added user profile scope setting

Signed-off-by: Marc Hefter <marchefter@march42.net> Signed-off-by: Marc Hefter <marchefter@gmail.com>
4 years ago · eee0275dc5
parent 2315c17726
commit eee0275dc5
8 changed files with 130 additions and 18 deletions
--- a/apps/user_ldap/js/wizard/wizardTabAdvanced.js
+++ b/apps/user_ldap/js/wizard/wizardTabAdvanced.js
@ -159,6 +159,10 @@ OCA = OCA || {};
 					$element: $('#ldap_attr_biography'),
 					setMethod: 'setBiographyAttribute'
 				},
+				ldap_profile_scope: {
+					$element: $('#ldap_profile_scope'),
+					setMethod: 'setProfileScope'
+				},
 			};
 			this.setManagedItems(items);
 		},
@ -472,6 +476,15 @@ OCA = OCA || {};
 			this.setElementValue(this.managedItems.ldap_attr_biography.$element, attribute);
 		},

+		/**
+		 * sets the visibility scope for the Nextcloud user profile properties
+		 *
+		 * @param {string} scope
+		 */
+		setProfileScope: function(scope) {
+			this.setElementValue(this.managedItems.ldap_profile_scope.$element, scope);
+		},
+
 		/**
 		 * deals with the result of the Test Connection test
 		 *
--- a/apps/user_ldap/lib/Configuration.php
+++ b/apps/user_ldap/lib/Configuration.php
@ -132,6 +132,7 @@ class Configuration {
 		'ldapAttributeRole' => null,
 		'ldapAttributeHeadline' => null,
 		'ldapAttributeBiography' => null,
+		'ldapProfileScope' => null,
 	];

 	public function __construct(string $configPrefix, bool $autoRead = true) {
@ -486,6 +487,7 @@ class Configuration {
 			'ldap_attr_role' => '',
 			'ldap_attr_headline' => '',
 			'ldap_attr_biography' => '',
+			'ldap_profile_scope' => '',
 		];
 	}

@ -560,6 +562,7 @@ class Configuration {
 			'ldap_attr_role' => 'ldapAttributeRole',
 			'ldap_attr_headline' => 'ldapAttributeHeadline',
 			'ldap_attr_biography' => 'ldapAttributeBiography',
+			'ldap_profile_scope' => 'ldapProfileScope',
 		];
 		return $array;
 	}
--- a/apps/user_ldap/lib/Connection.php
+++ b/apps/user_ldap/lib/Connection.php
@ -81,6 +81,7 @@ use Psr\Log\LoggerInterface;
 * @property string ldapAttributeRole
 * @property string ldapAttributeHeadline
 * @property string ldapAttributeBiography
+ * @property string ldapProfileScope
 */
 class Connection extends LDAPUtility {
 	/**
--- a/apps/user_ldap/lib/User/User.php
+++ b/apps/user_ldap/lib/User/User.php
@ -248,52 +248,57 @@ class User {
 		}
 		unset($attr);

+		//User profile visibility
+		$profileScope = $this->connection->ldapProfileScope;
+		if (is_null($profileScope) || '' === $profileScope || 'unset' === $profileScope) {
+			$profileScope = null;
+		}
 		//User Profile Field - Phone number
 		$attr = strtolower($this->connection->ldapAttributePhone);
 		if (isset($ldapEntry[$attr])) {
-			$this->updateProfile(self::USER_PREFKEY_PHONE, $ldapEntry[$attr][0]);
+			$this->updateProfile(self::USER_PREFKEY_PHONE, $ldapEntry[$attr][0], $profileScope);
 		}
 		unset($attr);
 		//User Profile Field - website
 		$attr = strtolower($this->connection->ldapAttributeWebsite);
 		if (isset($ldapEntry[$attr])) {
-			$this->updateProfile(self::USER_PREFKEY_WEBSITE, $ldapEntry[$attr][0]);
+			$this->updateProfile(self::USER_PREFKEY_WEBSITE, $ldapEntry[$attr][0], $profileScope);
 		}
 		unset($attr);
 		//User Profile Field - Address
 		$attr = strtolower($this->connection->ldapAttributeAddress);
 		if (isset($ldapEntry[$attr])) {
-			$this->updateProfile(self::USER_PREFKEY_ADDRESS, $ldapEntry[$attr][0]);
+			$this->updateProfile(self::USER_PREFKEY_ADDRESS, $ldapEntry[$attr][0], $profileScope);
 		}
 		unset($attr);
 		//User Profile Field - Twitter
 		$attr = strtolower($this->connection->ldapAttributeTwitter);
 		if (isset($ldapEntry[$attr])) {
-			$this->updateProfile(self::USER_PREFKEY_TWITTER, $ldapEntry[$attr][0]);
+			$this->updateProfile(self::USER_PREFKEY_TWITTER, $ldapEntry[$attr][0], $profileScope);
 		}
 		unset($attr);
 		//User Profile Field - organisation
 		$attr = strtolower($this->connection->ldapAttributeOrganisation);
 		if (isset($ldapEntry[$attr])) {
-			$this->updateProfile(self::USER_PREFKEY_ORGANISATION, $ldapEntry[$attr][0]);
+			$this->updateProfile(self::USER_PREFKEY_ORGANISATION, $ldapEntry[$attr][0], $profileScope);
 		}
 		unset($attr);
 		//User Profile Field - role
 		$attr = strtolower($this->connection->ldapAttributeRole);
 		if (isset($ldapEntry[$attr])) {
-			$this->updateProfile(self::USER_PREFKEY_ROLE, $ldapEntry[$attr][0]);
+			$this->updateProfile(self::USER_PREFKEY_ROLE, $ldapEntry[$attr][0], $profileScope);
 		}
 		unset($attr);
 		//User Profile Field - headline
 		$attr = strtolower($this->connection->ldapAttributeHeadline);
 		if (isset($ldapEntry[$attr])) {
-			$this->updateProfile(self::USER_PREFKEY_HEADLINE, $ldapEntry[$attr][0]);
+			$this->updateProfile(self::USER_PREFKEY_HEADLINE, $ldapEntry[$attr][0], $profileScope);
 		}
 		unset($attr);
 		//User Profile Field - biography
 		$attr = strtolower($this->connection->ldapAttributeBiography);
 		if (isset($ldapEntry[$attr])) {
-			$this->updateProfile(self::USER_PREFKEY_BIOGRAPHY, $ldapEntry[$attr][0]);
+			$this->updateProfile(self::USER_PREFKEY_BIOGRAPHY, $ldapEntry[$attr][0], $profileScope);
 		}
 		unset($attr);

@ -583,7 +588,7 @@ class User {
 	 * @param string $valueFromLDAP if known, to save an LDAP read request
 	 * @return null
 	 */
-	private function updateProfile(string $property, $valueFromLDAP) {
+	private function updateProfile(string $property, $valueFromLDAP, $scope=null) {
 		// check for valid property and set corresponding profile property
 		$profileProperty = 'INVALID';
 		if (self::USER_PREFKEY_PHONE == $property) {
@ -622,7 +627,7 @@ class User {
 				if (!is_null($user)) {
 					$currentValue = (string)$user->getProfilePropertyValue($profileProperty);
 					if ($currentValue !== $value) {
-						$user->setProfilePropertyValue($profileProperty,$value);
+						$user->setProfileProperty($profileProperty,$value,$scope,null);
 					}
 					// setScope(IAccountManager::SCOPE_FEDERATED);
 					// setVerified(IAccountManager::VERIFIED);
--- a/apps/user_ldap/templates/settings.php
+++ b/apps/user_ldap/templates/settings.php
@ -130,6 +130,7 @@ style('user_ldap', 'settings');
 				<p><label for="ldap_attr_role"> <?php p($l->t('Role Field')); ?></label><input type="text" id="ldap_attr_role" name="ldap_attr_role" title="<?php p($l->t('User profile Role will be set from the specified attribute')); ?>" data-default="<?php p($_['ldap_attr_role_default']); ?>"></p>
 				<p><label for="ldap_attr_headline"> <?php p($l->t('Headline Field')); ?></label><input type="text" id="ldap_attr_headline" name="ldap_attr_headline" title="<?php p($l->t('User profile Headline will be set from the specified attribute')); ?>" data-default="<?php p($_['ldap_attr_headline_default']); ?>"></p>
 				<p><label for="ldap_attr_biography"> <?php p($l->t('Biography Field')); ?></label><input type="text" id="ldap_attr_biography" name="ldap_attr_biography" title="<?php p($l->t('User profile Biography will be set from the specified attribute')); ?>" data-default="<?php p($_['ldap_attr_biography_default']); ?>"></p>
+				<p><label for="ldap_profile_scope"><?php p($l->t('Profile Scope'));?></label><select id="ldap_profile_scope" name="ldap_profile_scope" data-default="<?php p($_['ldap_profile_scope_default']); ?>" ><option value="unset"<?php if (! isset($_['ldap_profile_scope']) || ($_['ldap_profile_scope'] === 'unset')) p(' selected'); ?>>must be set by user</option><option value="v2-private"<?php if (isset($_['ldap_profile_scope']) && ($_['ldap_profile_scope'] === 'v2-private')) p(' selected'); ?>>private</option><option value="v2-local"<?php if (isset($_['ldap_profile_scope']) && ($_['ldap_profile_scope'] === 'v2-local')) p(' selected'); ?>>local</option><option value="v2-federated"<?php if (isset($_['ldap_profile_scope']) && ($_['ldap_profile_scope'] === 'v2-federated')) p(' selected'); ?>>federated</option><option value="v2-published"<?php if (isset($_['ldap_profile_scope']) && ($_['ldap_profile_scope'] === 'v2-published')) p(' selected'); ?>>published</option></select></p>
 			</div>
 		</div>
 		<?php print_unescaped($_['settingControls']); ?>
--- a/lib/private/User/LazyUser.php
+++ b/lib/private/User/LazyUser.php
@ -152,7 +152,15 @@ class LazyUser implements IUser {
 		return $this->getUser()->getProfilePropertyValue($property);
 	}

-	public function setProfilePropertyValue(string $property, $value) {
-		$this->getUser()->setProfilePropertyValue($property, $value);
+	public function getProfilePropertyScope(string $property): ?string {
+		return $this->getUser()->getProfilePropertyScope($property);
+	}
+
+	public function getProfilePropertyVerified(string $property): ?string {
+		return $this->getUser()->getProfilePropertyVerified($property);
+	}
+
+	public function setProfileProperty(string $property, $value=null, $scope=null, $verified=null) {
+		$this->getUser()->setProfileProperty($property, $value, $scope, $verified);
 	}
 }
--- a/lib/private/User/User.php
+++ b/lib/private/User/User.php
@ -609,13 +609,47 @@ class User implements IUser {
 		return $property->getValue();
 	}

+	/**
+	 * @param string $property name of the AccountProperty
+	 * @return string|null AccountProperty scope
+	 * @throws InvalidArgumentException when the property name is invalid or null
+	 */
+	public function getProfilePropertyScope($property): ?string {
+		if ($property === null) {
+			throw new InvalidArgumentException('Property can not be null.');
+		}
+		$this->ensureAccountManager();
+		$account = $this->accountManager->getAccount($this);
+		// TODO: this should be stored locally, to reduce database overhead
+		$property = $account->getProperty($property);
+		return $property->getScope();
+	}
+
+	/**
+	 * @param string $property name of the AccountProperty
+	 * @return string|null AccountProperty verified
+	 * @throws InvalidArgumentException when the property name is invalid or null
+	 */
+	public function getProfilePropertyVerified($property): ?string {
+		if ($property === null) {
+			throw new InvalidArgumentException('Property can not be null.');
+		}
+		$this->ensureAccountManager();
+		$account = $this->accountManager->getAccount($this);
+		// TODO: this should be stored locally, to reduce database overhead
+		$property = $account->getProperty($property);
+		return $property->getVerified();
+	}
+
 	/**
 	 * @param string $property name of the AccountProperty
 	 * @param string $value AccountProperty value
+	 * @param string $scope AccountProperty scope
+	 * @param string $verified AccountProperty verified
 	 * @return void
 	 * @throws InvalidArgumentException when the property name is invalid or null
 	 */
-	public function setProfilePropertyValue($property, $value) {
+	public function setProfileProperty($property, $value=null, $scope=null, $verified=null) {
 		if ($property === null) {
 			throw new InvalidArgumentException('Property can not be null.');
 		}
@ -623,9 +657,35 @@ class User implements IUser {
 		$this->ensureAccountManager();
 		$account = $this->accountManager->getAccount($this);
 		$property = $account->getProperty($property);
+		if (null !== $value) {
+			$property->setValue($value);
+		}
+		if (null !== $scope) {
+			// FIXME: should I default to IAccountManager::SCOPE_FEDERATED
+			$property->setScope($scope);
+		}
+		if (null !== $verified) {
+			// FIXME: should I default to IAccountManager::VERIFIED
+			$property->setVerified($verified);
+		}
+		$this->accountManager->updateAccount($account);
+		return;
+	}
+
+	/**
+	 * @param string $property name of the AccountProperty
+	 * @param string $value AccountProperty value
+	 * @return void
+	 * @throws InvalidArgumentException when the property name is invalid or null
+	 */
+	public function setProfilePropertyValue($property, $value) {
+		if ($property === null) {
+			throw new InvalidArgumentException('Property can not be null.');
+		}
+		$this->ensureAccountManager();
+		$account = $this->accountManager->getAccount($this);
+		$property = $account->getProperty($property);
 		$property->setValue($value);
-		//$property->setScope(IAccountManager::SCOPE_FEDERATED);
-		//$property->setVerified(IAccountManager::VERIFIED);
 		$this->accountManager->updateAccount($account);
 		return;
 	}
--- a/lib/public/IUser.php
+++ b/lib/public/IUser.php
@ -283,14 +283,35 @@ interface IUser {
 	public function getProfilePropertyValue(string $property): ?string;

 	/**
-	 * set users' profile property value.
-	 * remove property, if null
+	 * get users' profile property scope.
+	 *
+	 * @param string $property name see IAccountManager::PROPERTY_*
+	 * @return string AccountProperty scope IAccountManager::SCOPE_*
+	 * @throws InvalidArgumentException when the property name is invalid or null
+	 * @since 25.0.0
+	 */
+	public function getProfilePropertyScope(string $property): ?string;
+
+	/**
+	 * get users' profile property verified.
+	 *
+	 * @param string $property name see IAccountManager::PROPERTY_*
+	 * @return string AccountProperty verification status IAccountManager::NOT_VERIFIED/VERIFICATION_IN_PROGRESS/VERIFIED
+	 * @throws InvalidArgumentException when the property name is invalid or null
+	 * @since 25.0.0
+	 */
+	public function getProfilePropertyVerified(string $property): ?string;
+
+	/**
+	 * set users' profile property value,scope,verified.
 	 *
 	 * @param string $property name from IAccountManager::PROPERTY_*
 	 * @param string $value AccountProperty value
+	 * @param string $scope AccountProperty scope
+	 * @param string $verified AccountProperty verified
 	 * @return void
 	 * @throws InvalidArgumentException when the property name is invalid or null
 	 * @since 25.0.0
 	 */
-	public function setProfilePropertyValue(string $property, $value);
+	public function setProfileProperty(string $property, $value=null, $scope=null, $verified=null);
 }