open-dsi
/
nextcloud-server
mirror of https://github.com/nextcloud/server
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

Use Psr\Log\LoggerInterface where it can easily be used in user_ldap

Browse Source 
Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>
pull/29315/head
Côme Chilliet 5 years ago committed by backportbot[bot]
parent c256c9be19
commit 573a6eadcf
5 changed files with 136 additions and 78 deletions
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Show Stats Download Patch File Download Diff File
  1. 70
      apps/user_ldap/lib/Connection.php
  2. 6
      apps/user_ldap/lib/Group_LDAP.php
  3. 46
      apps/user_ldap/lib/Jobs/UpdateGroups.php
  4. 42
      apps/user_ldap/lib/User_LDAP.php
  5. 50
      apps/user_ldap/lib/Wizard.php

70
apps/user_ldap/lib/Connection.php
Unescape View File

@ -38,7 +38,7 @@
namespace OCA\User_LDAP;
use OC\ServerNotAvailableException;
use OCP\ILogger;
use Psr\Log\LoggerInterface;
/**
* magic properties (incomplete)
@ -104,6 +104,9 @@ class Connection extends LDAPUtility {
protected $bindResult = [];
/** @var LoggerInterface */
protected $logger;
/**
* Constructor
* @param ILDAPWrapper $ldap
@ -123,6 +126,7 @@ class Connection extends LDAPUtility {
$helper = new Helper(\OC::$server->getConfig(), \OC::$server->getDatabaseConnection());
$this->doNotValidate = !in_array($this->configPrefix,
$helper->getServerConfigurationPrefixes());
$this->logger = \OC::$server->get(LoggerInterface::class);
}
public function __destruct() {
@ -209,7 +213,10 @@ class Connection extends LDAPUtility {
$this->establishConnection();
}
if (is_null($this->ldapConnectionRes)) {
\OCP\Util::writeLog('user_ldap', 'No LDAP Connection to server ' . $this->configuration->ldapHost, ILogger::ERROR);
$this->logger->error(
'No LDAP Connection to server ' . $this->configuration->ldapHost,
['app' => 'user_ldap']
);
throw new ServerNotAvailableException('Connection to LDAP server could not be established');
}
return $this->ldapConnectionRes;
@ -381,10 +388,10 @@ class Connection extends LDAPUtility {
&& (!is_null($this->configID))) {
$this->configuration->$effectiveSetting = 'auto';
$this->configuration->saveConfiguration();
\OCP\Util::writeLog('user_ldap',
'Illegal value for the '.
$effectiveSetting.', '.'reset to '.
'autodetect.', ILogger::INFO);
$this->logger->info(
'Illegal value for the '.$effectiveSetting.', reset to autodetect.',
['app' => 'user_ldap']
);
}
}
}
@ -407,10 +414,9 @@ class Connection extends LDAPUtility {
if ((stripos($this->configuration->ldapHost, 'ldaps://') === 0)
&& $this->configuration->ldapTLS) {
$this->configuration->ldapTLS = false;
\OCP\Util::writeLog(
'user_ldap',
$this->logger->info(
'LDAPS (already using secure connection) and TLS do not work together. Switched off TLS.',
ILogger::INFO
['app' => 'user_ldap']
);
}
}
@ -450,10 +456,9 @@ class Connection extends LDAPUtility {
break;
}
$configurationOK = false;
\OCP\Util::writeLog(
'user_ldap',
$this->logger->warning(
$errorStr.'No '.$subj.' given!',
ILogger::WARN
['app' => 'user_ldap']
);
}
}
@ -465,11 +470,11 @@ class Connection extends LDAPUtility {
($agent === '' && $pwd !== '')
|| ($agent !== '' && $pwd === '')
) {
\OCP\Util::writeLog(
'user_ldap',
$this->logger->warning(
$errorStr.'either no password is given for the user ' .
'agent or a password is given, but not an LDAP agent.',
ILogger::WARN);
['app' => 'user_ldap']
);
$configurationOK = false;
}
@ -478,20 +483,18 @@ class Connection extends LDAPUtility {
$baseGroups = $this->configuration->ldapBaseGroups;
if (empty($base) && empty($baseUsers) && empty($baseGroups)) {
\OCP\Util::writeLog(
'user_ldap',
$this->logger->warning(
$errorStr.'Not a single Base DN given.',
ILogger::WARN
['app' => 'user_ldap']
);
$configurationOK = false;
}
if (mb_strpos($this->configuration->ldapLoginFilter, '%uid', 0, 'UTF-8')
=== false) {
\OCP\Util::writeLog(
'user_ldap',
$this->logger->warning(
$errorStr.'login filter does not contain %uid place holder.',
ILogger::WARN
['app' => 'user_ldap']
);
$configurationOK = false;
}
@ -535,34 +538,32 @@ class Connection extends LDAPUtility {
return false;
}
if (!$this->ignoreValidation && !$this->configured) {
\OCP\Util::writeLog(
'user_ldap',
$this->logger->warning(
'Configuration is invalid, cannot connect',
ILogger::WARN
['app' => 'user_ldap']
);
return false;
}
if (!$this->ldapConnectionRes) {
if (!$this->ldap->areLDAPFunctionsAvailable()) {
$phpLDAPinstalled = false;
\OCP\Util::writeLog(
'user_ldap',
$this->logger->error(
'function ldap_connect is not available. Make sure that the PHP ldap module is installed.',
ILogger::ERROR
['app' => 'user_ldap']
);
return false;
}
if ($this->configuration->turnOffCertCheck) {
if (putenv('LDAPTLS_REQCERT=never')) {
\OCP\Util::writeLog('user_ldap',
$this->logger->debug(
'Turned off SSL certificate validation successfully.',
ILogger::DEBUG);
['app' => 'user_ldap']
);
} else {
\OCP\Util::writeLog(
'user_ldap',
$this->logger->warning(
'Could not turn off SSL certificate validation.',
ILogger::WARN
['app' => 'user_ldap']
);
}
}
@ -672,9 +673,10 @@ class Connection extends LDAPUtility {
if (!$ldapLogin) {
$errno = $this->ldap->errno($cr);
\OCP\Util::writeLog('user_ldap',
$this->logger->warning(
'Bind failed: ' . $errno . ': ' . $this->ldap->error($cr),
ILogger::WARN);
['app' => 'user_ldap']
);
// Set to failure mode, if LDAP error code is not one of
// - LDAP_SUCCESS (0)

6
apps/user_ldap/lib/Group_LDAP.php
Unescape View File

@ -50,7 +50,7 @@ use OC\Cache\CappedMemoryCache;
use OC\ServerNotAvailableException;
use OCP\Group\Backend\IGetDisplayNameBackend;
use OCP\GroupInterface;
use OCP\ILogger;
use Psr\Log\LoggerInterface;
class Group_LDAP extends BackendUtility implements GroupInterface, IGroupLDAP, IGetDisplayNameBackend {
protected $enabled = false;
@ -63,7 +63,7 @@ class Group_LDAP extends BackendUtility implements GroupInterface, IGroupLDAP, I
protected $cachedNestedGroups;
/** @var GroupPluginManager */
protected $groupPluginManager;
/** @var ILogger */
/** @var LoggerInterface */
protected $logger;
/**
@ -83,7 +83,7 @@ class Group_LDAP extends BackendUtility implements GroupInterface, IGroupLDAP, I
$this->cachedGroupsByMember = new CappedMemoryCache();
$this->cachedNestedGroups = new CappedMemoryCache();
$this->groupPluginManager = $groupPluginManager;
$this->logger = OC::$server->getLogger();
$this->logger = OC::$server->get(LoggerInterface::class);
$this->ldapGroupMemberAssocAttr = strtolower($gAssoc);
}

46
apps/user_ldap/lib/Jobs/UpdateGroups.php
Unescape View File

@ -36,7 +36,6 @@ use OCP\Group\Events\UserAddedEvent;
use OCP\Group\Events\UserRemovedEvent;
use OCP\IDBConnection;
use OCP\IGroupManager;
use OCP\ILogger;
use OCP\IUser;
use OCP\IUserManager;
use Psr\Log\LoggerInterface;
@ -90,15 +89,19 @@ class UpdateGroups extends TimedJob {
}
public function updateGroups() {
\OCP\Util::writeLog('user_ldap', 'Run background job "updateGroups"', ILogger::DEBUG);
$this->logger->debug(
'Run background job "updateGroups"',
['app' => 'user_ldap']
);
$knownGroups = array_keys($this->getKnownGroups());
$actualGroups = $this->groupBackend->getGroups();
if (empty($actualGroups) && empty($knownGroups)) {
\OCP\Util::writeLog('user_ldap',
$this->logger->info(
'bgJ "updateGroups" – groups do not seem to be configured properly, aborting.',
ILogger::INFO);
['app' => 'user_ldap']
);
return;
}
@ -106,7 +109,10 @@ class UpdateGroups extends TimedJob {
$this->handleCreatedGroups(array_diff($actualGroups, $knownGroups));
$this->handleRemovedGroups(array_diff($knownGroups, $actualGroups));
\OCP\Util::writeLog('user_ldap', 'bgJ "updateGroups" – Finished.', ILogger::DEBUG);
$this->logger->debug(
'bgJ "updateGroups" – Finished.',
['app' => 'user_ldap']
);
}
/**
@ -199,46 +205,56 @@ class UpdateGroups extends TimedJob {
* @param string[] $createdGroups
*/
private function handleCreatedGroups($createdGroups) {
\OCP\Util::writeLog('user_ldap', 'bgJ "updateGroups" – dealing with created Groups.', ILogger::DEBUG);
$this->logger->debug(
'bgJ "updateGroups" – dealing with created Groups.',
['app' => 'user_ldap']
);
$query = $this->dbc->getQueryBuilder();
$query->insert('ldap_group_members')
->setValue('owncloudname', $query->createParameter('owncloudname'))
->setValue('owncloudusers', $query->createParameter('owncloudusers'));
foreach ($createdGroups as $createdGroup) {
\OCP\Util::writeLog('user_ldap',
$this->logger->info(
'bgJ "updateGroups" – new group "' . $createdGroup . '" found.',
ILogger::INFO);
['app' => 'user_ldap']
);
$users = serialize($this->groupBackend->usersInGroup($createdGroup));
$query->setParameter('owncloudname', $createdGroup)
->setParameter('owncloudusers', $users);
$query->execute();
}
\OCP\Util::writeLog('user_ldap',
$this->logger->debug(
'bgJ "updateGroups" – FINISHED dealing with created Groups.',
ILogger::DEBUG);
['app' => 'user_ldap']
);
}
/**
* @param string[] $removedGroups
*/
private function handleRemovedGroups($removedGroups) {
\OCP\Util::writeLog('user_ldap', 'bgJ "updateGroups" – dealing with removed groups.', ILogger::DEBUG);
$this->logger->debug(
'bgJ "updateGroups" – dealing with removed groups.',
['app' => 'user_ldap']
);
$query = $this->dbc->getQueryBuilder();
$query->delete('ldap_group_members')
->where($query->expr()->eq('owncloudname', $query->createParameter('owncloudname')));
foreach ($removedGroups as $removedGroup) {
\OCP\Util::writeLog('user_ldap',
$this->logger->info(
'bgJ "updateGroups" – group "' . $removedGroup . '" was removed.',
ILogger::INFO);
['app' => 'user_ldap']
);
$query->setParameter('owncloudname', $removedGroup);
$query->execute();
}
\OCP\Util::writeLog('user_ldap',
$this->logger->debug(
'bgJ "updateGroups" – FINISHED dealing with removed groups.',
ILogger::DEBUG);
['app' => 'user_ldap']
);
}
}

42
apps/user_ldap/lib/User_LDAP.php
Unescape View File

@ -46,10 +46,9 @@ use OCA\User_LDAP\Exceptions\NotOnLDAP;
use OCA\User_LDAP\User\OfflineUser;
use OCA\User_LDAP\User\User;
use OCP\IConfig;
use OCP\ILogger;
use OCP\IUserSession;
use OCP\Notification\IManager as INotificationManager;
use OCP\Util;
use Psr\Log\LoggerInterface;
class User_LDAP extends BackendUtility implements \OCP\IUserBackend, \OCP\UserInterface, IUserLDAP {
/** @var \OCP\IConfig */
@ -61,6 +60,9 @@ class User_LDAP extends BackendUtility implements \OCP\IUserBackend, \OCP\UserIn
/** @var UserPluginManager */
protected $userPluginManager;
/** @var LoggerInterface */
protected $logger;
/**
* @param Access $access
* @param \OCP\IConfig $ocConfig
@ -72,6 +74,7 @@ class User_LDAP extends BackendUtility implements \OCP\IUserBackend, \OCP\UserIn
$this->ocConfig = $ocConfig;
$this->notificationManager = $notificationManager;
$this->userPluginManager = $userPluginManager;
$this->logger = \OC::$server->get(LoggerInterface::class);
}
/**
@ -173,17 +176,21 @@ class User_LDAP extends BackendUtility implements \OCP\IUserBackend, \OCP\UserIn
try {
$ldapRecord = $this->getLDAPUserByLoginName($uid);
} catch (NotOnLDAP $e) {
\OC::$server->getLogger()->logException($e, ['app' => 'user_ldap', 'level' => ILogger::DEBUG]);
$this->logger->debug(
$e->getMessage(),
['app' => 'user_ldap', 'exception' => $e]
);
return false;
}
$dn = $ldapRecord['dn'][0];
$user = $this->access->userManager->get($dn);
if (!$user instanceof User) {
Util::writeLog('user_ldap',
$this->logger->warning(
'LDAP Login: Could not get user object for DN ' . $dn .
'. Maybe the LDAP entry has no set display name attribute?',
ILogger::WARN);
['app' => 'user_ldap']
);
return false;
}
if ($user->getUsername() !== false) {
@ -266,16 +273,20 @@ class User_LDAP extends BackendUtility implements \OCP\IUserBackend, \OCP\UserIn
$this->access->getFilterPartForUserSearch($search)
]);
Util::writeLog('user_ldap',
$this->logger->debug(
'getUsers: Options: search '.$search.' limit '.$limit.' offset '.$offset.' Filter: '.$filter,
ILogger::DEBUG);
['app' => 'user_ldap']
);
//do the search and translate results to Nextcloud names
$ldap_users = $this->access->fetchListOfUsers(
$filter,
$this->access->userManager->getAttributes(true),
$limit, $offset);
$ldap_users = $this->access->nextcloudUserNames($ldap_users);
Util::writeLog('user_ldap', 'getUsers: '.count($ldap_users). ' Users found', ILogger::DEBUG);
$this->logger->debug(
'getUsers: '.count($ldap_users). ' Users found',
['app' => 'user_ldap']
);
$this->access->connection->writeToCache($cachekey, $ldap_users);
return $ldap_users;
@ -353,8 +364,10 @@ class User_LDAP extends BackendUtility implements \OCP\IUserBackend, \OCP\UserIn
$user = $this->access->userManager->get($uid);
if (is_null($user)) {
Util::writeLog('user_ldap', 'No DN found for '.$uid.' on '.
$this->access->connection->ldapHost, ILogger::DEBUG);
$this->logger->debug(
'No DN found for '.$uid.' on '.$this->access->connection->ldapHost,
['app' => 'user_ldap']
);
$this->access->connection->writeToCache('userExists'.$uid, false);
return false;
}
@ -379,12 +392,13 @@ class User_LDAP extends BackendUtility implements \OCP\IUserBackend, \OCP\UserIn
$marked = $this->ocConfig->getUserValue($uid, 'user_ldap', 'isDeleted', 0);
if ((int)$marked === 0) {
\OC::$server->getLogger()->notice(
$this->logger->notice(
'User '.$uid . ' is not marked as deleted, not cleaning up.',
['app' => 'user_ldap']);
['app' => 'user_ldap']
);
return false;
}
\OC::$server->getLogger()->info('Cleaning up after user ' . $uid,
$this->logger->info('Cleaning up after user ' . $uid,
['app' => 'user_ldap']);
$this->access->getUserMapper()->unmap($uid); // we don't emit unassign signals here, since it is implicit to delete signals fired from core
@ -619,7 +633,7 @@ class User_LDAP extends BackendUtility implements \OCP\IUserBackend, \OCP\UserIn
);
$this->access->cacheUserExists($username);
} else {
\OC::$server->getLogger()->warning(
$this->logger->warning(
'Failed to map created LDAP user with userid {userid}, because UUID could not be determined',
[
'app' => 'user_ldap',

50
apps/user_ldap/lib/Wizard.php
Unescape View File

@ -39,7 +39,7 @@
namespace OCA\User_LDAP;
use OC\ServerNotAvailableException;
use OCP\ILogger;
use Psr\Log\LoggerInterface;
class Wizard extends LDAPUtility {
/** @var \OCP\IL10N */
@ -50,6 +50,9 @@ class Wizard extends LDAPUtility {
protected $result;
protected $resultCache = [];
/** @var LoggerInterface */
protected $logger;
public const LRESULT_PROCESSED_OK = 2;
public const LRESULT_PROCESSED_INVALID = 3;
public const LRESULT_PROCESSED_SKIP = 4;
@ -77,6 +80,7 @@ class Wizard extends LDAPUtility {
}
$this->access = $access;
$this->result = new WizardResult();
$this->logger = \OC::$server->get(LoggerInterface::class);
}
public function __destruct() {
@ -300,9 +304,11 @@ class Wizard extends LDAPUtility {
if ($winner !== '') {
$this->applyFind('ldap_email_attr', $winner);
if ($writeLog) {
\OCP\Util::writeLog('user_ldap', 'The mail attribute has ' .
'automatically been reset, because the original value ' .
'did not return any results.', ILogger::INFO);
$this->logger->info(
'The mail attribute has automatically been reset, '.
'because the original value did not return any results.',
['app' => 'user_ldap']
);
}
}
@ -680,7 +686,10 @@ class Wizard extends LDAPUtility {
foreach ($portSettings as $setting) {
$p = $setting['port'];
$t = $setting['tls'];
\OCP\Util::writeLog('user_ldap', 'Wiz: trying port '. $p . ', TLS '. $t, ILogger::DEBUG);
$this->logger->debug(
'Wiz: trying port '. $p . ', TLS '. $t,
['app' => 'user_ldap']
);
//connectAndBind may throw Exception, it needs to be catched by the
//callee of this method
@ -703,7 +712,10 @@ class Wizard extends LDAPUtility {
'ldapTLS' => (int)$t
];
$this->configuration->setConfiguration($config);
\OCP\Util::writeLog('user_ldap', 'Wiz: detected Port ' . $p, ILogger::DEBUG);
$this->logger->debug(
'Wiz: detected Port ' . $p,
['app' => 'user_ldap']
);
$this->result->addChange('ldap_port', $p);
return $this->result;
}
@ -848,8 +860,10 @@ class Wizard extends LDAPUtility {
if (!$this->ldap->isResource($rr)) {
$errorNo = $this->ldap->errno($cr);
$errorMsg = $this->ldap->error($cr);
\OCP\Util::writeLog('user_ldap', 'Wiz: Could not search base '.$base.
' Error '.$errorNo.': '.$errorMsg, ILogger::INFO);
$this->logger->info(
'Wiz: Could not search base '.$base.' Error '.$errorNo.': '.$errorMsg,
['app' => 'user_ldap']
);
return false;
}
$entries = $this->ldap->countEntries($cr, $rr);
@ -1025,7 +1039,10 @@ class Wizard extends LDAPUtility {
break;
}
\OCP\Util::writeLog('user_ldap', 'Wiz: Final filter '.$filter, ILogger::DEBUG);
$this->logger->debug(
'Wiz: Final filter '.$filter,
['app' => 'user_ldap']
);
return $filter;
}
@ -1045,7 +1062,10 @@ class Wizard extends LDAPUtility {
if (!$hostInfo) {
throw new \Exception(self::$l->t('Invalid Host'));
}
\OCP\Util::writeLog('user_ldap', 'Wiz: Attempting to connect ', ILogger::DEBUG);
$this->logger->debug(
'Wiz: Attempting to connect',
['app' => 'user_ldap']
);
$cr = $this->ldap->connect($host, $port);
if (!is_resource($cr)) {
throw new \Exception(self::$l->t('Invalid Host'));
@ -1064,7 +1084,10 @@ class Wizard extends LDAPUtility {
}
}
\OCP\Util::writeLog('user_ldap', 'Wiz: Attemping to Bind ', ILogger::DEBUG);
$this->logger->debug(
'Wiz: Attemping to Bind',
['app' => 'user_ldap']
);
//interesting part: do the bind!
$login = $this->ldap->bind($cr,
$this->configuration->ldapAgentName,
@ -1079,7 +1102,10 @@ class Wizard extends LDAPUtility {
if ($login === true) {
$this->ldap->unbind($cr);
\OCP\Util::writeLog('user_ldap', 'Wiz: Bind successful to Port '. $port . ' TLS ' . (int)$tls, ILogger::DEBUG);
$this->logger->debug(
'Wiz: Bind successful to Port '. $port . ' TLS ' . (int)$tls,
['app' => 'user_ldap']
);
return true;
}

Write Preview
Loading…
Cancel
Save