = $this->helper->runQuery('getGroups', array('search' => $search), false, true,
if($rows === false) array('limit' => $limit, 'offset' => $offset));
{ if ($rows === false) {
return []; return [];
} }
$groups = array(); $groups = array();
foreach($rows as $row) foreach ($rows as $row) {
{
$groups[] = $row[$this->settings['col_group_name']]; $groups[] = $row[$this->settings['col_group_name']];
} }
return $groups; return $groups;
} }
public function usersInGroup($gid, $search = '', $limit = null, $offset = null) { public function usersInGroup($gid, $search = '', $limit = null, $offset = null)
if(empty($this -> settings['sql_group_table']))
{ {
if (empty($this->settings['sql_group_table'])) {
Util::writeLog('OC_USER_SQL', "Group table not configured", Util::DEBUG); Util::writeLog('OC_USER_SQL', "Group table not configured", Util::DEBUG);
return []; return [];
} }
$rows = $this->helper->runQuery('getGroupUsers', array('gid' => $gid), false, true); $rows = $this->helper->runQuery('getGroupUsers', array('gid' => $gid), false, true);
if($rows === false) if ($rows === false) {
{
Util::writeLog('OC_USER_SQL', "Found no users for group", Util::DEBUG); Util::writeLog('OC_USER_SQL', "Found no users for group", Util::DEBUG);
return []; return [];
} }
$users = array(); $users = array();
foreach($rows as $row) foreach ($rows as $row) {
{
$users[] = $row[$this->settings['col_group_username']]; $users[] = $row[$this->settings['col_group_username']];
} }
return $users; return $users;
} }
public function countUsersInGroup($gid, $search = '') { public function countUsersInGroup($gid, $search = '')
if(empty($this -> settings['sql_group_table']))
{ {
if (empty($this->settings['sql_group_table'])) {
return 0; return 0;
} }
$search = "%" . $search . "%"; $search = "%" . $search . "%";
$count = $this->helper->runQuery('countUsersInGroup', array('gid' => $gid, 'search' => $search)); $count = $this->helper->runQuery('countUsersInGroup', array('gid' => $gid, 'search' => $search));
if($count === false) if ($count === false) {
{
return 0; return 0;
} else { } else {
return intval(reset($count)); return intval(reset($count));
} }
} }
} }
?>

94
lib/helper.php
View File

@@ -1,7 +1,7 @@
<?php <?php
/** /**
* nextCloud - user_sql * Nextcloud - user_sql
* *
* @author Andreas Böhler and contributors * @author Andreas Böhler and contributors
* @copyright 2012-2015 Andreas Böhler <dev (at) aboehler (dot) at> * @copyright 2012-2015 Andreas Böhler <dev (at) aboehler (dot) at>
@@ -22,10 +22,12 @@
*/ */
namespace OCA\user_sql\lib; namespace OCA\user_sql\lib;
use OCP\IConfig; use OCP\IConfig;
use OCP\Util; use OCP\Util;
class Helper { class Helper
{
protected $db; protected $db;
protected $db_conn; protected $db_conn;
@@ -86,13 +88,11 @@ class Helper {
Util::writeLog('OC_USER_SQL', "Trying to load settings for domain: " . $domain, Util::DEBUG); Util::writeLog('OC_USER_SQL', "Trying to load settings for domain: " . $domain, Util::DEBUG);
$settings = array(); $settings = array();
$sql_host = \OC::$server->getConfig()->getAppValue('user_sql', 'sql_hostname_' . $domain, ''); $sql_host = \OC::$server->getConfig()->getAppValue('user_sql', 'sql_hostname_' . $domain, '');
if($sql_host === '') if ($sql_host === '') {
{
$domain = 'default'; $domain = 'default';
} }
$params = $this->getParameterArray(); $params = $this->getParameterArray();
foreach($params as $param) foreach ($params as $param) {
{
$settings[$param] = \OC::$server->getConfig()->getAppValue('user_sql', $param . '_' . $domain, ''); $settings[$param] = \OC::$server->getConfig()->getAppValue('user_sql', $param . '_' . $domain, '');
} }
Util::writeLog('OC_USER_SQL', "Loaded settings for domain: " . $domain, Util::DEBUG); Util::writeLog('OC_USER_SQL', "Loaded settings for domain: " . $domain, Util::DEBUG);
@@ -111,11 +111,11 @@ class Helper {
public function runQuery($type, $params, $execOnly = false, $fetchArray = false, $limits = array()) public function runQuery($type, $params, $execOnly = false, $fetchArray = false, $limits = array())
{ {
Util::writeLog('OC_USER_SQL', "Entering runQuery for type: " . $type, Util::DEBUG); Util::writeLog('OC_USER_SQL', "Entering runQuery for type: " . $type, Util::DEBUG);
if(!$this -> db_conn) if (!$this->db_conn) {
return false; return false;
}
switch($type) switch ($type) {
{
case 'getHome': case 'getHome':
$query = "SELECT " . $this->settings['col_gethome'] . " FROM " . $this->settings['sql_table'] . " WHERE " . $this->settings['col_username'] . " = :uid"; $query = "SELECT " . $this->settings['col_gethome'] . " FROM " . $this->settings['sql_table'] . " WHERE " . $this->settings['col_username'] . " = :uid";
break; break;
@@ -129,8 +129,9 @@ class Helper {
case 'getPass': case 'getPass':
$query = "SELECT " . $this->settings['col_password'] . " FROM " . $this->settings['sql_table'] . " WHERE " . $this->settings['col_username'] . " = :uid"; $query = "SELECT " . $this->settings['col_password'] . " FROM " . $this->settings['sql_table'] . " WHERE " . $this->settings['col_username'] . " = :uid";
if($this -> settings['col_active'] !== '') if ($this->settings['col_active'] !== '') {
$query .= " AND " . ($this->settings['set_active_invert'] === 'true' ? "NOT " : "") . $this->settings['col_active']; $query .= " AND " . ($this->settings['set_active_invert'] === 'true' ? "NOT " : "") . $this->settings['col_active'];
}
break; break;
case 'setPass': case 'setPass':
@@ -143,28 +144,32 @@ class Helper {
case 'countUsers': case 'countUsers':
$query = "SELECT COUNT(*) FROM " . $this->settings['sql_table'] . " WHERE " . $this->settings['col_username'] . " LIKE :search"; $query = "SELECT COUNT(*) FROM " . $this->settings['sql_table'] . " WHERE " . $this->settings['col_username'] . " LIKE :search";
if($this -> settings['col_active'] !== '') if ($this->settings['col_active'] !== '') {
$query .= " AND " . ($this->settings['set_active_invert'] === 'true' ? "NOT " : "") . $this->settings['col_active']; $query .= " AND " . ($this->settings['set_active_invert'] === 'true' ? "NOT " : "") . $this->settings['col_active'];
}
break; break;
case 'getUsers': case 'getUsers':
$query = "SELECT " . $this->settings['col_username'] . " FROM " . $this->settings['sql_table']; $query = "SELECT " . $this->settings['col_username'] . " FROM " . $this->settings['sql_table'];
$query .= " WHERE " . $this->settings['col_username'] . " LIKE :search"; $query .= " WHERE " . $this->settings['col_username'] . " LIKE :search";
if($this -> settings['col_active'] !== '') if ($this->settings['col_active'] !== '') {
$query .= " AND " . ($this->settings['set_active_invert'] === 'true' ? "NOT " : "") . $this->settings['col_active']; $query .= " AND " . ($this->settings['set_active_invert'] === 'true' ? "NOT " : "") . $this->settings['col_active'];
}
$query .= " ORDER BY " . $this->settings['col_username']; $query .= " ORDER BY " . $this->settings['col_username'];
break; break;
case 'userExists': case 'userExists':
$query = "SELECT " . $this->settings['col_username'] . " FROM " . $this->settings['sql_table'] . " WHERE " . $this->settings['col_username'] . " = :uid"; $query = "SELECT " . $this->settings['col_username'] . " FROM " . $this->settings['sql_table'] . " WHERE " . $this->settings['col_username'] . " = :uid";
if($this -> settings['col_active'] !== '') if ($this->settings['col_active'] !== '') {
$query .= " AND " . ($this->settings['set_active_invert'] === 'true' ? "NOT " : "") . $this->settings['col_active']; $query .= " AND " . ($this->settings['set_active_invert'] === 'true' ? "NOT " : "") . $this->settings['col_active'];
}
break; break;
case 'getDisplayName': case 'getDisplayName':
$query = "SELECT " . $this->settings['col_displayname'] . " FROM " . $this->settings['sql_table'] . " WHERE " . $this->settings['col_username'] . " = :uid"; $query = "SELECT " . $this->settings['col_displayname'] . " FROM " . $this->settings['sql_table'] . " WHERE " . $this->settings['col_username'] . " = :uid";
if($this -> settings['col_active'] !== '') if ($this->settings['col_active'] !== '') {
$query .= " AND " . ($this->settings['set_active_invert'] === 'true' ? "NOT " : "") . $this->settings['col_active']; $query .= " AND " . ($this->settings['set_active_invert'] === 'true' ? "NOT " : "") . $this->settings['col_active'];
}
break; break;
case 'mysqlEncryptSalt': case 'mysqlEncryptSalt':
@@ -196,50 +201,45 @@ class Helper {
break; break;
} }
if(isset($limits['limit']) && $limits['limit'] !== null) if (isset($limits['limit']) && $limits['limit'] !== null) {
{
$limit = intval($limits['limit']); $limit = intval($limits['limit']);
$query .= " LIMIT " . $limit; $query .= " LIMIT " . $limit;
} }
if(isset($limits['offset']) && $limits['offset'] !== null) if (isset($limits['offset']) && $limits['offset'] !== null) {
{
$offset = intval($limits['offset']); $offset = intval($limits['offset']);
$query .= " OFFSET " . $offset; $query .= " OFFSET " . $offset;
} }
Util::writeLog('OC_USER_SQL', "Preparing query: $query", Util::DEBUG); Util::writeLog('OC_USER_SQL', "Preparing query: $query", Util::DEBUG);
$result = $this->db->prepare($query); $result = $this->db->prepare($query);
foreach($params as $param => $value) foreach ($params as $param => $value) {
{
$result->bindValue(":" . $param, $value); $result->bindValue(":" . $param, $value);
} }
Util::writeLog('OC_USER_SQL', "Executing query...", Util::DEBUG); Util::writeLog('OC_USER_SQL', "Executing query...", Util::DEBUG);
if(!$result -> execute()) if (!$result->execute()) {
{
$err = $result->errorInfo(); $err = $result->errorInfo();
Util::writeLog('OC_USER_SQL', "Query failed: " . $err[2], Util::DEBUG); Util::writeLog('OC_USER_SQL', "Query failed: " . $err[2], Util::DEBUG);
return false; return false;
} }
if($execOnly === true) if ($execOnly === true) {
{
return true; return true;
} }
Util::writeLog('OC_USER_SQL', "Fetching result...", Util::DEBUG); Util::writeLog('OC_USER_SQL', "Fetching result...", Util::DEBUG);
if($fetchArray === true) if ($fetchArray === true) {
$row = $result->fetchAll(); $row = $result->fetchAll();
else } else {
$row = $result->fetch(); $row = $result->fetch();
}
if(!$row) if (!$row) {
{
return false; return false;
} }
return $row; return $row;
} }
/** /**
* Connect to the database using ownCloud's DBAL * Connect to the database using Nextcloud's DBAL
* @param array $settings The settings for the connection * @param array $settings The settings for the connection
* @return bool * @return bool
*/ */
@@ -247,21 +247,19 @@ class Helper {
{ {
$this->settings = $settings; $this->settings = $settings;
$cm = new \OC\DB\ConnectionFactory(\OC::$server->getSystemConfig()); $cm = new \OC\DB\ConnectionFactory(\OC::$server->getSystemConfig());
$parameters = array('host' => $this -> settings['sql_hostname'], $parameters = array(
'host' => $this->settings['sql_hostname'],
'password' => $this->settings['sql_password'], 'password' => $this->settings['sql_password'],
'user' => $this->settings['sql_username'], 'user' => $this->settings['sql_username'],
'dbname' => $this->settings['sql_database'], 'dbname' => $this->settings['sql_database'],
'tablePrefix' => '' 'tablePrefix' => ''
); );
try try {
{
$this->db = $cm->getConnection($this->settings['sql_driver'], $parameters); $this->db = $cm->getConnection($this->settings['sql_driver'], $parameters);
$this->db->query("SET NAMES 'UTF8'"); $this->db->query("SET NAMES 'UTF8'");
$this->db_conn = true; $this->db_conn = true;
return true; return true;
} } catch (\Exception $e) {
catch (\Exception $e)
{
Util::writeLog('OC_USER_SQL', 'Failed to connect to the database: ' . $e->getMessage(), Util::ERROR); Util::writeLog('OC_USER_SQL', 'Failed to connect to the database: ' . $e->getMessage(), Util::ERROR);
$this->db_conn = false; $this->db_conn = false;
return false; return false;
@@ -275,25 +273,25 @@ class Helper {
* @param string $table The table name to check * @param string $table The table name to check
* @param array $cols The columns to check * @param array $cols The columns to check
* @param array True if found, otherwise false * @param array True if found, otherwise false
* @return bool|string
*/ */
public function verifyColumns($parameters, $sql_driver, $table, $cols) public function verifyColumns($parameters, $sql_driver, $table, $cols)
{ {
$columns = $this->getColumns($parameters, $sql_driver, $table); $columns = $this->getColumns($parameters, $sql_driver, $table);
$res = true; $res = true;
$err = ''; $err = '';
foreach($cols as $col) foreach ($cols as $col) {
{ if (!in_array($col, $columns, true)) {
if(!in_array($col, $columns, true))
{
$res = false; $res = false;
$err .= $col . ' '; $err .= $col . ' ';
} }
} }
if($res) if ($res) {
return true; return true;
else } else {
return $err; return $err;
} }
}
/** /**
* Check if a given table exists * Check if a given table exists
@@ -301,6 +299,7 @@ class Helper {
* @param string $sql_driver The SQL driver to use * @param string $sql_driver The SQL driver to use
* @param string $table The table name to check * @param string $table The table name to check
* @param array True if found, otherwise false * @param array True if found, otherwise false
* @return bool
*/ */
public function verifyTable($parameters, $sql_driver, $table) public function verifyTable($parameters, $sql_driver, $table)
{ {
@@ -339,9 +338,7 @@ class Helper {
$ret[] = $name; $ret[] = $name;
} }
return $ret; return $ret;
} } catch (\Exception $e) {
catch(\Exception $e)
{
return array(); return array();
} }
} }
@@ -409,8 +406,7 @@ class Helper {
$query = $platform->getListTableColumnsSQL($table); $query = $platform->getListTableColumnsSQL($table);
$result = $conn->executeQuery($query); $result = $conn->executeQuery($query);
$ret = array(); $ret = array();
while($row = $result -> fetch()) while ($row = $result->fetch()) {
{
switch ($sql_driver) { switch ($sql_driver) {
case 'mysql': case 'mysql':
$name = $row['Field']; $name = $row['Field'];
@@ -424,12 +420,8 @@ class Helper {
$ret[] = $name; $ret[] = $name;
} }
return $ret; return $ret;
} } catch (\Exception $e) {
catch(\Exception $e)
{
return array(); return array();
} }
} }
} }

376
lib/user_sql.php
View File

@@ -1,7 +1,7 @@
<?php <?php
/** /**
* nextCloud - user_sql * Nextcloud - user_sql
* *
* @author Andreas Böhler and contributors * @author Andreas Böhler and contributors
* @copyright 2012-2015 Andreas Böhler <dev (at) aboehler (dot) at> * @copyright 2012-2015 Andreas Böhler <dev (at) aboehler (dot) at>
@@ -28,23 +28,24 @@
*/ */
namespace OCA\user_sql; namespace OCA\user_sql;
use OC\User\Backend; use OC\User\Backend;
use \OCA\user_sql\lib\Helper;
use OCP\IConfig; use OCP\IConfig;
use OCP\IUser; use OCP\IUser;
use OCP\IUserSession; use OCP\IUserSession;
use OCP\Notification\IManager as INotificationManager;
use OCP\Util; use OCP\Util;
abstract class BackendUtility { abstract class BackendUtility
{
protected $access; protected $access;
/** /**
* constructor, make sure the subclasses call this one! * constructor, make sure the subclasses call this one!
* @param Access $access an instance of Access for LDAP interaction * @param Access $access an instance of Access for LDAP interaction
*/ */
public function __construct(Access $access) { public function __construct(Access $access)
{
$this->access = $access; $this->access = $access;
} }
} }
@@ -66,8 +67,7 @@ class OC_USER_SQL extends BackendUtility implements \OCP\IUserBackend,
public function __construct() public function __construct()
{ {
$memcache = \OC::$server->getMemCacheFactory(); $memcache = \OC::$server->getMemCacheFactory();
if ( $memcache -> isAvailable()) if ($memcache->isAvailable()) {
{
$this->cache = $memcache->create(); $this->cache = $memcache->create();
} }
$this->helper = new \OCA\user_sql\lib\Helper(); $this->helper = new \OCA\user_sql\lib\Helper();
@@ -80,12 +80,12 @@ class OC_USER_SQL extends BackendUtility implements \OCP\IUserBackend,
} }
/** /**
* Sync the user's E-Mail address with the address stored by ownCloud. * Sync the user's E-Mail address with the address stored by Nextcloud.
* We have three (four) sync modes: * We have three (four) sync modes:
* - none: Does nothing * - none: Does nothing
* - initial: Do the sync only once from SQL -> ownCloud * - initial: Do the sync only once from SQL -> Nextcloud
* - forcesql: The SQL database always wins and sync to ownCloud * - forcesql: The SQL database always wins and sync to Nextcloud
* - forceoc: ownCloud always wins and syncs to SQL * - forceoc: Nextcloud always wins and syncs to SQL
* *
* @param string $uid The user's ID to sync * @param string $uid The user's ID to sync
* @return bool Success or Fail * @return bool Success or Fail
@@ -94,18 +94,19 @@ class OC_USER_SQL extends BackendUtility implements \OCP\IUserBackend,
{ {
Util::writeLog('OC_USER_SQL', "Entering doEmailSync for UID: $uid", Util::writeLog('OC_USER_SQL', "Entering doEmailSync for UID: $uid",
Util::DEBUG); Util::DEBUG);
if($this -> settings['col_email'] === '') if ($this->settings['col_email'] === '') {
return false; return false;
}
if($this -> settings['set_mail_sync_mode'] === 'none') if ($this->settings['set_mail_sync_mode'] === 'none') {
return false; return false;
}
$ocUid = $uid; $ocUid = $uid;
$uid = $this->doUserDomainMapping($uid); $uid = $this->doUserDomainMapping($uid);
$row = $this->helper->runQuery('getMail', array('uid' => $uid)); $row = $this->helper->runQuery('getMail', array('uid' => $uid));
if($row === false) if ($row === false) {
{
return false; return false;
} }
$newMail = $row[$this->settings['col_email']]; $newMail = $row[$this->settings['col_email']];
@@ -114,14 +115,14 @@ class OC_USER_SQL extends BackendUtility implements \OCP\IUserBackend,
'settings', 'settings',
'email', ''); 'email', '');
switch($this -> settings['set_mail_sync_mode']) switch ($this->settings['set_mail_sync_mode']) {
{
case 'initial': case 'initial':
if($currMail === '') if ($currMail === '') {
$this->ocConfig->setUserValue($ocUid, $this->ocConfig->setUserValue($ocUid,
'settings', 'settings',
'email', 'email',
$newMail); $newMail);
}
break; break;
case 'forcesql': case 'forcesql':
//if($currMail !== $newMail) //if($currMail !== $newMail)
@@ -131,15 +132,15 @@ class OC_USER_SQL extends BackendUtility implements \OCP\IUserBackend,
$newMail); $newMail);
break; break;
case 'forceoc': case 'forceoc':
if(($currMail !== '') && ($currMail !== $newMail)) if (($currMail !== '') && ($currMail !== $newMail)) {
{
$row = $this->helper->runQuery('setMail', $row = $this->helper->runQuery('setMail',
array('uid' => $uid, array(
'currMail' => $currMail) 'uid' => $uid,
'currMail' => $currMail
)
, true); , true);
if($row === false) if ($row === false) {
{
Util::writeLog('OC_USER_SQL', Util::writeLog('OC_USER_SQL',
"Could not update E-Mail address in SQL database!", "Could not update E-Mail address in SQL database!",
Util::ERROR); Util::ERROR);
@@ -162,12 +163,10 @@ class OC_USER_SQL extends BackendUtility implements \OCP\IUserBackend,
{ {
$uid = trim($uid); $uid = trim($uid);
if($this -> settings['set_default_domain'] !== '') if ($this->settings['set_default_domain'] !== '') {
{
Util::writeLog('OC_USER_SQL', "Append default domain: " . Util::writeLog('OC_USER_SQL', "Append default domain: " .
$this->settings['set_default_domain'], Util::DEBUG); $this->settings['set_default_domain'], Util::DEBUG);
if(strpos($uid, '@') === false) if (strpos($uid, '@') === false) {
{
$uid .= "@" . $this->settings['set_default_domain']; $uid .= "@" . $this->settings['set_default_domain'];
} }
} }
@@ -214,22 +213,21 @@ class OC_USER_SQL extends BackendUtility implements \OCP\IUserBackend,
Util::writeLog('OC_USER_SQL', "Entering getHome for UID: $uid", Util::writeLog('OC_USER_SQL', "Entering getHome for UID: $uid",
Util::DEBUG); Util::DEBUG);
if($this -> settings['set_enable_gethome'] !== 'true') if ($this->settings['set_enable_gethome'] !== 'true') {
return false; return false;
}
$uidMapped = $this->doUserDomainMapping($uid); $uidMapped = $this->doUserDomainMapping($uid);
$home = false; $home = false;
switch($this->settings['set_gethome_mode']) switch ($this->settings['set_gethome_mode']) {
{
case 'query': case 'query':
Util::writeLog('OC_USER_SQL', Util::writeLog('OC_USER_SQL',
"getHome with Query selected, running Query...", "getHome with Query selected, running Query...",
Util::DEBUG); Util::DEBUG);
$row = $this->helper->runQuery('getHome', $row = $this->helper->runQuery('getHome',
array('uid' => $uidMapped)); array('uid' => $uidMapped));
if($row === false) if ($row === false) {
{
Util::writeLog('OC_USER_SQL', Util::writeLog('OC_USER_SQL',
"Got no row, return false", "Got no row, return false",
Util::DEBUG); Util::DEBUG);
@@ -297,54 +295,45 @@ class OC_USER_SQL extends BackendUtility implements \OCP\IUserBackend,
Util::writeLog('OC_USER_SQL', "Entering setPassword for UID: $uid", Util::writeLog('OC_USER_SQL', "Entering setPassword for UID: $uid",
Util::DEBUG); Util::DEBUG);
if($this -> settings['set_allow_pwchange'] !== 'true') if ($this->settings['set_allow_pwchange'] !== 'true') {
return false; return false;
}
$uid = $this->doUserDomainMapping($uid); $uid = $this->doUserDomainMapping($uid);
$row = $this->helper->runQuery('getPass', array('uid' => $uid)); $row = $this->helper->runQuery('getPass', array('uid' => $uid));
if($row === false) if ($row === false) {
{
return false; return false;
} }
$old_password = $row[$this->settings['col_password']]; $old_password = $row[$this->settings['col_password']];
// Added and disabled updating passwords for Drupal 7 WD 2018-01-04 // Added and disabled updating passwords for Drupal 7 WD 2018-01-04
if($this -> settings['set_crypt_type'] === 'drupal') if ($this->settings['set_crypt_type'] === 'drupal') {
{
return false; return false;
} } elseif ($this->settings['set_crypt_type'] === 'joomla2') {
elseif($this -> settings['set_crypt_type'] === 'joomla2') if (!class_exists('\PasswordHash')) {
{
if(!class_exists('\PasswordHash'))
require_once('PasswordHash.php'); require_once('PasswordHash.php');
}
$hasher = new \PasswordHash(10, true); $hasher = new \PasswordHash(10, true);
$enc_password = $hasher->HashPassword($password); $enc_password = $hasher->HashPassword($password);
} }
// Redmine stores the salt separatedly, this doesn't play nice with // Redmine stores the salt separatedly, this doesn't play nice with
// the way we check passwords // the way we check passwords
elseif($this -> settings['set_crypt_type'] === 'redmine') elseif ($this->settings['set_crypt_type'] === 'redmine') {
{
$salt = $this->helper->runQuery('getRedmineSalt', $salt = $this->helper->runQuery('getRedmineSalt',
array('uid' => $uid)); array('uid' => $uid));
if(!$salt) if (!$salt) {
return false; return false;
}
$enc_password = sha1($salt['salt'] . sha1($password)); $enc_password = sha1($salt['salt'] . sha1($password));
} } elseif ($this->settings['set_crypt_type'] === 'sha1') {
elseif($this -> settings['set_crypt_type'] === 'sha1')
{
$enc_password = sha1($password); $enc_password = sha1($password);
} } elseif ($this->settings['set_crypt_type'] === 'system') {
elseif($this -> settings['set_crypt_type'] === 'system')
{
$prefix = substr($old_password, 0, 2); $prefix = substr($old_password, 0, 2);
if ($prefix==="$2") if ($prefix === "$2") {
{
$enc_password = $this->pw_hash($password); $enc_password = $this->pw_hash($password);
} } else {
else
{
if (($prefix === "$1") or ($prefix[0] != "$")) //old md5 or DES if (($prefix === "$1") or ($prefix[0] != "$")) //old md5 or DES
{ {
//Update encryption algorithm //Update encryption algorithm
@@ -355,36 +344,23 @@ class OC_USER_SQL extends BackendUtility implements \OCP\IUserBackend,
$enc_password = crypt($password, $prefix . "$" . $newsalt); $enc_password = crypt($password, $prefix . "$" . $newsalt);
} }
} } elseif ($this->settings['set_crypt_type'] === 'password_hash') {
elseif($this -> settings['set_crypt_type'] === 'password_hash')
{
$enc_password = $this->pw_hash($password); $enc_password = $this->pw_hash($password);
} } elseif ($this->settings['set_crypt_type'] === 'courier_md5') {
elseif($this -> settings['set_crypt_type'] === 'courier_md5')
{
$enc_password = '{MD5}' . OC_USER_SQL::hex_to_base64(md5($password)); $enc_password = '{MD5}' . OC_USER_SQL::hex_to_base64(md5($password));
} } elseif ($this->settings['set_crypt_type'] === 'courier_md5raw') {
elseif($this -> settings['set_crypt_type'] === 'courier_md5raw')
{
$enc_password = '{MD5RAW}' . md5($password); $enc_password = '{MD5RAW}' . md5($password);
} } elseif ($this->settings['set_crypt_type'] === 'courier_sha1') {
elseif($this -> settings['set_crypt_type'] === 'courier_sha1')
{
$enc_password = '{SHA}' . OC_USER_SQL::hex_to_base64(sha1($password)); $enc_password = '{SHA}' . OC_USER_SQL::hex_to_base64(sha1($password));
} } elseif ($this->settings['set_crypt_type'] === 'courier_sha256') {
elseif($this -> settings['set_crypt_type'] === 'courier_sha256')
{
$enc_password = '{SHA256}' . OC_USER_SQL::hex_to_base64(hash('sha256', $password, false)); $enc_password = '{SHA256}' . OC_USER_SQL::hex_to_base64(hash('sha256', $password, false));
} } else {
else
{
$enc_password = $this->pacrypt($password, $old_password); $enc_password = $this->pacrypt($password, $old_password);
} }
$res = $this->helper->runQuery('setPass', $res = $this->helper->runQuery('setPass',
array('uid' => $uid, 'enc_password' => $enc_password), array('uid' => $uid, 'enc_password' => $enc_password),
true); true);
if($res === false) if ($res === false) {
{
Util::writeLog('OC_USER_SQL', "Could not update password!", Util::writeLog('OC_USER_SQL', "Could not update password!",
Util::ERROR); Util::ERROR);
return false; return false;
@@ -412,8 +388,7 @@ class OC_USER_SQL extends BackendUtility implements \OCP\IUserBackend,
$uid = $this->doUserDomainMapping($uid); $uid = $this->doUserDomainMapping($uid);
$row = $this->helper->runQuery('getPass', array('uid' => $uid)); $row = $this->helper->runQuery('getPass', array('uid' => $uid));
if($row === false) if ($row === false) {
{
Util::writeLog('OC_USER_SQL', "Got no row, return false", Util::DEBUG); Util::writeLog('OC_USER_SQL', "Got no row, return false", Util::DEBUG);
return false; return false;
} }
@@ -422,75 +397,57 @@ class OC_USER_SQL extends BackendUtility implements \OCP\IUserBackend,
Util::writeLog('OC_USER_SQL', "Encrypting and checking password", Util::writeLog('OC_USER_SQL', "Encrypting and checking password",
Util::DEBUG); Util::DEBUG);
// Added handling for Drupal 7 passwords WD 2018-01-04 // Added handling for Drupal 7 passwords WD 2018-01-04
if($this -> settings['set_crypt_type'] === 'drupal') if ($this->settings['set_crypt_type'] === 'drupal') {
{ if (!function_exists('user_check_password')) {
if(!function_exists('user_check_password'))
require_once('drupal.php'); require_once('drupal.php');
}
$ret = user_check_password($password, $db_pass); $ret = user_check_password($password, $db_pass);
} }
// Joomla 2.5.18 switched to phPass, which doesn't play nice with the // Joomla 2.5.18 switched to phPass, which doesn't play nice with the
// way we check passwords // way we check passwords
elseif($this -> settings['set_crypt_type'] === 'joomla2') elseif ($this->settings['set_crypt_type'] === 'joomla2') {
{ if (!class_exists('\PasswordHash')) {
if(!class_exists('\PasswordHash'))
require_once('PasswordHash.php'); require_once('PasswordHash.php');
}
$hasher = new \PasswordHash(10, true); $hasher = new \PasswordHash(10, true);
$ret = $hasher->CheckPassword($password, $db_pass); $ret = $hasher->CheckPassword($password, $db_pass);
} } elseif ($this->settings['set_crypt_type'] === 'password_hash') {
elseif($this -> settings['set_crypt_type'] === 'password_hash')
{
$ret = password_verify($password, $db_pass); $ret = password_verify($password, $db_pass);
} }
// Redmine stores the salt separatedly, this doesn't play nice with the // Redmine stores the salt separatedly, this doesn't play nice with the
// way we check passwords // way we check passwords
elseif($this -> settings['set_crypt_type'] === 'redmine') elseif ($this->settings['set_crypt_type'] === 'redmine') {
{
$salt = $this->helper->runQuery('getRedmineSalt', $salt = $this->helper->runQuery('getRedmineSalt',
array('uid' => $uid)); array('uid' => $uid));
if(!$salt) if (!$salt) {
return false; return false;
}
$ret = sha1($salt['salt'] . sha1($password)) === $db_pass; $ret = sha1($salt['salt'] . sha1($password)) === $db_pass;
} } elseif ($this->settings['set_crypt_type'] == 'sha1') {
elseif($this -> settings['set_crypt_type'] == 'sha1')
{
$ret = $this->hash_equals(sha1($password), $db_pass); $ret = $this->hash_equals(sha1($password), $db_pass);
} } elseif ($this->settings['set_crypt_type'] === 'courier_md5') {
elseif($this -> settings['set_crypt_type'] === 'courier_md5')
{
$ret = '{MD5}' . OC_USER_SQL::hex_to_base64(md5($password)) === $db_pass; $ret = '{MD5}' . OC_USER_SQL::hex_to_base64(md5($password)) === $db_pass;
} } elseif ($this->settings['set_crypt_type'] === 'courier_md5raw') {
elseif($this -> settings['set_crypt_type'] === 'courier_md5raw')
{
$ret = '{MD5RAW}' . md5($password) === $db_pass; $ret = '{MD5RAW}' . md5($password) === $db_pass;
} } elseif ($this->settings['set_crypt_type'] === 'courier_sha1') {
elseif($this -> settings['set_crypt_type'] === 'courier_sha1')
{
$ret = '{SHA}' . OC_USER_SQL::hex_to_base64(sha1($password)) === $db_pass; $ret = '{SHA}' . OC_USER_SQL::hex_to_base64(sha1($password)) === $db_pass;
} } elseif ($this->settings['set_crypt_type'] === 'courier_sha256') {
elseif($this -> settings['set_crypt_type'] === 'courier_sha256')
{
$ret = '{SHA256}' . OC_USER_SQL::hex_to_base64(hash('sha256', $password, false)) === $db_pass; $ret = '{SHA256}' . OC_USER_SQL::hex_to_base64(hash('sha256', $password, false)) === $db_pass;
} else } else {
{
// $ret = $this -> pacrypt($password, $db_pass) === $db_pass; // $ret = $this -> pacrypt($password, $db_pass) === $db_pass;
$ret = $this->hash_equals($this->pacrypt($password, $db_pass), $ret = $this->hash_equals($this->pacrypt($password, $db_pass),
$db_pass); $db_pass);
} }
if($ret) if ($ret) {
{
Util::writeLog('OC_USER_SQL', Util::writeLog('OC_USER_SQL',
"Passwords matching, return true", "Passwords matching, return true",
Util::DEBUG); Util::DEBUG);
if($this -> settings['set_strip_domain'] === 'true') if ($this->settings['set_strip_domain'] === 'true') {
{
$uid = explode("@", $uid); $uid = explode("@", $uid);
$uid = $uid[0]; $uid = $uid[0];
} }
return $uid; return $uid;
} else } else {
{
Util::writeLog('OC_USER_SQL', Util::writeLog('OC_USER_SQL',
"Passwords do not match, return false", "Passwords do not match, return false",
Util::DEBUG); Util::DEBUG);
@@ -510,11 +467,9 @@ class OC_USER_SQL extends BackendUtility implements \OCP\IUserBackend,
$search = "%" . $this->doUserDomainMapping(""); $search = "%" . $this->doUserDomainMapping("");
$userCount = $this->helper->runQuery('countUsers', $userCount = $this->helper->runQuery('countUsers',
array('search' => $search)); array('search' => $search));
if($userCount === false) if ($userCount === false) {
{
$userCount = 0; $userCount = 0;
} } else {
else {
$userCount = reset($userCount); $userCount = reset($userCount);
} }
@@ -537,12 +492,9 @@ class OC_USER_SQL extends BackendUtility implements \OCP\IUserBackend,
"Limit: $limit, Offset: $offset", Util::DEBUG); "Limit: $limit, Offset: $offset", Util::DEBUG);
$users = array(); $users = array();
if($search !== '') if ($search !== '') {
{
$search = "%" . $this->doUserDomainMapping($search . "%") . "%"; $search = "%" . $this->doUserDomainMapping($search . "%") . "%";
} } else {
else
{
$search = "%" . $this->doUserDomainMapping("") . "%"; $search = "%" . $this->doUserDomainMapping("") . "%";
} }
@@ -550,16 +502,17 @@ class OC_USER_SQL extends BackendUtility implements \OCP\IUserBackend,
array('search' => $search), array('search' => $search),
false, false,
true, true,
array('limit' => $limit, array(
'offset' => $offset)); 'limit' => $limit,
if($rows === false) 'offset' => $offset
));
if ($rows === false) {
return array(); return array();
}
foreach($rows as $row) foreach ($rows as $row) {
{
$uid = $row[$this->settings['col_username']]; $uid = $row[$this->settings['col_username']];
if($this -> settings['set_strip_domain'] === 'true') if ($this->settings['set_strip_domain'] === 'true') {
{
$uid = explode("@", $uid); $uid = explode("@", $uid);
$uid = $uid[0]; $uid = $uid[0];
} }
@@ -583,8 +536,9 @@ class OC_USER_SQL extends BackendUtility implements \OCP\IUserBackend,
Util::writeLog('OC_USER_SQL', Util::writeLog('OC_USER_SQL',
"userExists() for UID: $uid cacheVal: $cacheVal", "userExists() for UID: $uid cacheVal: $cacheVal",
Util::DEBUG); Util::DEBUG);
if(!is_null($cacheVal)) if (!is_null($cacheVal)) {
return (bool)$cacheVal; return (bool)$cacheVal;
}
Util::writeLog('OC_USER_SQL', Util::writeLog('OC_USER_SQL',
"Entering userExists() for UID: $uid", "Entering userExists() for UID: $uid",
@@ -592,8 +546,7 @@ class OC_USER_SQL extends BackendUtility implements \OCP\IUserBackend,
// Only if the domain is removed for internal user handling, // Only if the domain is removed for internal user handling,
// we should add the domain back when checking existance // we should add the domain back when checking existance
if($this -> settings['set_strip_domain'] === 'true') if ($this->settings['set_strip_domain'] === 'true') {
{
$uid = $this->doUserDomainMapping($uid); $uid = $this->doUserDomainMapping($uid);
} }
@@ -601,14 +554,12 @@ class OC_USER_SQL extends BackendUtility implements \OCP\IUserBackend,
array('uid' => $uid));; array('uid' => $uid));;
$this->setCache($cacheKey, $exists, 60); $this->setCache($cacheKey, $exists, 60);
if(!$exists) if (!$exists) {
{
Util::writeLog('OC_USER_SQL', Util::writeLog('OC_USER_SQL',
"Empty row, user does not exists, return false", "Empty row, user does not exists, return false",
Util::DEBUG); Util::DEBUG);
return false; return false;
} else } else {
{
Util::writeLog('OC_USER_SQL', "User exists, return true", Util::writeLog('OC_USER_SQL', "User exists, return true",
Util::DEBUG); Util::DEBUG);
return true; return true;
@@ -630,23 +581,20 @@ class OC_USER_SQL extends BackendUtility implements \OCP\IUserBackend,
$this->doEmailSync($uid); $this->doEmailSync($uid);
$uid = $this->doUserDomainMapping($uid); $uid = $this->doUserDomainMapping($uid);
if(!$this -> userExists($uid)) if (!$this->userExists($uid)) {
{
return false; return false;
} }
$row = $this->helper->runQuery('getDisplayName', $row = $this->helper->runQuery('getDisplayName',
array('uid' => $uid)); array('uid' => $uid));
if(!$row) if (!$row) {
{
Util::writeLog('OC_USER_SQL', Util::writeLog('OC_USER_SQL',
"Empty row, user has no display name or " . "Empty row, user has no display name or " .
"does not exist, return false", "does not exist, return false",
Util::DEBUG); Util::DEBUG);
return false; return false;
} else } else {
{
Util::writeLog('OC_USER_SQL', Util::writeLog('OC_USER_SQL',
"User exists, return true", "User exists, return true",
Util::DEBUG); Util::DEBUG);
@@ -660,8 +608,7 @@ class OC_USER_SQL extends BackendUtility implements \OCP\IUserBackend,
{ {
$uids = $this->getUsers($search, $limit, $offset); $uids = $this->getUsers($search, $limit, $offset);
$displayNames = array(); $displayNames = array();
foreach($uids as $uid) foreach ($uids as $uid) {
{
$displayNames[$uid] = $this->getDisplayName($uid); $displayNames[$uid] = $this->getDisplayName($uid);
} }
return $displayNames; return $displayNames;
@@ -698,80 +645,61 @@ class OC_USER_SQL extends BackendUtility implements \OCP\IUserBackend,
$password = ""; $password = "";
$salt = ""; $salt = "";
if($this -> settings['set_crypt_type'] === 'md5crypt') if ($this->settings['set_crypt_type'] === 'md5crypt') {
{
$split_salt = preg_split('/\$/', $pw_db); $split_salt = preg_split('/\$/', $pw_db);
if(isset($split_salt[2])) if (isset($split_salt[2])) {
{
$salt = $split_salt[2]; $salt = $split_salt[2];
} }
$password = $this->md5crypt($pw, $salt); $password = $this->md5crypt($pw, $salt);
} elseif($this -> settings['set_crypt_type'] === 'md5') } elseif ($this->settings['set_crypt_type'] === 'md5') {
{
$password = md5($pw); $password = md5($pw);
} elseif($this -> settings['set_crypt_type'] === 'system') } elseif ($this->settings['set_crypt_type'] === 'system') {
{
// We never generate salts, as user creation is not allowed here // We never generate salts, as user creation is not allowed here
$password = crypt($pw, $pw_db); $password = crypt($pw, $pw_db);
} elseif($this -> settings['set_crypt_type'] === 'cleartext') } elseif ($this->settings['set_crypt_type'] === 'cleartext') {
{
$password = $pw; $password = $pw;
} }
// See // See
// https://sourceforge.net/tracker/?func=detail&atid=937966&aid=1793352&group_id=191583 // https://sourceforge.net/tracker/?func=detail&atid=937966&aid=1793352&group_id=191583
// this is apparently useful for pam_mysql etc. // this is apparently useful for pam_mysql etc.
elseif($this -> settings['set_crypt_type'] === 'mysql_encrypt') elseif ($this->settings['set_crypt_type'] === 'mysql_encrypt') {
{ if ($pw_db !== "") {
if($pw_db !== "")
{
$salt = substr($pw_db, 0, 2); $salt = substr($pw_db, 0, 2);
$row = $this->helper->runQuery('mysqlEncryptSalt', $row = $this->helper->runQuery('mysqlEncryptSalt',
array('pw' => $pw, 'salt' => $salt)); array('pw' => $pw, 'salt' => $salt));
} else } else {
{
$row = $this->helper->runQuery('mysqlEncrypt', $row = $this->helper->runQuery('mysqlEncrypt',
array('pw' => $pw)); array('pw' => $pw));
} }
if($row === false) if ($row === false) {
{
return false; return false;
} }
$password = $row[0]; $password = $row[0];
} elseif($this -> settings['set_crypt_type'] === 'mysql_password') } elseif ($this->settings['set_crypt_type'] === 'mysql_password') {
{
$row = $this->helper->runQuery('mysqlPassword', $row = $this->helper->runQuery('mysqlPassword',
array('pw' => $pw)); array('pw' => $pw));
if($row === false) if ($row === false) {
{
return false; return false;
} }
$password = $row[0]; $password = $row[0];
} } // The following is by Frédéric France
elseif ($this->settings['set_crypt_type'] === 'joomla') {
// The following is by Frédéric France
elseif($this -> settings['set_crypt_type'] === 'joomla')
{
$split_salt = preg_split('/:/', $pw_db); $split_salt = preg_split('/:/', $pw_db);
if(isset($split_salt[1])) if (isset($split_salt[1])) {
{
$salt = $split_salt[1]; $salt = $split_salt[1];
} }
$password = ($salt) ? md5($pw . $salt) : md5($pw); $password = ($salt) ? md5($pw . $salt) : md5($pw);
$password .= ':' . $salt; $password .= ':' . $salt;
} } elseif ($this->settings['set_crypt_type'] === 'ssha256') {
elseif($this-> settings['set_crypt_type'] === 'ssha256')
{
$salted_password = base64_decode( $salted_password = base64_decode(
preg_replace('/{SSHA256}/i', '', $pw_db)); preg_replace('/{SSHA256}/i', '', $pw_db));
$salt = substr($salted_password, -(strlen($salted_password) - 32)); $salt = substr($salted_password, -(strlen($salted_password) - 32));
$password = $this->ssha256($pw, $salt); $password = $this->ssha256($pw, $salt);
} else } else {
{
Util::writeLog('OC_USER_SQL', Util::writeLog('OC_USER_SQL',
"unknown/invalid crypt_type settings: " . "unknown/invalid crypt_type settings: " .
$this->settings['set_crypt_type'], $this->settings['set_crypt_type'],
@@ -797,59 +725,56 @@ class OC_USER_SQL extends BackendUtility implements \OCP\IUserBackend,
{ {
$MAGIC = "$1$"; $MAGIC = "$1$";
if($magic === "") if ($magic === "") {
$magic = $MAGIC; $magic = $MAGIC;
if($salt === "") }
if ($salt === "") {
$salt = $this->create_md5salt(); $salt = $this->create_md5salt();
}
$slist = explode("$", $salt); $slist = explode("$", $salt);
if($slist[0] === "1") if ($slist[0] === "1") {
$salt = $slist[1]; $salt = $slist[1];
}
$salt = substr($salt, 0, 8); $salt = substr($salt, 0, 8);
$ctx = $pw . $magic . $salt; $ctx = $pw . $magic . $salt;
$final = $this->pahex2bin(md5($pw . $salt . $pw)); $final = $this->pahex2bin(md5($pw . $salt . $pw));
for($i = strlen($pw); $i > 0; $i -= 16) for ($i = strlen($pw); $i > 0; $i -= 16) {
{ if ($i > 16) {
if($i > 16)
{
$ctx .= substr($final, 0, 16); $ctx .= substr($final, 0, 16);
} else } else {
{
$ctx .= substr($final, 0, $i); $ctx .= substr($final, 0, $i);
} }
} }
$i = strlen($pw); $i = strlen($pw);
while($i > 0) while ($i > 0) {
{ if ($i & 1) {
if($i & 1)
$ctx .= chr(0); $ctx .= chr(0);
else } else {
$ctx .= $pw[0]; $ctx .= $pw[0];
}
$i = $i >> 1; $i = $i >> 1;
} }
$final = $this->pahex2bin(md5($ctx)); $final = $this->pahex2bin(md5($ctx));
for($i = 0; $i < 1000; $i++) for ($i = 0; $i < 1000; $i++) {
{
$ctx1 = ""; $ctx1 = "";
if($i & 1) if ($i & 1) {
{
$ctx1 .= $pw; $ctx1 .= $pw;
} else } else {
{
$ctx1 .= substr($final, 0, 16); $ctx1 .= substr($final, 0, 16);
} }
if($i % 3) if ($i % 3) {
$ctx1 .= $salt; $ctx1 .= $salt;
if($i % 7) }
if ($i % 7) {
$ctx1 .= $pw; $ctx1 .= $pw;
if($i & 1) }
{ if ($i & 1) {
$ctx1 .= substr($final, 0, 16); $ctx1 .= substr($final, 0, 16);
} else } else {
{
$ctx1 .= $pw; $ctx1 .= $pw;
} }
$final = $this->pahex2bin(md5($ctx1)); $final = $this->pahex2bin(md5($ctx1));
@@ -898,15 +823,12 @@ class OC_USER_SQL extends BackendUtility implements \OCP\IUserBackend,
*/ */
private function pahex2bin($str) private function pahex2bin($str)
{ {
if(function_exists('hex2bin')) if (function_exists('hex2bin')) {
{
return hex2bin($str); return hex2bin($str);
} else } else {
{
$len = strlen($str); $len = strlen($str);
$nstr = ""; $nstr = "";
for($i = 0; $i < $len; $i += 2) for ($i = 0; $i < $len; $i += 2) {
{
$num = sscanf(substr($str, $i, 2), "%x"); $num = sscanf(substr($str, $i, 2), "%x");
$nstr .= chr($num[0]); $nstr .= chr($num[0]);
} }
@@ -922,8 +844,7 @@ class OC_USER_SQL extends BackendUtility implements \OCP\IUserBackend,
$ITOA64 = $ITOA64 =
"./0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz"; "./0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz";
$ret = ""; $ret = "";
while(($n - 1) >= 0) while (($n - 1) >= 0) {
{
$n--; $n--;
$ret .= $ITOA64[$v & 0x3f]; $ret .= $ITOA64[$v & 0x3f];
$v = $v >> 6; $v = $v >> 6;
@@ -939,15 +860,13 @@ class OC_USER_SQL extends BackendUtility implements \OCP\IUserBackend,
*/ */
private function setCache($key, $value, $ttl = 3600) private function setCache($key, $value, $ttl = 3600)
{ {
if ($this -> cache === NULL) if ($this->cache === null) {
{
$_SESSION[$this->session_cache_name][$key] = array( $_SESSION[$this->session_cache_name][$key] = array(
'value' => $value, 'value' => $value,
'time' => time(), 'time' => time(),
'ttl' => $ttl, 'ttl' => $ttl,
); );
} else } else {
{
$this->cache->set($key, $value, $ttl); $this->cache->set($key, $value, $ttl);
} }
} }
@@ -960,20 +879,16 @@ class OC_USER_SQL extends BackendUtility implements \OCP\IUserBackend,
*/ */
private function getCache($key) private function getCache($key)
{ {
$retVal = NULL; $retVal = null;
if ($this -> cache === NULL) if ($this->cache === null) {
{
if (isset($_SESSION[$this->session_cache_name], if (isset($_SESSION[$this->session_cache_name],
$_SESSION[$this -> session_cache_name][$key])) $_SESSION[$this->session_cache_name][$key])) {
{
$value = $_SESSION[$this->session_cache_name][$key]; $value = $_SESSION[$this->session_cache_name][$key];
if (time() < $value['time'] + $value['ttl']) if (time() < $value['time'] + $value['ttl']) {
{
$retVal = $value['value']; $retVal = $value['value'];
} }
} }
} else } else {
{
$retVal = $this->cache->get($key); $retVal = $this->cache->get($key);
} }
return $retVal; return $retVal;
@@ -997,7 +912,8 @@ class OC_USER_SQL extends BackendUtility implements \OCP\IUserBackend,
} }
function hash_equals( $a, $b ) { function hash_equals($a, $b)
{
$a_length = strlen($a); $a_length = strlen($a);
if ($a_length !== strlen($b)) { if ($a_length !== strlen($b)) {
@@ -1024,11 +940,9 @@ class OC_USER_SQL extends BackendUtility implements \OCP\IUserBackend,
private static function hex_to_base64($hex) private static function hex_to_base64($hex)
{ {
$hex_chr = ''; $hex_chr = '';
foreach(str_split($hex, 2) as $hexpair) foreach (str_split($hex, 2) as $hexpair) {
{
$hex_chr .= chr(hexdec($hexpair)); $hex_chr .= chr(hexdec($hexpair));
} }
return base64_encode($hex_chr); return base64_encode($hex_chr);
} }
} }

152
templates/admin.php
View File

@@ -42,35 +42,85 @@ $cfgClass = 'section';
</select> </select>
</p> </p>
<p><label for="sql_hostname"><?php p($l -> t('Host')); ?></label><input type="text" id="sql_hostname" name="sql_hostname" value="<?php p($_['sql_hostname']); ?>"></p> <p><label for="sql_hostname"><?php p($l->t('Host')); ?></label><input type="text" id="sql_hostname"
name="sql_hostname"
value="<?php p($_['sql_hostname']); ?>">
</p>
<p><label for="sql_database"><?php p($l -> t('Database')); ?></label><input type="text" id="sql_database" name="sql_database" value="<?php p($_['sql_database']); ?>" /></p> <p><label for="sql_database"><?php p($l->t('Database')); ?></label><input type="text" id="sql_database"
name="sql_database"
value="<?php p($_['sql_database']); ?>"/>
</p>
<p><label for="sql_username"><?php p($l -> t('Username')); ?></label><input type="text" id="sql_username" name="sql_username" value="<?php p($_['sql_username']); ?>" /></p> <p><label for="sql_username"><?php p($l->t('Username')); ?></label><input type="text" id="sql_username"
name="sql_username"
value="<?php p($_['sql_username']); ?>"/>
</p>
<p><label for="sql_password"><?php p($l -> t('Password')); ?></label><input type="password" id="sql_password" name="sql_password" value="<?php p($_['sql_password']); ?>" /></p> <p><label for="sql_password"><?php p($l->t('Password')); ?></label><input type="password"
id="sql_password"
name="sql_password"
value="<?php p($_['sql_password']); ?>"/>
</p>
<p><input type="submit" id="sqlVerify" value="<?php p($l->t('Verify Settings')); ?>"></p> <p><input type="submit" id="sqlVerify" value="<?php p($l->t('Verify Settings')); ?>"></p>
</fieldset> </fieldset>
<fieldset id="sql-2"> <fieldset id="sql-2">
<p><label for="sql_table"><?php p($l -> t('Table')); ?></label><input type="text" id="sql_table" name="sql_table" value="<?php p($_['sql_table']); ?>" /></p> <p><label for="sql_table"><?php p($l->t('Table')); ?></label><input type="text" id="sql_table"
name="sql_table"
value="<?php p($_['sql_table']); ?>"/>
</p>
<p><label for="col_username"><?php p($l -> t('Username Column')); ?></label><input type="text" id="col_username" name="col_username" value="<?php p($_['col_username']); ?>" /></p> <p><label for="col_username"><?php p($l->t('Username Column')); ?></label><input type="text"
id="col_username"
name="col_username"
value="<?php p($_['col_username']); ?>"/>
</p>
<p><label for="col_password"><?php p($l -> t('Password Column')); ?></label><input type="text" id="col_password" name="col_password" value="<?php p($_['col_password']); ?>" /></p> <p><label for="col_password"><?php p($l->t('Password Column')); ?></label><input type="text"
id="col_password"
name="col_password"
value="<?php p($_['col_password']); ?>"/>
</p>
<p><label for="set_allow_pwchange"><?php p($l -> t('Allow password changing (read README!)')); ?></label><input type="checkbox" id="set_allow_pwchange" name="set_allow_pwchange" value="1"<?php <p>
if($_['set_allow_pwchange']) <label for="set_allow_pwchange"><?php p($l->t('Allow password changing (read README!)')); ?></label><input
type="checkbox" id="set_allow_pwchange" name="set_allow_pwchange" value="1"<?php
if ($_['set_allow_pwchange']) {
p(' checked'); p(' checked');
}
?>><br> ?>><br>
<em><?php p($l -> t('Allow changing passwords. Imposes a security risk if password salts are not recreated.')); ?></em></p> <em><?php p($l->t('Allow changing passwords. Imposes a security risk if password salts are not recreated.')); ?></em>
</p>
<em><?php p($l->t('Only the encryption types "System","password_hash" and "Joomla2" are safe.')); ?></em></p> <em><?php p($l->t('Only the encryption types "System","password_hash" and "Joomla2" are safe.')); ?></em></p>
<p><label for="col_displayname"><?php p($l -> t('Real Name Column')); ?></label><input type="text" id="col_displayname" name="col_displayname" value="<?php p($_['col_displayname']); ?>" /></p> <p><label for="col_displayname"><?php p($l->t('Real Name Column')); ?></label><input type="text"
id="col_displayname"
name="col_displayname"
value="<?php p($_['col_displayname']); ?>"/>
</p>
<p><label for="set_crypt_type"><?php p($l->t('Encryption Type')); ?></label> <p><label for="set_crypt_type"><?php p($l->t('Encryption Type')); ?></label>
<?php $crypt_types = array('drupal' => 'Drupal 7', 'md5' => 'MD5', 'md5crypt' => 'MD5 Crypt', 'cleartext' => 'Cleartext', 'mysql_encrypt' => 'mySQL ENCRYPT()', 'system' => 'System (crypt)', 'password_hash' => 'password_hash','mysql_password' => 'mySQL PASSWORD()', 'joomla' => 'Joomla MD5 Encryption', 'joomla2' => 'Joomla > 2.5.18 phpass', 'ssha256' => 'Salted SSHA256', 'redmine' => 'Redmine', 'sha1' => 'SHA1', 'courier_md5' => 'Courier base64-encoded MD5', 'courier_md5raw' => 'Courier hexadecimal MD5', 'courier_sha1' => 'Courier base64-encoded SHA1', 'courier_sha256' => 'Courier base64-encoded SHA256'); ?> <?php $crypt_types = array(
'drupal' => 'Drupal 7',
'md5' => 'MD5',
'md5crypt' => 'MD5 Crypt',
'cleartext' => 'Cleartext',
'mysql_encrypt' => 'mySQL ENCRYPT()',
'system' => 'System (crypt)',
'password_hash' => 'password_hash',
'mysql_password' => 'mySQL PASSWORD()',
'joomla' => 'Joomla MD5 Encryption',
'joomla2' => 'Joomla > 2.5.18 phpass',
'ssha256' => 'Salted SSHA256',
'redmine' => 'Redmine',
'sha1' => 'SHA1',
'courier_md5' => 'Courier base64-encoded MD5',
'courier_md5raw' => 'Courier hexadecimal MD5',
'courier_sha1' => 'Courier base64-encoded SHA1',
'courier_sha256' => 'Courier base64-encoded SHA256'
); ?>
<select id="set_crypt_type" name="set_crypt_type"> <select id="set_crypt_type" name="set_crypt_type">
<?php <?php
foreach ($crypt_types as $driver => $name): foreach ($crypt_types as $driver => $name):
@@ -85,22 +135,37 @@ $cfgClass = 'section';
</select> </select>
</p> </p>
<p><label for="col_active"><?php p($l -> t('User Active Column')); ?></label><input type="text" id="col_active" name="col_active" value="<?php p($_['col_active']); ?>" /></p> <p><label for="col_active"><?php p($l->t('User Active Column')); ?></label><input type="text"
id="col_active"
name="col_active"
value="<?php p($_['col_active']); ?>"/>
</p>
<p><label for="set_active_invert"><?php p($l -> t('Invert Active Value')); ?></label><input type="checkbox" id="set_active_invert" name="set_active_invert" value="1"<?php <p><label for="set_active_invert"><?php p($l->t('Invert Active Value')); ?></label><input
if($_['set_active_invert']) type="checkbox" id="set_active_invert" name="set_active_invert" value="1"<?php
if ($_['set_active_invert']) {
p(' checked'); p(' checked');
}
?> /><br> ?> /><br>
<em><?php p($l -> t("Invert the logic of the active column (for blocked users in the SQL DB)")); ?></em></p> <em><?php p($l->t("Invert the logic of the active column (for blocked users in the SQL DB)")); ?></em>
</p>
</fieldset> </fieldset>
<fieldset id="sql-3"> <fieldset id="sql-3">
<p><label for="col_email"><?php p($l -> t('E-Mail Column')); ?></label><input type="text" id="col_email" name="col_email" value="<?php p($_['col_email']); ?>" /></p> <p><label for="col_email"><?php p($l->t('E-Mail Column')); ?></label><input type="text" id="col_email"
name="col_email"
value="<?php p($_['col_email']); ?>"/>
</p>
<p><label for="set_mail_sync_mode"><?php p($l->t('E-Mail address sync mode')); ?></label> <p><label for="set_mail_sync_mode"><?php p($l->t('E-Mail address sync mode')); ?></label>
<?php $mail_modes = array('none' => 'No Synchronisation', 'initial' => 'Synchronise only once', 'forceoc' => 'Nextcloud always wins', 'forcesql' => 'SQL always wins'); ?> <?php $mail_modes = array(
'none' => 'No Synchronisation',
'initial' => 'Synchronise only once',
'forceoc' => 'Nextcloud always wins',
'forcesql' => 'SQL always wins'
); ?>
<select id="set_mail_sync_mode" name="set_mail_sync_mode"> <select id="set_mail_sync_mode" name="set_mail_sync_mode">
<?php <?php
foreach ($mail_modes as $mode => $name): foreach ($mail_modes as $mode => $name):
@@ -119,22 +184,31 @@ $cfgClass = 'section';
<fieldset id="sql-4"> <fieldset id="sql-4">
<p><label for="set_default_domain"><?php p($l -> t('Append Default Domain')); ?></label><input type="text" id="set_default_domain", name="set_default_domain" value="<?php p($_['set_default_domain']); ?>" /><br> <p><label for="set_default_domain"><?php p($l->t('Append Default Domain')); ?></label><input type="text"
id="set_default_domain"
,
name="set_default_domain"
value="<?php p($_['set_default_domain']); ?>"/><br>
<em><?php p($l->t('Append this string, e.g. a domain name, to each user name. The @-sign is automatically inserted.')); ?></em> <em><?php p($l->t('Append this string, e.g. a domain name, to each user name. The @-sign is automatically inserted.')); ?></em>
</p> </p>
<p><label for="set_strip_domain"><?php p($l -> t('Strip Domain Part from Username')); ?></label><input type="checkbox" id="set_strip_domain" name="set_strip_domain" value="1"<?php <p><label for="set_strip_domain"><?php p($l->t('Strip Domain Part from Username')); ?></label><input
if($_['set_strip_domain']) type="checkbox" id="set_strip_domain" name="set_strip_domain" value="1"<?php
if ($_['set_strip_domain']) {
p(' checked'); p(' checked');
}
?> /><br> ?> /><br>
<em><?php p($l -> t("Strip Domain Part including @-sign from Username when logging in and retrieving username lists")); ?></em></p> <em><?php p($l->t("Strip Domain Part including @-sign from Username when logging in and retrieving username lists")); ?></em>
</p>
</fieldset> </fieldset>
<fieldset id="sql-5"> <fieldset id="sql-5">
<p><label for="set_enable_gethome"><?php p($l -> t('Enable support for getHome()')); ?></label><input type="checkbox" id="set_enable_gethome", name="set_enable_gethome" value="1" <?php <p><label for="set_enable_gethome"><?php p($l->t('Enable support for getHome()')); ?></label><input
if($_['set_enable_gethome']) type="checkbox" id="set_enable_gethome" , name="set_enable_gethome" value="1" <?php
if ($_['set_enable_gethome']) {
p(' checked'); p(' checked');
}
?>/></p> ?>/></p>
<p><label for="set_gethome_mode"><?php p($l->t('Method for getHome')); ?></label> <p><label for="set_gethome_mode"><?php p($l->t('Method for getHome')); ?></label>
@@ -153,18 +227,36 @@ $cfgClass = 'section';
</select> </select>
</p> </p>
<p><label for="col_gethome"><?php p($l -> t('Home Column')); ?></label><input type="text" id="col_gethome" name="col_gethome" value="<?php p($_['col_gethome']); ?>"></p> <p><label for="col_gethome"><?php p($l->t('Home Column')); ?></label><input type="text" id="col_gethome"
name="col_gethome"
value="<?php p($_['col_gethome']); ?>">
</p>
<p><label for="set_gethome"><?php p($l -> t('Home Dir')); ?></label><input type="text" id="set_gethome" name="set_gethome" value="<?php p($_['set_gethome']); ?>"><br> <p><label for="set_gethome"><?php p($l->t('Home Dir')); ?></label><input type="text" id="set_gethome"
<em><?php p($l -> t('You can use the placeholders %%u to specify the user ID (before appending the default domain), %%ud to specify the user ID (after appending the default domain) and %%d to specify the default domain')); ?></em></p> name="set_gethome"
value="<?php p($_['set_gethome']); ?>"><br>
<em><?php p($l->t('You can use the placeholders %%u to specify the user ID (before appending the default domain), %%ud to specify the user ID (after appending the default domain) and %%d to specify the default domain')); ?></em>
</p>
</fieldset> </fieldset>
<fieldset id="sql-6"> <fieldset id="sql-6">
<p><label for="sql_group_table"><?php p($l -> t('Table')); ?></label><input type="text" id="sql_group_table" name="sql_group_table" value="<?php p($_['sql_group_table']); ?>" /></p> <p><label for="sql_group_table"><?php p($l->t('Table')); ?></label><input type="text"
id="sql_group_table"
name="sql_group_table"
value="<?php p($_['sql_group_table']); ?>"/>
</p>
<p><label for="col_group_username"><?php p($l -> t('Username Column')); ?></label><input type="text" id="col_group_username" name="col_group_username" value="<?php p($_['col_group_username']); ?>" /></p> <p><label for="col_group_username"><?php p($l->t('Username Column')); ?></label><input type="text"
id="col_group_username"
name="col_group_username"
value="<?php p($_['col_group_username']); ?>"/>
</p>
<p><label for="col_group_name"><?php p($l -> t('Group Name Column')); ?></label><input type="text" id="col_group_name" name="col_group_name" value="<?php p($_['col_group_name']); ?>" /></p> <p><label for="col_group_name"><?php p($l->t('Group Name Column')); ?></label><input type="text"
id="col_group_name"
name="col_group_name"
value="<?php p($_['col_group_name']); ?>"/>
</p>
</fieldset> </fieldset>