upstream/nextcloud
1
0
Fork 0
mirror of https://github.com/nextcloud/server.git synced 2026-04-21 06:08:46 -04:00
Code Issues Projects Releases Packages Wiki Activity Actions 14
nextcloud/apps/user_ldap/command/checkuser.php
Arthur Schiwon 4fa39250e7 LDAP User Cleanup: Port from stable7 without further adjustements 
LDAP User Cleanup

background job for user clean up

adjust user backend for clean up

register background job

remove dead code

dependency injection

make Helper non-static for proper testing

check whether it is OK to run clean up job. Do not forget to pass arguments.

use correct method to get the config from server

methods can be private, proper indirect testing is given

no automatic user deletion

make limit readable for test purposes

make method less complex

add first tests

let preferences accept limit and offset for getUsersForValue

DI via constructor does not work for background jobs

after detecting, now we have retrieving deleted users and their details

we need this method to be public for now

finalize export method, add missing getter

clean up namespaces and get rid of unnecessary files

helper is not static anymore

cleanup according to scrutinizer

add cli tool to show deleted users

uses are necessary after recent namespace change

also remove user from mappings table on deletion

add occ command to delete users

fix use statement

improve output

big fixes / improvements

PHP doc

return true in userExists early for cleaning up deleted users

bump version

control state and interval with one config.php setting, now ldapUserCleanupInterval. 0 will disable it. enabled by default.

improve doc

rename cli method to be consistent with  others

introduce ldapUserCleanupInterval in sample config

don't show last login as unix epoche start when no  login happend

less log output

consistent namespace for OfflineUser

rename GarbageCollector to DeletedUsersIndex and move it to user subdir

fix unit tests

add tests for deleteUser

more test adjustements

Conflicts:
	apps/user_ldap/ajax/clearMappings.php
	apps/user_ldap/appinfo/app.php
	apps/user_ldap/lib/access.php
	apps/user_ldap/lib/helper.php
	apps/user_ldap/tests/helper.php
	core/register_command.php
	lib/private/preferences.php
	lib/private/user.php

add ldap:check-user to check user existance on the fly

Conflicts:
	apps/user_ldap/lib/helper.php

forgotten file

PHPdoc fixes, no code change

and don't forget to adjust tests
2014-12-19 19:47:54 +01:00

129 lines
3.4 KiB
PHP
Raw Blame History

<?php
/**
* Copyright (c) 2014 Arthur Schiwon <blizzz@owncloud.com>
* This file is licensed under the Affero General Public License version 3 or
* later.
* See the COPYING-README file.
*/
namespace OCA\user_ldap\Command;
use Symfony\Component\Console\Command\Command;
use Symfony\Component\Console\Input\InputArgument;
use Symfony\Component\Console\Input\InputInterface;
use Symfony\Component\Console\Input\InputOption;
use Symfony\Component\Console\Output\OutputInterface;
use OCA\user_ldap\lib\user\User;
use OCA\User_LDAP\lib\user\Manager;
use OCA\user_ldap\lib\Helper;
use OCA\user_ldap\User_Proxy;
class CheckUser extends Command {
/** @var \OCA\user_ldap\User_Proxy */
protected $backend;
/** @var \OCA\User_LDAP\lib\Helper */
protected $helper;
/** @var \OCP\IConfig */
protected $config;
/**
* @param OCA\user_ldap\User_Proxy $uBackend
* @param OCA\User_LDAP\lib\Helper $helper
* @param OCP\IConfig $config
*/
public function __construct(User_Proxy $uBackend, Helper $helper, \OCP\IConfig $config) {
$this->backend = $uBackend;
$this->helper = $helper;
$this->config = $config;
parent::__construct();
}
protected function configure() {
$this
->setName('ldap:check-user')
->setDescription('checks whether a user exists on LDAP.')
->addArgument(
'ocName',
InputArgument::REQUIRED,
'the user name as used in ownCloud'
)
->addOption(
'force',
null,
InputOption::VALUE_NONE,
'ignores disabled LDAP configuration'
)
;
}
protected function execute(InputInterface $input, OutputInterface $output) {
try {
$uid = $input->getArgument('ocName');
$this->isAllowed($input->getOption('force'));
$this->confirmUserIsMapped($uid);
$exists = $this->backend->userExistsOnLDAP($uid);
if($exists === true) {
$output->writeln('The user is still available on LDAP.');
return;
}
// TODO FIXME consolidate next line in DeletedUsersIndex
// (impractical now, because of class dependencies)
$this->config->setUserValue($uid, 'user_ldap', 'isDeleted', '1');
$output->writeln('The user does not exists on LDAP anymore.');
$output->writeln('Clean up the user\'s remnants by: ./occ user:delete "'
. $uid . '"');
} catch (\Exception $e) {
$output->writeln('<error>' . $e->getMessage(). '</error>');
}
}
/**
* checks whether a user is actually mapped
* @param string $ocName the username as used in ownCloud
* @throws \Exception
* @return bool
*/
protected function confirmUserIsMapped($ocName) {
//TODO FIXME this should go to Mappings in OC 8
$db = \OC::$server->getDatabaseConnection();
$query = $db->prepare('
SELECT
`ldap_dn` AS `dn`
FROM `*PREFIX*ldap_user_mapping`
WHERE `owncloud_name` = ?'
);
$query->execute(array($ocName));
$result = $query->fetchColumn();
if($result === false) {
throw new \Exception('The given user is not a recognized LDAP user.');
}
return true;
}
/**
* checks whether the setup allows reliable checking of LDAP user existance
* @throws \Exception
* @return bool
*/
protected function isAllowed($force) {
if($this->helper->haveDisabledConfigurations() && !$force) {
throw new \Exception('Cannot check user existance, because '
. 'disabled LDAP configurations are present.');
}
// we don't check ldapUserCleanupInterval from config.php because this
// action is triggered manually, while the setting only controls the
// background job.
return true;
}
}
Reference in a new issue View git blame Copy permalink