Merge branch 'release/v4.0.0-rc2'

CHANGELOG.md

@@ -4,6 +4,13 @@ All notable changes to this project will be documented in this file.
 The format is based on [Keep a Changelog](http://keepachangelog.com/en/1.0.0/)
 and this project adheres to [Semantic Versioning](http://semver.org/spec/v2.0.0.html).
 
+## [v4.0.0-rc2]
+### Added
+- User active column
+
+### Changed
+- Fixed "Use of undefined constant" error for Argon2 Crypt with PHP below 7.2.
+
 ## [4.0.0-rc1]
 ### Added
 - New hashing algorithms: Argon2 Crypt (PHP 7.2 and above), Blowfish Crypt, Courier base64-encoded MD5, Courier base64-encoded SHA1,
@@ -58,5 +65,6 @@ and this project adheres to [Semantic Versioning](http://semver.org/spec/v2.0.0.
 ### Changed
 - Supported version of ownCloud, Nextcloud: ownCloud 10, Nextcloud 12
 
+[v4.0.0-rc2]: https://github.com/nextcloud/user_sql/compare/v4.0.0-rc1...v4.0.0-rc2
 [4.0.0-rc1]: https://github.com/nextcloud/user_sql/compare/v3.1.0...v4.0.0-rc1
 [3.1.0]: https://github.com/nextcloud/user_sql/compare/v2.4.0...v3.1.0

README.md

@@ -67,6 +67,7 @@ Name | Description | Details
 **Home** | Home path column. | Mandatory for `Query` *Home sync* option.
 **Password** | Password hash column. | Mandatory for user backend.
 **Display name** | Display name column. | Optional.
+**Active** | Flag indicating if user can log in. | Optional.<br/>Default: true.
 **Can change avatar** | Flag indicating if user can change its avatar. | Optional.<br/>Default: false.
 
 #### Group table
@@ -112,6 +113,7 @@ CREATE TABLE sql_users
   email             TEXT        NULL,
   home              TEXT        NULL,
   password          TEXT        NOT NULL,
+  active            TINYINT(1)  NOT NULL DEFAULT '1',
   can_change_avatar BOOLEAN     NOT NULL DEFAULT FALSE,
   CONSTRAINT users_username_uindex UNIQUE (username)
 );
@@ -161,6 +163,7 @@ User table: jhi_users
 Username column: login
 Password column: password_hash
 Email column: email
+Active column: activated
 
 Hashing algorithm: Unix (Crypt)
 ```

appinfo/info.xml

@@ -8,7 +8,7 @@
         Retrieve the users and groups info. Allow the users to change their passwords.
         Sync the users' email addresses with the addresses stored by Nextcloud.
     </description>
-    <version>4.0.0-rc1</version>
+    <version>4.0.0-rc2</version>
     <licence>agpl</licence>
     <author>Andreas Böhler &lt;dev (at) aboehler (dot) at&gt;</author>
     <author>Marcin Łojewski &lt;dev@mlojewski.me&gt;</author>

js/settings.js

@@ -75,7 +75,7 @@ user_sql.adminSettingsUI = function () {
         );
 
         autocomplete(
-            "#db-table-user-column-uid, #db-table-user-column-email, #db-table-user-column-home, #db-table-user-column-password, #db-table-user-column-name, #db-table-user-column-avatar",
+            "#db-table-user-column-uid, #db-table-user-column-email, #db-table-user-column-home, #db-table-user-column-password, #db-table-user-column-name, #db-table-user-column-active, #db-table-user-column-avatar",
             "/apps/user_sql/settings/autocomplete/table/user"
         );
 

lib/Backend/UserBackend.php

@@ -278,6 +278,14 @@ final class UserBackend extends Backend
             $password, $user->password
         );
 
+        if ($user->active == false) {
+            $this->logger->info(
+                "User account is inactive for user: $uid",
+                ["app" => $this->appName]
+            );
+            return false;
+        }
+
         if ($isCorrect !== true) {
             $this->logger->info(
                 "Invalid password attempt for user: $uid",

lib/Constant/DB.php

@@ -45,6 +45,7 @@ final class DB
     const USER_GROUP_GID_COLUMN = "db.table.user_group.column.gid";
     const USER_GROUP_UID_COLUMN = "db.table.user_group.column.uid";
 
+    const USER_ACTIVE_COLUMN = "db.table.user.column.active";
     const USER_AVATAR_COLUMN = "db.table.user.column.avatar";
     const USER_EMAIL_COLUMN = "db.table.user.column.email";
     const USER_HOME_COLUMN = "db.table.user.column.home";

lib/Crypto/CryptArgon2.php

@@ -54,15 +54,22 @@ class CryptArgon2 extends AbstractAlgorithm
      * @param int   $threads      Number of threads to use for computing.
      */
     public function __construct(
-        IL10N $localization,
-        $memoryCost = PASSWORD_ARGON2_DEFAULT_MEMORY_COST,
-        $timeCost = PASSWORD_ARGON2_DEFAULT_TIME_COST,
-        $threads = PASSWORD_ARGON2_DEFAULT_THREADS
+        IL10N $localization, $memoryCost = -1, $timeCost = -1, $threads = -1
     ) {
         if (version_compare(PHP_VERSION, "7.2.0") === -1) {
             throw new \RuntimeException(
                 "PASSWORD_ARGON2I requires PHP 7.2.0 or above."
             );
+        } else {
+            if ($memoryCost === -1) {
+                $memoryCost = PASSWORD_ARGON2_DEFAULT_MEMORY_COST;
+            }
+            if ($timeCost === -1) {
+                $timeCost = PASSWORD_ARGON2_DEFAULT_TIME_COST;
+            }
+            if ($threads === -1) {
+                $threads = PASSWORD_ARGON2_DEFAULT_THREADS;
+            }
         }
 
         parent::__construct($localization);

lib/Model/User.php

@@ -48,6 +48,10 @@ class User
      * @var string The user's home location.
      */
     public $home;
+    /**
+     * @var bool Is user account active.
+     */
+    public $active;
     /**
      * @var bool Can user change its avatar.
      */

lib/Query/QueryProvider.php

@@ -65,6 +65,7 @@ class QueryProvider implements \ArrayAccess
         $gGID = $this->properties[DB::GROUP_GID_COLUMN];
         $gName = $this->properties[DB::GROUP_NAME_COLUMN];
 
+        $uActive = $this->properties[DB::USER_ACTIVE_COLUMN];
         $uAvatar = $this->properties[DB::USER_AVATAR_COLUMN];
         $uEmail = $this->properties[DB::USER_EMAIL_COLUMN];
         $uHome = $this->properties[DB::USER_HOME_COLUMN];
@@ -90,6 +91,7 @@ class QueryProvider implements \ArrayAccess
             (empty($uName) ? "null" : $uName) . " AS name, " .
             (empty($uEmail) ? "null" : $uEmail) . " AS email, " .
             (empty($uHome) ? "null" : $uHome) . " AS home, " .
+            (empty($uActive) ? "true" : $uActive) . " AS active, " .
             (empty($uAvatar) ? "false" : $uAvatar) . " AS avatar";
 
         $this->queries = [

templates/admin.php

@@ -147,6 +147,7 @@ function print_select_options(
                 print_text_input($l, "db-table-user-column-home", "Home", $_['db.table.user.column.home']);
                 print_text_input($l, "db-table-user-column-password", "Password", $_['db.table.user.column.password']);
                 print_text_input($l, "db-table-user-column-name", "Display name", $_['db.table.user.column.name']);
+                print_text_input($l, "db-table-user-column-active", "Active", $_['db.table.user.column.active']);
                 print_text_input($l, "db-table-user-column-avatar", "Can change avatar", $_['db.table.user.column.avatar']); ?>
             </fieldset>
         </div>