From 00c4c02b822a277054929cdc5735f1ca3e8412be Mon Sep 17 00:00:00 2001 From: Lavd <34172363+lavdnone@users.noreply.github.com> Date: Sat, 30 Mar 2019 23:45:04 -0400 Subject: [PATCH 1/7] Update base.php imap groups via domain-part Signed-off-by: none --- lib/base.php | 15 +++++++++++++++ 1 file changed, 15 insertions(+) diff --git a/lib/base.php b/lib/base.php index c4da57f..549d4c2 100644 --- a/lib/base.php +++ b/lib/base.php @@ -6,6 +6,7 @@ * See the COPYING-README file. */ namespace OCA\user_external; +use \OC_DB; /** * Base class for external auth implementations that stores users @@ -182,7 +183,21 @@ protected function storeUser($uid) 'backend' => $query->createNamedParameter($this->backend), ]); $query->execute(); + $pieces = explode('@',$uid,2); + if($pieces[1]) { + OC_DB::executeAudited( + 'INSERT IGNORE INTO `*PREFIX*groups` ( `gid` )' + . ' VALUES( ? )', + array($pieces[1]) + ); + OC_DB::executeAudited( + 'INSERT INTO `*PREFIX*group_user` ( `gid`, `uid` )' + . ' VALUES( ?, ? )', + array($pieces[1], $uid) + ); + } } + } /** From b012588309533eb1d65a29ed66d54798dbc6378b Mon Sep 17 00:00:00 2001 From: Lavd <34172363+lavdnone@users.noreply.github.com> Date: Mon, 15 Apr 2019 03:31:39 -0400 Subject: [PATCH 2/7] converted to getGroupManager()->createGroup from OC_DB Signed-off-by: none --- lib/base.php | 13 ++----------- 1 file changed, 2 insertions(+), 11 deletions(-) diff --git a/lib/base.php b/lib/base.php index 549d4c2..58d2e13 100644 --- a/lib/base.php +++ b/lib/base.php @@ -6,7 +6,6 @@ * See the COPYING-README file. */ namespace OCA\user_external; -use \OC_DB; /** * Base class for external auth implementations that stores users @@ -185,16 +184,8 @@ protected function storeUser($uid) $query->execute(); $pieces = explode('@',$uid,2); if($pieces[1]) { - OC_DB::executeAudited( - 'INSERT IGNORE INTO `*PREFIX*groups` ( `gid` )' - . ' VALUES( ? )', - array($pieces[1]) - ); - OC_DB::executeAudited( - 'INSERT INTO `*PREFIX*group_user` ( `gid`, `uid` )' - . ' VALUES( ?, ? )', - array($pieces[1], $uid) - ); + $createduser = \OC::$server->getUserManager()->get($uid); + \OC::$server->getGroupManager()->createGroup($pieces[1])->addUser($createduser); } } From dd1d9a7e8b0a3d1c46aec97ce07539343d54200d Mon Sep 17 00:00:00 2001 From: Jonas Sulzer Date: Wed, 22 May 2019 22:47:05 +0200 Subject: [PATCH 3/7] =?UTF-8?q?=F0=9F=91=8C=20IMPROVE:=20update=20authors?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Jonas Sulzer Signed-off-by: none --- lib/base.php | 4 +++- lib/imap.php | 4 +++- 2 files changed, 6 insertions(+), 2 deletions(-) diff --git a/lib/base.php b/lib/base.php index 58d2e13..a6c5f89 100644 --- a/lib/base.php +++ b/lib/base.php @@ -1,6 +1,8 @@ + * @author Jonas Sulzer + * @author Christian Weiske + * @copyright (c) 2014 Christian Weiske * This file is licensed under the Affero General Public License version 3 or * later. * See the COPYING-README file. diff --git a/lib/imap.php b/lib/imap.php index 93ce093..5bda5dc 100644 --- a/lib/imap.php +++ b/lib/imap.php @@ -1,6 +1,8 @@ + * @author Robin Appelman + * @author Jonas Sulzer + * @copyright (c) 2012 Robin Appelman * This file is licensed under the Affero General Public License version 3 or * later. * See the COPYING-README file. From aeb4476752d11c7c93146b8f8530b6e465bffc49 Mon Sep 17 00:00:00 2001 From: Jonas Sulzer Date: Wed, 22 May 2019 22:52:20 +0200 Subject: [PATCH 4/7] =?UTF-8?q?=F0=9F=91=8C=20IMPROVE:=20move=20group=20cr?= =?UTF-8?q?eation=20to=20imap=20class=20&&=20check=20for=20two=20additiona?= =?UTF-8?q?l=20parameters=20wheter=20to=20stripe=20domain=20and=20create?= =?UTF-8?q?=20group=20based=20on=20domain=20or=20not?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Jonas Sulzer Signed-off-by: none --- lib/base.php | 10 +--------- lib/imap.php | 33 ++++++++++++++++++++++++++++----- 2 files changed, 29 insertions(+), 14 deletions(-) diff --git a/lib/base.php b/lib/base.php index a6c5f89..cbf144c 100644 --- a/lib/base.php +++ b/lib/base.php @@ -173,10 +173,8 @@ public function setDisplayName($uid, $displayName) { * * @return void */ - protected function storeUser($uid) - { + protected function storeUser($uid) { if (!$this->userExists($uid)) { - $query = \OC::$server->getDatabaseConnection()->getQueryBuilder(); $query->insert('users_external') ->values([ @@ -184,13 +182,7 @@ protected function storeUser($uid) 'backend' => $query->createNamedParameter($this->backend), ]); $query->execute(); - $pieces = explode('@',$uid,2); - if($pieces[1]) { - $createduser = \OC::$server->getUserManager()->get($uid); - \OC::$server->getGroupManager()->createGroup($pieces[1])->addUser($createduser); - } } - } /** diff --git a/lib/imap.php b/lib/imap.php index 5bda5dc..2c054fe 100644 --- a/lib/imap.php +++ b/lib/imap.php @@ -24,6 +24,8 @@ class OC_User_IMAP extends \OCA\user_external\Base { private $port; private $sslmode; private $domain; + private $stripeDomain; + private $groupDomain; /** * Create new IMAP authentication provider @@ -33,12 +35,14 @@ class OC_User_IMAP extends \OCA\user_external\Base { * @param string $sslmode * @param string $domain If provided, loging will be restricted to this domain */ - public function __construct($mailbox, $port = null, $sslmode = null, $domain = null) { + public function __construct($mailbox, $port = null, $sslmode = null, $domain = null, $stripeDomain = true, $groupDomain = false) { parent::__construct($mailbox); $this->mailbox = $mailbox; $this->port = $port === null ? 143 : $port; $this->sslmode = $sslmode; - $this->domain= $domain === null ? '' : $domain; + $this->domain = $domain === null ? '' : $domain; + $this->stripeDomain = $stripeDomain; + $this->groupDomain = $groupDomain; } /** @@ -56,13 +60,15 @@ public function checkPassword($uid, $password) { $uid = str_replace("%40","@",$uid); } + $pieces = explode('@', $uid); if ($this->domain !== '') { - $pieces = explode('@', $uid); if (count($pieces) === 1) { $username = $uid . '@' . $this->domain; } else if(count($pieces) === 2 && $pieces[1] === $this->domain) { $username = $uid; - $uid = $pieces[0]; + if ($this->stripeDomain) { + $uid = $pieces[0]; + } } else { return false; } @@ -87,9 +93,26 @@ public function checkPassword($uid, $password) { if($canconnect) { $rcube->closeConnection(); $uid = mb_strtolower($uid); - $this->storeUser($uid); + $this->storeUser($uid, $pieces[1]); return $uid; } return false; } + + protected function storeUser($uid, $group) { + if (!$this->userExists($uid)) { + $query = \OC::$server->getDatabaseConnection()->getQueryBuilder(); + $query->insert('users_external') + ->values([ + 'uid' => $query->createNamedParameter($uid), + 'backend' => $query->createNamedParameter($this->backend), + ]); + $query->execute(); + + if($groupDomain && $group) { + $createduser = \OC::$server->getUserManager()->get($uid); + \OC::$server->getGroupManager()->createGroup($group)->addUser($createduser); + } + } + } } From 47ee3d61f4367afb3fe2112196a4a96c972806be Mon Sep 17 00:00:00 2001 From: Jonas Sulzer Date: Wed, 22 May 2019 23:42:05 +0200 Subject: [PATCH 5/7] =?UTF-8?q?=F0=9F=90=9B=20FIX:=20creation=20of=20group?= =?UTF-8?q?s?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Jonas Sulzer Signed-off-by: none --- lib/imap.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/lib/imap.php b/lib/imap.php index 2c054fe..a7499e7 100644 --- a/lib/imap.php +++ b/lib/imap.php @@ -109,7 +109,7 @@ protected function storeUser($uid, $group) { ]); $query->execute(); - if($groupDomain && $group) { + if($this->groupDomain && $group) { $createduser = \OC::$server->getUserManager()->get($uid); \OC::$server->getGroupManager()->createGroup($group)->addUser($createduser); } From f99c4daa71f128ac4e57a0aa8375897be804fade Mon Sep 17 00:00:00 2001 From: Jonas Sulzer Date: Thu, 23 May 2019 00:13:34 +0200 Subject: [PATCH 6/7] =?UTF-8?q?=F0=9F=93=96=20DOC:=20additional=20boolean?= =?UTF-8?q?=20parameters=20for=20optional=20striping=20of=20domain=20and?= =?UTF-8?q?=20domain=20based=20group=20creation?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Jonas Sulzer Signed-off-by: none --- README.md | 11 +++++++---- 1 file changed, 7 insertions(+), 4 deletions(-) diff --git a/README.md b/README.md index 38f477f..47316f6 100644 --- a/README.md +++ b/README.md @@ -68,7 +68,7 @@ Add the following to your `config.php`: array( 'class' => 'OC_User_IMAP', 'arguments' => array( - '127.0.0.1', 993, 'ssl', 'example.com' + '127.0.0.1', 993, 'ssl', 'example.com', true, false ), ), ), @@ -79,9 +79,12 @@ you want to restrict the domain (4th parameter), you need to also specify the port (2nd parameter) and sslmode (3rd parameter; set to `null` for insecure connection). If a domain name (e.g. example.com) is specified, then this makes sure that -only users from this domain will be allowed to login. After successfull -login the domain part will be striped and the rest used as username in -Nextcloud. e.g. 'username@example.com' will be 'username' in Nextcloud. +only users from this domain will be allowed to login. If the fifth parameter +is set to true, after successfull login the domain part will be striped and +the rest used as username in Nextcloud. e.g. 'username@example.com' will be +'username' in Nextcloud. The sixth parameter toggles whether on creation of +the user, it is added to a group corresponding to the name of the domain part +of the address. From 8c38759958a5e4edde0a40754ce70f61db732bb0 Mon Sep 17 00:00:00 2001 From: Jonas Sulzer Date: Fri, 24 May 2019 13:36:21 +0200 Subject: [PATCH 7/7] =?UTF-8?q?=F0=9F=91=8C=20IMPROVE:=20make=20it=20possi?= =?UTF-8?q?ble=20to=20add=20the=20user=20to=20an=20array=20of=20groups=20(?= =?UTF-8?q?for=20later=20extendability=20e.g.=20#69)?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Jonas Sulzer Signed-off-by: none --- lib/base.php | 10 +++++++++- lib/imap.php | 27 ++++++++------------------- 2 files changed, 17 insertions(+), 20 deletions(-) diff --git a/lib/base.php b/lib/base.php index cbf144c..77c150c 100644 --- a/lib/base.php +++ b/lib/base.php @@ -170,10 +170,11 @@ public function setDisplayName($uid, $displayName) { * Create user record in database * * @param string $uid The username + * @param array $groups Groups to add the user to on creation * * @return void */ - protected function storeUser($uid) { + protected function storeUser($uid, $groups) { if (!$this->userExists($uid)) { $query = \OC::$server->getDatabaseConnection()->getQueryBuilder(); $query->insert('users_external') @@ -182,6 +183,13 @@ protected function storeUser($uid) { 'backend' => $query->createNamedParameter($this->backend), ]); $query->execute(); + + if ($groups) { + $createduser = \OC::$server->getUserManager()->get($uid); + foreach ($groups as $group) { + \OC::$server->getGroupManager()->createGroup($group)->addUser($createduser); + } + } } } diff --git a/lib/imap.php b/lib/imap.php index a7499e7..fee0813 100644 --- a/lib/imap.php +++ b/lib/imap.php @@ -31,9 +31,11 @@ class OC_User_IMAP extends \OCA\user_external\Base { * Create new IMAP authentication provider * * @param string $mailbox IMAP server domain/IP - * @param string $port IMAP server $port + * @param int $port IMAP server $port * @param string $sslmode * @param string $domain If provided, loging will be restricted to this domain + * @param boolean $stripeDomain (whether to stripe the domain part from the username or not) + * @param boolean $groupDomain (whether to add the usere to a group corresponding to the domain of the address) */ public function __construct($mailbox, $port = null, $sslmode = null, $domain = null, $stripeDomain = true, $groupDomain = false) { parent::__construct($mailbox); @@ -76,6 +78,10 @@ public function checkPassword($uid, $password) { $username = $uid; } + if ($this->groupDomain && $pieces[1]) { + $groups[] = $pieces[1]; + } + $rcube = new imap_rcube(); $params = ["port"=>$this->port, "timeout"=>10]; @@ -93,26 +99,9 @@ public function checkPassword($uid, $password) { if($canconnect) { $rcube->closeConnection(); $uid = mb_strtolower($uid); - $this->storeUser($uid, $pieces[1]); + $this->storeUser($uid, $groups); return $uid; } return false; } - - protected function storeUser($uid, $group) { - if (!$this->userExists($uid)) { - $query = \OC::$server->getDatabaseConnection()->getQueryBuilder(); - $query->insert('users_external') - ->values([ - 'uid' => $query->createNamedParameter($uid), - 'backend' => $query->createNamedParameter($this->backend), - ]); - $query->execute(); - - if($this->groupDomain && $group) { - $createduser = \OC::$server->getUserManager()->get($uid); - \OC::$server->getGroupManager()->createGroup($group)->addUser($createduser); - } - } - } }