YakumoLabs/user_external
4
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Merge pull request #30 from nextcloud/fix/6/check-code-fixes

Browse Source 
occ check-code compliance
This commit is contained in:
violoncello.ch
2019-01-14 13:35:45 +01:00
committed by GitHub
parent 05fb0e2f33 8c5e80b21d
commit 5df00dc149
6 changed files with 117 additions and 103 deletions
Download Patch File Download Diff File Expand all files Collapse all files

19
appinfo/info.xml
View File

@@ -1,25 +1,26 @@
<?xml version="1.0"?> <?xml version="1.0"?>
<info> <info xmlns:xsi= "http://www.w3.org/2001/XMLSchema-instance"
xsi:noNamespaceSchemaLocation="https://apps.nextcloud.com/schema/apps/info.xsd">
<id>user_external</id> <id>user_external</id>
<name>External user support</name> <name>External user support</name>
<summary>Use external user authentication methods like IMAP, SMB and FTP</summary> <summary>Use external user authentication methods like IMAP, SMB and FTP</summary>
<description>Use external user authentication methods like IMAP, SMB and FTP</description> <description>Use external user authentication methods like IMAP, SMB and FTP</description>
<category>tools</category> <version>0.5.0</version>
<category>integration</category> <licence>agpl</licence>
<licence>AGPL</licence>
<author>Robin Appelman</author> <author>Robin Appelman</author>
<types>
<prelogin/>
<authentication/>
</types>
<documentation> <documentation>
<admin>https://docs.nextcloud.com/server/15/admin_manual/configuration_user/user_auth_ftp_smb_imap.html</admin> <admin>https://docs.nextcloud.com/server/15/admin_manual/configuration_user/user_auth_ftp_smb_imap.html</admin>
</documentation> </documentation>
<category>tools</category>
<category>integration</category>
<website>https://github.com/nextcloud/user_external/</website> <website>https://github.com/nextcloud/user_external/</website>
<bugs>https://github.com/nextcloud/user_external/issues</bugs> <bugs>https://github.com/nextcloud/user_external/issues</bugs>
<repository type="git">https://github.com/nextcloud/user_external.git</repository> <repository type="git">https://github.com/nextcloud/user_external.git</repository>
<dependencies> <dependencies>
<nextcloud min-version="15" max-version="15" /> <nextcloud min-version="15" max-version="15" />
</dependencies> </dependencies>
<version>0.5.0</version>
<types>
<authentication/>
<prelogin/>
</types>
</info> </info>

126
lib/base.php
View File

@@ -6,7 +6,6 @@
* See the COPYING-README file. * See the COPYING-README file.
*/ */
namespace OCA\user_external; namespace OCA\user_external;
use \OC_DB;
/** /**
* Base class for external auth implementations that stores users * Base class for external auth implementations that stores users
@@ -40,10 +39,11 @@ abstract class Base extends \OC\User\Backend{
* @return bool * @return bool
*/ */
public function deleteUser($uid) { public function deleteUser($uid) {
OC_DB::executeAudited( $query = \OC::$server->getDatabaseConnection()->getQueryBuilder();
'DELETE FROM `*PREFIX*users_external` WHERE `uid` = ? AND `backend` = ?', $query->delete('users_external')
array($uid, $this->backend) ->where($query->expr()->eq('uid', $query->createNamedParameter($uid)))
); ->andWhere($query->expr()->eq('backend', $query->createNamedParameter($this->backend)));
$query->execute();
return true; return true;
} }
@@ -55,11 +55,15 @@ abstract class Base extends \OC\User\Backend{
* @return string display name * @return string display name
*/ */
public function getDisplayName($uid) { public function getDisplayName($uid) {
$user = OC_DB::executeAudited( $query = \OC::$server->getDatabaseConnection()->getQueryBuilder();
'SELECT `displayname` FROM `*PREFIX*users_external`' $query->select('displayname')
. ' WHERE `uid` = ? AND `backend` = ?', ->from('users_external')
array($uid, $this->backend) ->where($query->expr()->eq('uid', $query->createNamedParameter($uid)))
)->fetchRow(); ->andWhere($query->expr()->eq('backend', $query->createNamedParameter($this->backend)));
$result = $query->execute();
$user = $result->fetch();
$result->closeCursor();
$displayName = trim($user['displayname'], ' '); $displayName = trim($user['displayname'], ' ');
if (!empty($displayName)) { if (!empty($displayName)) {
return $displayName; return $displayName;
@@ -74,21 +78,27 @@ abstract class Base extends \OC\User\Backend{
* @return array with all displayNames (value) and the corresponding uids (key) * @return array with all displayNames (value) and the corresponding uids (key)
*/ */
public function getDisplayNames($search = '', $limit = null, $offset = null) { public function getDisplayNames($search = '', $limit = null, $offset = null) {
$result = OC_DB::executeAudited(
array(
'sql' => 'SELECT `uid`, `displayname` FROM `*PREFIX*users_external`'
. ' WHERE (LOWER(`displayname`) LIKE LOWER(?) '
. ' OR LOWER(`uid`) LIKE LOWER(?)) AND `backend` = ?',
'limit' => $limit,
'offset' => $offset
),
array('%' . $search . '%', '%' . $search . '%', $this->backend)
);
$displayNames = array(); $connection = \OC::$server->getDatabaseConnection();
while ($row = $result->fetchRow()) { $query = $connection->getQueryBuilder();
$query->select('uid', 'displayname')
->from('users_external')
->where($query->expr()->iLike('displayname', $query->createNamedParameter('%' . $connection->escapeLikeParameter($search) . '%')))
->andWhere($query->expr()->iLike('uid', $query->createNamedParameter('%' . $connection->escapeLikeParameter($search) . '%')))
->andWhere($query->expr()->eq('backend', $query->createNamedParameter($this->backend)));
if ($limit) {
$query->setMaxResults($limit);
}
if ($offset) {
$query->setFirstResult($offset);
}
$result = $query->execute();
$displayNames = [];
while ($row = $result->fetch()) {
$displayNames[$row['uid']] = $row['displayname']; $displayNames[$row['uid']] = $row['displayname'];
} }
$result->closeCursor();
return $displayNames; return $displayNames;
} }
@@ -99,19 +109,26 @@ abstract class Base extends \OC\User\Backend{
* @return array with all uids * @return array with all uids
*/ */
public function getUsers($search = '', $limit = null, $offset = null) { public function getUsers($search = '', $limit = null, $offset = null) {
$result = OC_DB::executeAudited( $connection = \OC::$server->getDatabaseConnection();
array( $query = $connection->getQueryBuilder();
'sql' => 'SELECT `uid` FROM `*PREFIX*users_external`' $query->select('uid')
. ' WHERE LOWER(`uid`) LIKE LOWER(?) AND `backend` = ?', ->from('users_external')
'limit' => $limit, ->where($query->expr()->iLike('uid', $query->createNamedParameter($connection->escapeLikeParameter($search) . '%')))
'offset' => $offset ->andWhere($query->expr()->eq('backend', $query->createNamedParameter($this->backend)));
), if ($limit) {
array($search . '%', $this->backend) $query->setMaxResults($limit);
); }
$users = array(); if ($offset) {
while ($row = $result->fetchRow()) { $query->setFirstResult($offset);
}
$result = $query->execute();
$users = [];
while ($row = $result->fetch()) {
$users[] = $row['uid']; $users[] = $row['uid'];
} }
$result->closeCursor();
return $users; return $users;
} }
@@ -136,11 +153,14 @@ abstract class Base extends \OC\User\Backend{
if (!$this->userExists($uid)) { if (!$this->userExists($uid)) {
return false; return false;
} }
OC_DB::executeAudited(
'UPDATE `*PREFIX*users_external` SET `displayname` = ?' $query = \OC::$server->getDatabaseConnection()->getQueryBuilder();
. ' WHERE LOWER(`uid`) = ? AND `backend` = ?', $query->update('users_external')
array($displayName, $uid, $this->backend) ->set('displayname', $query->createNamedParameter($displayName))
); ->where($query->expr()->eq('uid', $query->createNamedParameter($uid)))
->andWhere($query->expr()->eq('backend', $query->createNamedParameter($this->backend)));
$query->execute();
return true; return true;
} }
@@ -154,11 +174,14 @@ abstract class Base extends \OC\User\Backend{
protected function storeUser($uid) protected function storeUser($uid)
{ {
if (!$this->userExists($uid)) { if (!$this->userExists($uid)) {
OC_DB::executeAudited(
'INSERT INTO `*PREFIX*users_external` ( `uid`, `backend` )' $query = \OC::$server->getDatabaseConnection()->getQueryBuilder();
. ' VALUES( ?, ? )', $query->insert('users_external')
array($uid, $this->backend) ->values([
); 'uid' => $query->createNamedParameter($uid),
'backend' => $query->createNamedParameter($this->backend),
]);
$query->execute();
} }
} }
@@ -170,11 +193,16 @@ abstract class Base extends \OC\User\Backend{
* @return boolean * @return boolean
*/ */
public function userExists($uid) { public function userExists($uid) {
$result = OC_DB::executeAudited( $connection = \OC::$server->getDatabaseConnection();
'SELECT COUNT(*) FROM `*PREFIX*users_external`' $query = $connection->getQueryBuilder();
. ' WHERE LOWER(`uid`) = LOWER(?) AND `backend` = ?', $query->select($query->func()->count('*', 'num_users'))
array($uid, $this->backend) ->from('users_external')
); ->where($query->expr()->iLike('uid', $query->createNamedParameter($connection->escapeLikeParameter($uid))))
return $result->fetchOne() > 0; ->andWhere($query->expr()->eq('backend', $query->createNamedParameter($this->backend)));
$result = $query->execute();
$users = $result->fetchColumn();
$result->closeCursor();
return $users > 0;
} }
} }

6
lib/ftp.php
View File

@@ -46,9 +46,9 @@ class OC_User_FTP extends \OCA\user_external\Base{
*/ */
public function checkPassword($uid, $password) { public function checkPassword($uid, $password) {
if (false === array_search($this->protocol, stream_get_wrappers())) { if (false === array_search($this->protocol, stream_get_wrappers())) {
OCP\Util::writeLog( OC::$server->getLogger()->error(
'user_external', 'ERROR: Stream wrapper not available: ' . $this->protocol,
'ERROR: Stream wrapper not available: ' . $this->protocol, OCP\Util::ERROR ['app' => 'user_external']
); );
return false; return false;
} }

48
lib/imap.php
View File

@@ -42,7 +42,7 @@ class OC_User_IMAP extends \OCA\user_external\Base {
*/ */
public function checkPassword($uid, $password) { public function checkPassword($uid, $password) {
if (!function_exists('imap_open')) { if (!function_exists('imap_open')) {
OCP\Util::writeLog('user_external', 'ERROR: PHP imap extension is not installed', OCP\Util::ERROR); OC::$server->getLogger()->error('ERROR: PHP imap extension is not installed', ['app' => 'user_external']);
return false; return false;
} }
@@ -52,44 +52,30 @@ class OC_User_IMAP extends \OCA\user_external\Base {
$uid = str_replace("%40","@",$uid); $uid = str_replace("%40","@",$uid);
} }
$result = OC_DB::executeAudited( if ($this->domain !== '') {
'SELECT `userid` FROM `*PREFIX*preferences` WHERE `appid`=? AND `configkey`=? AND `configvalue`=?', $pieces = explode('@', $uid);
array('settings','email',$uid) if (count($pieces) === 1) {
); $username = $uid . '@' . $this->domain;
} else if(count($pieces) === 2 && $pieces[1] === $this->domain) {
$users = array(); $username = $uid;
while ($row = $result->fetchRow()) { $uid = $pieces[0];
$users[] = $row['userid']; } else {
} return false;
}
if(count($users) === 1) { } else {
$username = $uid; $username = $uid;
$uid = $users[0];
// Check if we only want logins from ONE domain and strip the domain part from UID
}elseif($this->domain != '') {
$pieces = explode('@', $uid);
if(count($pieces) == 1) {
$username = $uid . "@" . $this->domain;
}elseif((count($pieces) == 2) and ($pieces[1] == $this->domain)) {
$username = $uid;
$uid = $pieces[0];
}else{
return false;
}
}else{
$username = $uid;
} }
$mbox = @imap_open($this->mailbox, $username, $password, OP_HALFOPEN, 1); $mbox = @imap_open($this->mailbox, $username, $password, OP_HALFOPEN, 1);
imap_errors(); imap_errors();
imap_alerts(); imap_alerts();
if($mbox !== FALSE) { if($mbox !== false) {
imap_close($mbox); imap_close($mbox);
$uid = mb_strtolower($uid); $uid = mb_strtolower($uid);
$this->storeUser($uid); $this->storeUser($uid);
return $uid; return $uid;
}else{
return false;
} }
return false;
} }
} }

15
lib/smb.php
View File

@@ -42,9 +42,9 @@ class OC_User_SMB extends \OCA\user_external\Base{
$command = self::SMBCLIENT.' '.escapeshellarg('//' . $this->host . '/dummy').' -U'.$uidEscaped.'%'.$password; $command = self::SMBCLIENT.' '.escapeshellarg('//' . $this->host . '/dummy').' -U'.$uidEscaped.'%'.$password;
$lastline = exec($command, $output, $retval); $lastline = exec($command, $output, $retval);
if ($retval === 127) { if ($retval === 127) {
OCP\Util::writeLog( OC::$server->getLogger()->error(
'user_external', 'ERROR: smbclient executable missing', 'ERROR: smbclient executable missing',
OCP\Util::ERROR ['app' => 'user_external']
); );
return false; return false;
} else if (strpos($lastline, self::LOGINERROR) !== false) { } else if (strpos($lastline, self::LOGINERROR) !== false) {
@@ -53,11 +53,11 @@ class OC_User_SMB extends \OCA\user_external\Base{
} else if (strpos($lastline, 'NT_STATUS_BAD_NETWORK_NAME') !== false) { } else if (strpos($lastline, 'NT_STATUS_BAD_NETWORK_NAME') !== false) {
//login on minor error //login on minor error
goto login; goto login;
} else if ($retval != 0) { } else if ($retval !== 0) {
//some other error //some other error
OCP\Util::writeLog( OC::$server->getLogger()->error(
'user_external', 'ERROR: smbclient error: ' . trim($lastline), 'ERROR: smbclient error: ' . trim($lastline),
OCP\Util::ERROR ['app' => 'user_external']
); );
return false; return false;
} else { } else {
@@ -91,4 +91,3 @@ class OC_User_SMB extends \OCA\user_external\Base{
return false; return false;
} }
} }

6
lib/webdavauth.php
View File

@@ -28,14 +28,14 @@ class WebDavAuth extends Base {
public function checkPassword($uid, $password) { public function checkPassword($uid, $password) {
$arr = explode('://', $this->webDavAuthUrl, 2); $arr = explode('://', $this->webDavAuthUrl, 2);
if( ! isset($arr) OR count($arr) !== 2) { if( ! isset($arr) OR count($arr) !== 2) {
\OCP\Util::writeLog('OC_USER_WEBDAVAUTH', 'Invalid Url: "'.$this->webDavAuthUrl.'" ', 3); OC::$server->getLogger()->error('ERROR: Invalid WebdavUrl: "'.$this->webDavAuthUrl.'" ', ['app' => 'user_external']);
return false; return false;
} }
list($protocol, $path) = $arr; list($protocol, $path) = $arr;
$url= $protocol.'://'.urlencode($uid).':'.urlencode($password).'@'.$path; $url= $protocol.'://'.urlencode($uid).':'.urlencode($password).'@'.$path;
$headers = get_headers($url); $headers = get_headers($url);
if($headers==false) { if($headers === false) {
\OCP\Util::writeLog('OC_USER_WEBDAVAUTH', 'Not possible to connect to WebDAV Url: "'.$protocol.'://'.$path.'" ', 3); OC::$server->getLogger()->error('ERROR: Not possible to connect to WebDAV Url: "'.$protocol.'://'.$path.'" ', ['app' => 'user_external']);
return false; return false;
} }