2010-07-15 08:09:22 -04:00
|
|
|
<?php
|
2019-12-03 13:57:53 -05:00
|
|
|
|
2018-03-22 07:19:26 -04:00
|
|
|
declare(strict_types=1);
|
2010-07-15 08:09:22 -04:00
|
|
|
/**
|
2024-05-23 03:26:56 -04:00
|
|
|
* SPDX-FileCopyrightText: 2016-2024 Nextcloud GmbH and Nextcloud contributors
|
|
|
|
|
* SPDX-FileCopyrightText: 2016 ownCloud, Inc.
|
|
|
|
|
* SPDX-License-Identifier: AGPL-3.0-only
|
2015-02-26 05:37:37 -05:00
|
|
|
*/
|
2016-05-04 02:34:39 -04:00
|
|
|
namespace OC\User;
|
|
|
|
|
|
2024-06-27 19:58:06 -04:00
|
|
|
use InvalidArgumentException;
|
2022-12-02 11:46:37 -05:00
|
|
|
use OCP\AppFramework\Db\TTransactional;
|
2022-06-29 09:34:06 -04:00
|
|
|
use OCP\Cache\CappedMemoryCache;
|
2019-11-19 13:18:00 -05:00
|
|
|
use OCP\EventDispatcher\IEventDispatcher;
|
2025-01-18 10:28:23 -05:00
|
|
|
use OCP\IConfig;
|
2018-04-04 10:45:56 -04:00
|
|
|
use OCP\IDBConnection;
|
2025-01-18 10:28:23 -05:00
|
|
|
use OCP\IUserManager;
|
2019-11-19 13:18:00 -05:00
|
|
|
use OCP\Security\Events\ValidatePasswordPolicyEvent;
|
2023-08-29 19:11:00 -04:00
|
|
|
use OCP\Security\IHasher;
|
2018-03-22 10:49:07 -04:00
|
|
|
use OCP\User\Backend\ABackend;
|
2018-03-22 07:19:26 -04:00
|
|
|
use OCP\User\Backend\ICheckPasswordBackend;
|
|
|
|
|
use OCP\User\Backend\ICreateUserBackend;
|
|
|
|
|
use OCP\User\Backend\IGetDisplayNameBackend;
|
|
|
|
|
use OCP\User\Backend\IGetHomeBackend;
|
2019-08-13 03:33:46 -04:00
|
|
|
use OCP\User\Backend\IGetRealUIDBackend;
|
2025-01-14 06:41:56 -05:00
|
|
|
use OCP\User\Backend\ILimitAwareCountUsersBackend;
|
2024-06-25 18:47:50 -04:00
|
|
|
use OCP\User\Backend\IPasswordHashBackend;
|
2021-03-17 04:02:37 -04:00
|
|
|
use OCP\User\Backend\ISearchKnownUsersBackend;
|
2018-03-22 07:19:26 -04:00
|
|
|
use OCP\User\Backend\ISetDisplayNameBackend;
|
|
|
|
|
use OCP\User\Backend\ISetPasswordBackend;
|
2016-05-03 03:29:22 -04:00
|
|
|
|
2015-02-26 05:37:37 -05:00
|
|
|
/**
|
|
|
|
|
* Class for user management in a SQL Database (e.g. MySQL, SQLite)
|
2010-07-15 08:09:22 -04:00
|
|
|
*/
|
2020-04-10 10:56:50 -04:00
|
|
|
class Database extends ABackend implements
|
|
|
|
|
ICreateUserBackend,
|
2022-10-25 04:20:09 -04:00
|
|
|
ISetPasswordBackend,
|
|
|
|
|
ISetDisplayNameBackend,
|
|
|
|
|
IGetDisplayNameBackend,
|
|
|
|
|
ICheckPasswordBackend,
|
|
|
|
|
IGetHomeBackend,
|
2025-01-14 06:41:56 -05:00
|
|
|
ILimitAwareCountUsersBackend,
|
2022-10-25 04:20:09 -04:00
|
|
|
ISearchKnownUsersBackend,
|
2024-06-25 18:47:50 -04:00
|
|
|
IGetRealUIDBackend,
|
|
|
|
|
IPasswordHashBackend {
|
2016-08-11 03:52:02 -04:00
|
|
|
|
2025-01-18 10:28:23 -05:00
|
|
|
private CappedMemoryCache $cache;
|
|
|
|
|
private IConfig $config;
|
|
|
|
|
private ?IDBConnection $dbConnection;
|
|
|
|
|
private IEventDispatcher $eventDispatcher;
|
|
|
|
|
private string $table;
|
2018-06-14 08:34:19 -04:00
|
|
|
|
2022-12-02 11:46:37 -05:00
|
|
|
use TTransactional;
|
|
|
|
|
|
2016-05-03 03:29:22 -04:00
|
|
|
/**
|
2016-08-14 13:41:00 -04:00
|
|
|
* \OC\User\Database constructor.
|
|
|
|
|
*
|
2019-11-19 13:18:00 -05:00
|
|
|
* @param IEventDispatcher $eventDispatcher
|
2018-06-14 08:34:19 -04:00
|
|
|
* @param string $table
|
2016-05-03 03:29:22 -04:00
|
|
|
*/
|
2018-06-14 08:34:19 -04:00
|
|
|
public function __construct($eventDispatcher = null, $table = 'users') {
|
2016-05-03 03:29:22 -04:00
|
|
|
$this->cache = new CappedMemoryCache();
|
2018-06-14 08:34:19 -04:00
|
|
|
$this->table = $table;
|
2024-09-15 15:50:11 -04:00
|
|
|
$this->eventDispatcher = $eventDispatcher ?? \OCP\Server::get(IEventDispatcher::class);
|
2025-01-18 10:28:23 -05:00
|
|
|
$this->config = \OCP\Server::get(IConfig::class);
|
|
|
|
|
$this->dbConnection = null;
|
2016-05-03 03:29:22 -04:00
|
|
|
}
|
2012-08-29 02:38:33 -04:00
|
|
|
|
2018-04-04 10:45:56 -04:00
|
|
|
/**
|
|
|
|
|
* FIXME: This function should not be required!
|
|
|
|
|
*/
|
2025-01-18 10:28:23 -05:00
|
|
|
private function getDbConnection() {
|
|
|
|
|
if ($this->dbConnection === null) {
|
|
|
|
|
$this->dbConnection = \OCP\Server::get(IDBConnection::class);
|
2018-04-04 10:45:56 -04:00
|
|
|
}
|
2025-01-18 10:28:23 -05:00
|
|
|
return $this->dbConnection;
|
2018-04-04 10:45:56 -04:00
|
|
|
}
|
|
|
|
|
|
2010-07-15 08:09:22 -04:00
|
|
|
/**
|
2014-05-19 11:50:53 -04:00
|
|
|
* Create a new user
|
2017-12-20 09:51:37 -05:00
|
|
|
*
|
2014-05-11 16:51:30 -04:00
|
|
|
* @param string $uid The username of the user to create
|
|
|
|
|
* @param string $password The password of the new user
|
|
|
|
|
* @return bool
|
2010-07-22 17:42:18 -04:00
|
|
|
*
|
2011-07-29 15:36:03 -04:00
|
|
|
* Creates a new user. Basic checking of username is done in OC_User
|
2011-04-18 05:39:29 -04:00
|
|
|
* itself, not in its subclasses.
|
2010-07-22 17:42:18 -04:00
|
|
|
*/
|
2018-03-22 07:19:26 -04:00
|
|
|
public function createUser(string $uid, string $password): bool {
|
2025-01-18 10:28:23 -05:00
|
|
|
if ($this->userExists($uid)) {
|
|
|
|
|
return false;
|
2010-07-15 13:56:13 -04:00
|
|
|
}
|
2014-03-06 16:34:43 -05:00
|
|
|
|
2025-01-18 10:28:23 -05:00
|
|
|
$this->eventDispatcher->dispatchTyped(new ValidatePasswordPolicyEvent($password));
|
|
|
|
|
|
|
|
|
|
$dbConn = $this->getDbConnection();
|
|
|
|
|
return $this->atomic(function () use ($uid, $password, $dbConn) {
|
|
|
|
|
$qb = $dbConn->getQueryBuilder();
|
|
|
|
|
$qb->insert($this->table)
|
|
|
|
|
->values([
|
|
|
|
|
'uid' => $qb->createNamedParameter($uid),
|
|
|
|
|
'password' => $qb->createNamedParameter(\OCP\Server::get(IHasher::class)->hash($password)),
|
|
|
|
|
'uid_lower' => $qb->createNamedParameter(mb_strtolower($uid)),
|
|
|
|
|
]);
|
|
|
|
|
|
|
|
|
|
$result = $qb->executeStatement();
|
|
|
|
|
|
|
|
|
|
// Clear cache
|
|
|
|
|
unset($this->cache[$uid]);
|
|
|
|
|
// Repopulate the cache
|
|
|
|
|
$this->loadUser($uid);
|
|
|
|
|
|
|
|
|
|
return (bool)$result;
|
|
|
|
|
}, $dbConn);
|
2010-07-21 11:53:51 -04:00
|
|
|
}
|
2010-07-22 17:42:18 -04:00
|
|
|
|
2011-04-16 19:04:23 -04:00
|
|
|
/**
|
2025-01-18 10:28:23 -05:00
|
|
|
* Deletes a user
|
2017-12-20 09:51:37 -05:00
|
|
|
*
|
2014-05-11 16:51:30 -04:00
|
|
|
* @param string $uid The username of the user to delete
|
|
|
|
|
* @return bool
|
2011-04-16 19:04:23 -04:00
|
|
|
*/
|
2013-12-11 10:22:26 -05:00
|
|
|
public function deleteUser($uid) {
|
2011-04-18 04:41:01 -04:00
|
|
|
// Delete user-group-relation
|
2025-01-18 10:28:23 -05:00
|
|
|
$dbConn = $this->getDbConnection();
|
|
|
|
|
$query = $dbConn->getQueryBuilder();
|
2018-06-14 08:34:19 -04:00
|
|
|
$query->delete($this->table)
|
2018-06-14 08:34:19 -04:00
|
|
|
->where($query->expr()->eq('uid_lower', $query->createNamedParameter(mb_strtolower($uid))));
|
2024-10-17 09:42:21 -04:00
|
|
|
$result = $query->executeStatement();
|
2014-03-09 07:22:47 -04:00
|
|
|
|
2014-03-11 11:58:10 -04:00
|
|
|
if (isset($this->cache[$uid])) {
|
2025-01-18 10:28:23 -05:00
|
|
|
// If the user logged in through email there is a second cache entry, also unset that.
|
|
|
|
|
$email = $this->cache[$uid]['email'] ?? null;
|
|
|
|
|
if ($email !== null) {
|
|
|
|
|
unset($this->cache[$email]);
|
|
|
|
|
}
|
|
|
|
|
// Unset the cache entry
|
2014-03-11 11:58:10 -04:00
|
|
|
unset($this->cache[$uid]);
|
2014-03-10 12:27:51 -04:00
|
|
|
}
|
|
|
|
|
|
2014-03-11 11:58:10 -04:00
|
|
|
return $result ? true : false;
|
2011-04-16 19:04:23 -04:00
|
|
|
}
|
|
|
|
|
|
2018-10-02 17:31:55 -04:00
|
|
|
private function updatePassword(string $uid, string $passwordHash): bool {
|
2025-01-18 10:28:23 -05:00
|
|
|
$dbConn = $this->getDbConnection();
|
|
|
|
|
$query = $dbConn->getQueryBuilder();
|
2018-10-02 17:31:55 -04:00
|
|
|
$query->update($this->table)
|
|
|
|
|
->set('password', $query->createNamedParameter($passwordHash))
|
|
|
|
|
->where($query->expr()->eq('uid_lower', $query->createNamedParameter(mb_strtolower($uid))));
|
2024-10-17 09:42:21 -04:00
|
|
|
$result = $query->executeStatement();
|
2018-10-02 17:31:55 -04:00
|
|
|
|
|
|
|
|
return $result ? true : false;
|
|
|
|
|
}
|
|
|
|
|
|
2010-07-15 08:09:22 -04:00
|
|
|
/**
|
2014-05-19 11:50:53 -04:00
|
|
|
* Set password
|
2017-12-20 09:51:37 -05:00
|
|
|
*
|
2014-05-11 16:51:30 -04:00
|
|
|
* @param string $uid The username
|
|
|
|
|
* @param string $password The new password
|
|
|
|
|
* @return bool
|
2010-07-22 17:42:18 -04:00
|
|
|
*
|
2011-04-18 04:41:01 -04:00
|
|
|
* Change the password of a user
|
2010-07-22 17:42:18 -04:00
|
|
|
*/
|
2018-03-22 07:19:26 -04:00
|
|
|
public function setPassword(string $uid, string $password): bool {
|
2025-01-18 10:28:23 -05:00
|
|
|
if (!$this->userExists($uid)) {
|
|
|
|
|
return false;
|
|
|
|
|
}
|
2018-06-14 08:34:19 -04:00
|
|
|
|
2025-01-18 10:28:23 -05:00
|
|
|
$this->eventDispatcher->dispatchTyped(new ValidatePasswordPolicyEvent($password));
|
2018-06-14 08:34:19 -04:00
|
|
|
|
2025-01-18 10:28:23 -05:00
|
|
|
$hasher = \OCP\Server::get(IHasher::class);
|
|
|
|
|
$hashedPassword = $hasher->hash($password);
|
2022-02-18 03:47:18 -05:00
|
|
|
|
2025-01-18 10:28:23 -05:00
|
|
|
$return = $this->updatePassword($uid, $hashedPassword);
|
2022-02-18 03:47:18 -05:00
|
|
|
|
2025-01-18 10:28:23 -05:00
|
|
|
if ($return) {
|
|
|
|
|
$this->cache[$uid]['password'] = $hashedPassword;
|
2011-04-18 09:07:14 -04:00
|
|
|
}
|
2014-03-07 02:46:34 -05:00
|
|
|
|
2025-01-18 10:28:23 -05:00
|
|
|
return $return;
|
2010-07-15 08:09:22 -04:00
|
|
|
}
|
2013-02-22 11:21:57 -05:00
|
|
|
|
2024-06-25 18:47:50 -04:00
|
|
|
public function getPasswordHash(string $userId): ?string {
|
|
|
|
|
if (!$this->userExists($userId)) {
|
|
|
|
|
return null;
|
|
|
|
|
}
|
2024-06-27 19:58:06 -04:00
|
|
|
if (!empty($this->cache[$userId]['password'])) {
|
|
|
|
|
return $this->cache[$userId]['password'];
|
|
|
|
|
}
|
2025-01-18 10:28:23 -05:00
|
|
|
|
|
|
|
|
$dbConn = $this->getDbConnection();
|
|
|
|
|
$qb = $dbConn->getQueryBuilder();
|
2024-06-25 18:47:50 -04:00
|
|
|
$qb->select('password')
|
|
|
|
|
->from($this->table)
|
|
|
|
|
->where($qb->expr()->eq('uid_lower', $qb->createNamedParameter(mb_strtolower($userId))));
|
|
|
|
|
/** @var false|string $hash */
|
|
|
|
|
$hash = $qb->executeQuery()->fetchOne();
|
|
|
|
|
if ($hash === false) {
|
|
|
|
|
return null;
|
|
|
|
|
}
|
2025-01-18 10:28:23 -05:00
|
|
|
|
2024-06-25 18:47:50 -04:00
|
|
|
$this->cache[$userId]['password'] = $hash;
|
|
|
|
|
return $hash;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
public function setPasswordHash(string $userId, string $passwordHash): bool {
|
2024-06-27 19:58:06 -04:00
|
|
|
if (!\OCP\Server::get(IHasher::class)->validate($passwordHash)) {
|
|
|
|
|
throw new InvalidArgumentException();
|
|
|
|
|
}
|
2025-01-18 10:28:23 -05:00
|
|
|
|
2024-06-25 18:47:50 -04:00
|
|
|
$result = $this->updatePassword($userId, $passwordHash);
|
|
|
|
|
if (!$result) {
|
|
|
|
|
return false;
|
|
|
|
|
}
|
2025-01-18 10:28:23 -05:00
|
|
|
|
2024-06-25 18:47:50 -04:00
|
|
|
$this->cache[$userId]['password'] = $passwordHash;
|
|
|
|
|
return true;
|
|
|
|
|
}
|
|
|
|
|
|
2013-02-11 16:01:52 -05:00
|
|
|
/**
|
2014-05-19 11:50:53 -04:00
|
|
|
* Set display name
|
2017-12-20 09:51:37 -05:00
|
|
|
*
|
2014-05-11 16:51:30 -04:00
|
|
|
* @param string $uid The username
|
|
|
|
|
* @param string $displayName The new display name
|
|
|
|
|
* @return bool
|
2013-02-11 16:01:52 -05:00
|
|
|
*
|
2022-08-19 16:02:57 -04:00
|
|
|
* @throws \InvalidArgumentException
|
|
|
|
|
*
|
2013-02-11 16:01:52 -05:00
|
|
|
* Change the display name of a user
|
2013-01-28 08:23:15 -05:00
|
|
|
*/
|
2018-03-22 07:19:26 -04:00
|
|
|
public function setDisplayName(string $uid, string $displayName): bool {
|
2022-06-28 14:03:15 -04:00
|
|
|
if (mb_strlen($displayName) > 64) {
|
2022-08-19 16:02:57 -04:00
|
|
|
throw new \InvalidArgumentException('Invalid displayname');
|
2022-06-28 14:03:15 -04:00
|
|
|
}
|
|
|
|
|
|
2025-01-18 10:28:23 -05:00
|
|
|
if (!$this->userExists($uid)) {
|
|
|
|
|
return false;
|
|
|
|
|
}
|
2018-06-14 08:34:19 -04:00
|
|
|
|
2025-01-18 10:28:23 -05:00
|
|
|
$dbConn = $this->getDbConnection();
|
|
|
|
|
$query = $dbConn->getQueryBuilder();
|
|
|
|
|
$query->update($this->table)
|
|
|
|
|
->set('displayname', $query->createNamedParameter($displayName))
|
|
|
|
|
->where($query->expr()->eq('uid_lower', $query->createNamedParameter(mb_strtolower($uid))));
|
|
|
|
|
$query->executeStatement();
|
2014-03-11 06:56:46 -04:00
|
|
|
|
2025-01-18 10:28:23 -05:00
|
|
|
$this->cache[$uid]['displayname'] = $displayName;
|
2014-03-06 16:34:43 -05:00
|
|
|
|
2025-01-18 10:28:23 -05:00
|
|
|
return true;
|
2013-01-28 08:23:15 -05:00
|
|
|
}
|
2010-07-19 12:52:49 -04:00
|
|
|
|
2013-02-11 16:01:52 -05:00
|
|
|
/**
|
2014-05-19 11:50:53 -04:00
|
|
|
* get display name of the user
|
2017-12-20 09:51:37 -05:00
|
|
|
*
|
2014-05-11 16:51:30 -04:00
|
|
|
* @param string $uid user ID of the user
|
2013-12-11 10:22:26 -05:00
|
|
|
* @return string display name
|
2013-02-11 16:01:52 -05:00
|
|
|
*/
|
2018-03-22 07:19:26 -04:00
|
|
|
public function getDisplayName($uid): string {
|
2018-04-24 08:23:50 -04:00
|
|
|
$uid = (string)$uid;
|
2014-03-06 11:57:09 -05:00
|
|
|
$this->loadUser($uid);
|
2014-03-11 06:56:46 -04:00
|
|
|
return empty($this->cache[$uid]['displayname']) ? $uid : $this->cache[$uid]['displayname'];
|
2013-01-28 09:07:31 -05:00
|
|
|
}
|
2013-02-22 11:21:57 -05:00
|
|
|
|
2013-02-11 16:01:52 -05:00
|
|
|
/**
|
|
|
|
|
* Get a list of all display names and user ids.
|
2015-06-27 14:35:47 -04:00
|
|
|
*
|
|
|
|
|
* @param string $search
|
2021-03-17 04:36:06 -04:00
|
|
|
* @param int|null $limit
|
|
|
|
|
* @param int|null $offset
|
2015-06-27 14:35:47 -04:00
|
|
|
* @return array an array of all displayNames (value) and the corresponding uids (key)
|
2013-02-11 16:01:52 -05:00
|
|
|
*/
|
2013-01-28 09:07:31 -05:00
|
|
|
public function getDisplayNames($search = '', $limit = null, $offset = null) {
|
2019-10-28 08:07:43 -04:00
|
|
|
$limit = $this->fixLimit($limit);
|
|
|
|
|
|
2025-01-18 10:28:23 -05:00
|
|
|
$dbConn = $this->getDbConnection();
|
|
|
|
|
$query = $dbConn->getQueryBuilder();
|
2017-12-20 09:51:37 -05:00
|
|
|
|
|
|
|
|
$query->select('uid', 'displayname')
|
2018-06-14 08:34:19 -04:00
|
|
|
->from($this->table, 'u')
|
2017-12-20 09:51:37 -05:00
|
|
|
->leftJoin('u', 'preferences', 'p', $query->expr()->andX(
|
2018-03-14 16:53:14 -04:00
|
|
|
$query->expr()->eq('userid', 'uid'),
|
|
|
|
|
$query->expr()->eq('appid', $query->expr()->literal('settings')),
|
|
|
|
|
$query->expr()->eq('configkey', $query->expr()->literal('email')))
|
2017-12-20 09:51:37 -05:00
|
|
|
)
|
|
|
|
|
// sqlite doesn't like re-using a single named parameter here
|
2025-01-18 10:28:23 -05:00
|
|
|
->where($query->expr()->iLike('uid', $query->createPositionalParameter('%' . $dbConn->escapeLikeParameter($search) . '%')))
|
|
|
|
|
->orWhere($query->expr()->iLike('displayname', $query->createPositionalParameter('%' . $dbConn->escapeLikeParameter($search) . '%')))
|
|
|
|
|
->orWhere($query->expr()->iLike('configvalue', $query->createPositionalParameter('%' . $dbConn->escapeLikeParameter($search) . '%')))
|
2017-12-20 09:51:37 -05:00
|
|
|
->orderBy($query->func()->lower('displayname'), 'ASC')
|
2021-03-17 04:02:37 -04:00
|
|
|
->addOrderBy('uid_lower', 'ASC')
|
|
|
|
|
->setMaxResults($limit)
|
|
|
|
|
->setFirstResult($offset);
|
|
|
|
|
|
2022-05-13 06:59:51 -04:00
|
|
|
$result = $query->executeQuery();
|
2021-03-17 04:02:37 -04:00
|
|
|
$displayNames = [];
|
|
|
|
|
while ($row = $result->fetch()) {
|
|
|
|
|
$displayNames[(string)$row['uid']] = (string)$row['displayname'];
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
return $displayNames;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/**
|
|
|
|
|
* @param string $searcher
|
|
|
|
|
* @param string $pattern
|
|
|
|
|
* @param int|null $limit
|
|
|
|
|
* @param int|null $offset
|
|
|
|
|
* @return array
|
|
|
|
|
* @since 21.0.1
|
|
|
|
|
*/
|
|
|
|
|
public function searchKnownUsersByDisplayName(string $searcher, string $pattern, ?int $limit = null, ?int $offset = null): array {
|
|
|
|
|
$limit = $this->fixLimit($limit);
|
|
|
|
|
|
2025-01-18 10:28:23 -05:00
|
|
|
$dbConn = $this->getDbConnection();
|
|
|
|
|
$query = $dbConn->getQueryBuilder();
|
2021-03-17 04:02:37 -04:00
|
|
|
|
|
|
|
|
$query->select('u.uid', 'u.displayname')
|
|
|
|
|
->from($this->table, 'u')
|
|
|
|
|
->leftJoin('u', 'known_users', 'k', $query->expr()->andX(
|
|
|
|
|
$query->expr()->eq('k.known_user', 'u.uid'),
|
|
|
|
|
$query->expr()->eq('k.known_to', $query->createNamedParameter($searcher))
|
|
|
|
|
))
|
|
|
|
|
->where($query->expr()->eq('k.known_to', $query->createNamedParameter($searcher)))
|
|
|
|
|
->andWhere($query->expr()->orX(
|
2025-01-18 10:28:23 -05:00
|
|
|
$query->expr()->iLike('u.uid', $query->createNamedParameter('%' . $dbConn->escapeLikeParameter($pattern) . '%')),
|
|
|
|
|
$query->expr()->iLike('u.displayname', $query->createNamedParameter('%' . $dbConn->escapeLikeParameter($pattern) . '%'))
|
2021-03-17 04:02:37 -04:00
|
|
|
))
|
|
|
|
|
->orderBy('u.displayname', 'ASC')
|
|
|
|
|
->addOrderBy('u.uid_lower', 'ASC')
|
2017-12-20 09:51:37 -05:00
|
|
|
->setMaxResults($limit)
|
|
|
|
|
->setFirstResult($offset);
|
2015-05-18 10:38:56 -04:00
|
|
|
|
2024-10-17 09:42:21 -04:00
|
|
|
$result = $query->executeQuery();
|
2017-12-20 09:51:37 -05:00
|
|
|
$displayNames = [];
|
|
|
|
|
while ($row = $result->fetch()) {
|
2018-04-24 06:48:52 -04:00
|
|
|
$displayNames[(string)$row['uid']] = (string)$row['displayname'];
|
2013-01-31 06:09:42 -05:00
|
|
|
}
|
2013-02-22 11:21:57 -05:00
|
|
|
|
2013-02-11 16:01:52 -05:00
|
|
|
return $displayNames;
|
2013-01-28 09:07:31 -05:00
|
|
|
}
|
2013-02-22 11:21:57 -05:00
|
|
|
|
2010-07-15 08:09:22 -04:00
|
|
|
/**
|
2014-05-19 11:50:53 -04:00
|
|
|
* Check if the password is correct
|
2017-12-20 09:51:37 -05:00
|
|
|
*
|
2025-01-18 10:28:23 -05:00
|
|
|
* @param string $loginName The login name
|
2014-05-11 16:51:30 -04:00
|
|
|
* @param string $password The password
|
2014-05-11 13:05:28 -04:00
|
|
|
* @return string
|
2010-07-22 17:42:18 -04:00
|
|
|
*
|
2011-04-18 04:41:01 -04:00
|
|
|
* Check if the password is correct without logging in the user
|
2012-05-16 18:57:43 -04:00
|
|
|
* returns the user id or false
|
2010-07-22 17:42:18 -04:00
|
|
|
*/
|
2020-08-19 11:54:00 -04:00
|
|
|
public function checkPassword(string $loginName, string $password) {
|
2022-02-16 11:56:49 -05:00
|
|
|
$found = $this->loadUser($loginName);
|
2018-04-04 10:45:56 -04:00
|
|
|
|
2022-02-16 11:56:49 -05:00
|
|
|
if ($found && is_array($this->cache[$loginName])) {
|
|
|
|
|
$storedHash = $this->cache[$loginName]['password'];
|
2014-11-06 09:42:06 -05:00
|
|
|
$newHash = '';
|
2024-10-17 09:42:21 -04:00
|
|
|
if (\OCP\Server::get(IHasher::class)->verify($password, $storedHash, $newHash)) {
|
2017-12-20 09:51:37 -05:00
|
|
|
if (!empty($newHash)) {
|
2020-08-19 11:54:00 -04:00
|
|
|
$this->updatePassword($loginName, $newHash);
|
2012-02-26 07:49:51 -05:00
|
|
|
}
|
2022-02-16 11:56:49 -05:00
|
|
|
return (string)$this->cache[$loginName]['uid'];
|
2012-02-26 07:49:51 -05:00
|
|
|
}
|
2010-07-15 08:09:22 -04:00
|
|
|
}
|
2014-03-06 11:57:09 -05:00
|
|
|
|
|
|
|
|
return false;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/**
|
2014-05-19 11:50:53 -04:00
|
|
|
* Load an user in the cache
|
2017-12-20 09:51:37 -05:00
|
|
|
*
|
2025-01-18 10:28:23 -05:00
|
|
|
* @param string $loginName the username or email
|
2017-02-15 12:14:29 -05:00
|
|
|
* @return boolean true if user was found, false otherwise
|
2014-03-06 11:57:09 -05:00
|
|
|
*/
|
2025-01-18 10:28:23 -05:00
|
|
|
private function loadUser(string $loginName, bool $tryEmail = true): bool {
|
|
|
|
|
if (isset($this->cache[$loginName])) {
|
|
|
|
|
return $this->cache[$loginName] !== false;
|
|
|
|
|
}
|
2018-04-04 10:45:56 -04:00
|
|
|
|
2025-01-18 10:28:23 -05:00
|
|
|
//guests $uid could be NULL or ''
|
|
|
|
|
if ($loginName === '') {
|
|
|
|
|
$this->cache[$loginName] = false;
|
|
|
|
|
return false;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
$dbConn = $this->getDbConnection();
|
|
|
|
|
$qb = $dbConn->getQueryBuilder();
|
|
|
|
|
$qb->select('uid', 'displayname', 'password')
|
|
|
|
|
->from($this->table)
|
|
|
|
|
->where(
|
|
|
|
|
$qb->expr()->eq(
|
|
|
|
|
'uid_lower', $qb->createNamedParameter(mb_strtolower($loginName))
|
|
|
|
|
)
|
|
|
|
|
);
|
|
|
|
|
$result = $qb->executeQuery();
|
|
|
|
|
$row = $result->fetch();
|
|
|
|
|
$result->closeCursor();
|
|
|
|
|
|
|
|
|
|
// "uid" is primary key, so there can only be a single result
|
|
|
|
|
if ($row !== false) {
|
|
|
|
|
$this->cache[$loginName] = [
|
|
|
|
|
'uid' => (string)$row['uid'],
|
|
|
|
|
'displayname' => (string)$row['displayname'],
|
|
|
|
|
'password' => (string)$row['password'],
|
|
|
|
|
];
|
|
|
|
|
return true;
|
|
|
|
|
}
|
2017-01-10 05:09:33 -05:00
|
|
|
|
2025-01-18 10:28:23 -05:00
|
|
|
// Not found by UID so we try also for email, load uid for email.
|
|
|
|
|
if ($tryEmail) {
|
|
|
|
|
/** @var string|null $uid Psalm does not get the type correct here */
|
|
|
|
|
[$uid] = [...$this->config->getUsersForUserValue('settings', 'email', mb_strtolower($loginName)), null];
|
|
|
|
|
|
|
|
|
|
// If found, try loading it
|
|
|
|
|
if ($uid !== null && $uid !== $loginName) {
|
|
|
|
|
$result = $this->loadUser($uid, false);
|
|
|
|
|
if ($result) {
|
|
|
|
|
// Also add cache result for the email
|
|
|
|
|
$this->cache[$loginName] = $this->cache[$uid];
|
|
|
|
|
// Set a reference to the uid cache entry for also delete email entry on user delete
|
|
|
|
|
$this->cache[$uid]['email'] = $loginName;
|
|
|
|
|
return true;
|
|
|
|
|
}
|
2012-02-26 07:49:51 -05:00
|
|
|
}
|
2010-07-15 08:09:22 -04:00
|
|
|
}
|
2014-03-06 11:57:09 -05:00
|
|
|
|
2025-01-18 10:28:23 -05:00
|
|
|
// Not found by uid nor email, so cache as not existing
|
|
|
|
|
$this->cache[$loginName] = false;
|
|
|
|
|
return false;
|
2010-07-15 08:09:22 -04:00
|
|
|
}
|
|
|
|
|
|
2010-09-12 11:04:52 -04:00
|
|
|
/**
|
2014-05-19 11:50:53 -04:00
|
|
|
* Get a list of all users
|
2010-09-12 11:04:52 -04:00
|
|
|
*
|
2015-06-27 14:35:47 -04:00
|
|
|
* @param string $search
|
|
|
|
|
* @param null|int $limit
|
|
|
|
|
* @param null|int $offset
|
|
|
|
|
* @return string[] an array of all uids
|
2010-09-12 11:04:52 -04:00
|
|
|
*/
|
2012-08-24 18:05:07 -04:00
|
|
|
public function getUsers($search = '', $limit = null, $offset = null) {
|
2019-10-28 08:07:43 -04:00
|
|
|
$limit = $this->fixLimit($limit);
|
|
|
|
|
|
2017-12-20 09:51:37 -05:00
|
|
|
$users = $this->getDisplayNames($search, $limit, $offset);
|
2018-04-24 08:23:50 -04:00
|
|
|
$userIds = array_map(function ($uid) {
|
|
|
|
|
return (string)$uid;
|
|
|
|
|
}, array_keys($users));
|
2017-12-20 09:51:37 -05:00
|
|
|
sort($userIds, SORT_STRING | SORT_FLAG_CASE);
|
|
|
|
|
return $userIds;
|
2010-09-12 11:04:52 -04:00
|
|
|
}
|
2011-06-21 13:28:46 -04:00
|
|
|
|
|
|
|
|
/**
|
2014-05-19 11:50:53 -04:00
|
|
|
* check if a user exists
|
2017-12-20 09:51:37 -05:00
|
|
|
*
|
2011-06-21 13:28:46 -04:00
|
|
|
* @param string $uid the username
|
|
|
|
|
* @return boolean
|
|
|
|
|
*/
|
2012-09-07 09:22:01 -04:00
|
|
|
public function userExists($uid) {
|
2025-01-18 10:28:23 -05:00
|
|
|
return $this->loadUser($uid);
|
2011-06-21 13:28:46 -04:00
|
|
|
}
|
2012-08-26 10:24:25 -04:00
|
|
|
|
|
|
|
|
/**
|
2014-05-19 11:50:53 -04:00
|
|
|
* get the user's home directory
|
2017-12-20 09:51:37 -05:00
|
|
|
*
|
2013-12-11 10:22:26 -05:00
|
|
|
* @param string $uid the username
|
2014-02-06 10:30:58 -05:00
|
|
|
* @return string|false
|
2013-12-11 10:22:26 -05:00
|
|
|
*/
|
2018-03-22 07:19:26 -04:00
|
|
|
public function getHome(string $uid) {
|
2013-12-11 10:22:26 -05:00
|
|
|
if ($this->userExists($uid)) {
|
2025-01-18 10:28:23 -05:00
|
|
|
return $this->config->getSystemValueString('datadirectory', \OC::$SERVERROOT . '/data') . '/' . $uid;
|
2012-08-26 10:24:25 -04:00
|
|
|
}
|
2014-03-06 11:57:09 -05:00
|
|
|
|
|
|
|
|
return false;
|
2012-08-26 10:24:25 -04:00
|
|
|
}
|
2013-02-11 16:01:52 -05:00
|
|
|
|
|
|
|
|
/**
|
|
|
|
|
* @return bool
|
|
|
|
|
*/
|
|
|
|
|
public function hasUserListings() {
|
|
|
|
|
return true;
|
|
|
|
|
}
|
|
|
|
|
|
2014-01-07 17:05:37 -05:00
|
|
|
/**
|
|
|
|
|
* counts the users in the database
|
|
|
|
|
*/
|
2025-01-14 06:41:56 -05:00
|
|
|
public function countUsers(int $limit = 0): int|false {
|
2025-01-18 10:28:23 -05:00
|
|
|
$dbConn = $this->getDbConnection();
|
|
|
|
|
$query = $dbConn->getQueryBuilder();
|
2018-06-14 08:34:19 -04:00
|
|
|
$query->select($query->func()->count('uid'))
|
2018-06-14 08:34:19 -04:00
|
|
|
->from($this->table);
|
2025-03-14 11:08:02 -04:00
|
|
|
$result = $query->executeQuery()->fetchOne();
|
|
|
|
|
if ($result === false) {
|
|
|
|
|
return false;
|
|
|
|
|
}
|
2018-06-14 08:34:19 -04:00
|
|
|
|
2025-03-14 11:08:02 -04:00
|
|
|
return (int)$result;
|
2014-01-07 17:05:37 -05:00
|
|
|
}
|
|
|
|
|
|
2015-10-05 05:50:36 -04:00
|
|
|
/**
|
|
|
|
|
* returns the username for the given login name in the correct casing
|
|
|
|
|
*
|
|
|
|
|
* @param string $loginName
|
|
|
|
|
* @return string|false
|
|
|
|
|
*/
|
|
|
|
|
public function loginName2UserName($loginName) {
|
|
|
|
|
if ($this->userExists($loginName)) {
|
|
|
|
|
return $this->cache[$loginName]['uid'];
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
return false;
|
|
|
|
|
}
|
|
|
|
|
|
2014-12-12 11:25:03 -05:00
|
|
|
/**
|
|
|
|
|
* Backend name to be shown in user management
|
2017-12-20 09:51:37 -05:00
|
|
|
*
|
2014-12-12 11:25:03 -05:00
|
|
|
* @return string the name of the backend to be shown
|
|
|
|
|
*/
|
2017-12-20 09:51:37 -05:00
|
|
|
public function getBackendName() {
|
2014-12-12 11:25:03 -05:00
|
|
|
return 'Database';
|
|
|
|
|
}
|
|
|
|
|
|
2015-10-05 05:50:36 -04:00
|
|
|
public static function preLoginNameUsedAsUserName($param) {
|
2017-12-20 09:51:37 -05:00
|
|
|
if (!isset($param['uid'])) {
|
2015-10-05 05:50:36 -04:00
|
|
|
throw new \Exception('key uid is expected to be set in $param');
|
|
|
|
|
}
|
|
|
|
|
|
2025-01-18 10:28:23 -05:00
|
|
|
$backends = \OCP\Server::get(IUserManager::class)->getBackends();
|
2015-10-05 05:50:36 -04:00
|
|
|
foreach ($backends as $backend) {
|
2016-08-11 03:52:02 -04:00
|
|
|
if ($backend instanceof Database) {
|
2016-05-04 02:34:39 -04:00
|
|
|
/** @var \OC\User\Database $backend */
|
2015-10-05 05:50:36 -04:00
|
|
|
$uid = $backend->loginName2UserName($param['uid']);
|
|
|
|
|
if ($uid !== false) {
|
|
|
|
|
$param['uid'] = $uid;
|
|
|
|
|
return;
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
}
|
2019-08-13 03:33:46 -04:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
public function getRealUID(string $uid): string {
|
|
|
|
|
if (!$this->userExists($uid)) {
|
|
|
|
|
throw new \RuntimeException($uid . ' does not exist');
|
|
|
|
|
}
|
2015-10-05 05:50:36 -04:00
|
|
|
|
2019-08-13 03:33:46 -04:00
|
|
|
return $this->cache[$uid]['uid'];
|
2015-10-05 05:50:36 -04:00
|
|
|
}
|
2019-08-13 03:33:46 -04:00
|
|
|
|
2019-10-28 08:07:43 -04:00
|
|
|
private function fixLimit($limit) {
|
|
|
|
|
if (is_int($limit) && $limit >= 0) {
|
|
|
|
|
return $limit;
|
|
|
|
|
}
|
2019-08-13 03:33:46 -04:00
|
|
|
|
2019-10-28 08:07:43 -04:00
|
|
|
return null;
|
|
|
|
|
}
|
2010-07-15 13:56:13 -04:00
|
|
|
}
|
