archive
/
nextcloud
mirror of https://github.com/nextcloud/server.git
1
0
Fork 0
Code Issues Releases Wiki Activity

Use Psr\Log\LoggerInterface where it can easily be used in user_ldap

Browse Source 
Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>
pull/29180/head
Côme Chilliet 3 years ago
parent d189a23f43
commit f9e6f2ea57
No known key found for this signature in database
GPG Key ID: A3E2F658B28C760A
5 changed files with 136 additions and 78 deletions
Show Stats Download Patch File Download Diff File

70
apps/user_ldap/lib/Connection.php
Unescape Escape View File

@ -37,7 +37,7 @@
namespace OCA\User_LDAP;
use OC\ServerNotAvailableException;
use OCP\ILogger;
use Psr\Log\LoggerInterface;
/**
* magic properties (incomplete)
@ -103,6 +103,9 @@ class Connection extends LDAPUtility {
protected $bindResult = [];
/** @var LoggerInterface */
protected $logger;
/**
* Constructor
* @param ILDAPWrapper $ldap
@ -122,6 +125,7 @@ class Connection extends LDAPUtility {
$helper = new Helper(\OC::$server->getConfig(), \OC::$server->getDatabaseConnection());
$this->doNotValidate = !in_array($this->configPrefix,
$helper->getServerConfigurationPrefixes());
$this->logger = \OC::$server->get(LoggerInterface::class);
}
public function __destruct() {
@ -208,7 +212,10 @@ class Connection extends LDAPUtility {
$this->establishConnection();
}
if (is_null($this->ldapConnectionRes)) {
\OCP\Util::writeLog('user_ldap', 'No LDAP Connection to server ' . $this->configuration->ldapHost, ILogger::ERROR);
$this->logger->error(
'No LDAP Connection to server ' . $this->configuration->ldapHost,
['app' => 'user_ldap']
);
throw new ServerNotAvailableException('Connection to LDAP server could not be established');
}
return $this->ldapConnectionRes;
@ -378,10 +385,10 @@ class Connection extends LDAPUtility {
&& (!is_null($this->configID))) {
$this->configuration->$effectiveSetting = 'auto';
$this->configuration->saveConfiguration();
\OCP\Util::writeLog('user_ldap',
'Illegal value for the '.
$effectiveSetting.', '.'reset to '.
'autodetect.', ILogger::INFO);
$this->logger->info(
'Illegal value for the '.$effectiveSetting.', reset to autodetect.',
['app' => 'user_ldap']
);
}
}
}
@ -404,10 +411,9 @@ class Connection extends LDAPUtility {
if ((stripos($this->configuration->ldapHost, 'ldaps://') === 0)
&& $this->configuration->ldapTLS) {
$this->configuration->ldapTLS = false;
\OCP\Util::writeLog(
'user_ldap',
$this->logger->info(
'LDAPS (already using secure connection) and TLS do not work together. Switched off TLS.',
ILogger::INFO
['app' => 'user_ldap']
);
}
}
@ -447,10 +453,9 @@ class Connection extends LDAPUtility {
break;
}
$configurationOK = false;
\OCP\Util::writeLog(
'user_ldap',
$this->logger->warning(
$errorStr.'No '.$subj.' given!',
ILogger::WARN
['app' => 'user_ldap']
);
}
}
@ -462,11 +467,11 @@ class Connection extends LDAPUtility {
($agent === '' && $pwd !== '')
|| ($agent !== '' && $pwd === '')
) {
\OCP\Util::writeLog(
'user_ldap',
$this->logger->warning(
$errorStr.'either no password is given for the user ' .
'agent or a password is given, but not an LDAP agent.',
ILogger::WARN);
['app' => 'user_ldap']
);
$configurationOK = false;
}
@ -475,20 +480,18 @@ class Connection extends LDAPUtility {
$baseGroups = $this->configuration->ldapBaseGroups;
if (empty($base) && empty($baseUsers) && empty($baseGroups)) {
\OCP\Util::writeLog(
'user_ldap',
$this->logger->warning(
$errorStr.'Not a single Base DN given.',
ILogger::WARN
['app' => 'user_ldap']
);
$configurationOK = false;
}
if (mb_strpos($this->configuration->ldapLoginFilter, '%uid', 0, 'UTF-8')
=== false) {
\OCP\Util::writeLog(
'user_ldap',
$this->logger->warning(
$errorStr.'login filter does not contain %uid place holder.',
ILogger::WARN
['app' => 'user_ldap']
);
$configurationOK = false;
}
@ -532,34 +535,32 @@ class Connection extends LDAPUtility {
return false;
}
if (!$this->ignoreValidation && !$this->configured) {
\OCP\Util::writeLog(
'user_ldap',
$this->logger->warning(
'Configuration is invalid, cannot connect',
ILogger::WARN
['app' => 'user_ldap']
);
return false;
}
if (!$this->ldapConnectionRes) {
if (!$this->ldap->areLDAPFunctionsAvailable()) {
$phpLDAPinstalled = false;
\OCP\Util::writeLog(
'user_ldap',
$this->logger->error(
'function ldap_connect is not available. Make sure that the PHP ldap module is installed.',
ILogger::ERROR
['app' => 'user_ldap']
);
return false;
}
if ($this->configuration->turnOffCertCheck) {
if (putenv('LDAPTLS_REQCERT=never')) {
\OCP\Util::writeLog('user_ldap',
$this->logger->debug(
'Turned off SSL certificate validation successfully.',
ILogger::DEBUG);
['app' => 'user_ldap']
);
} else {
\OCP\Util::writeLog(
'user_ldap',
$this->logger->warning(
'Could not turn off SSL certificate validation.',
ILogger::WARN
['app' => 'user_ldap']
);
}
}
@ -669,9 +670,10 @@ class Connection extends LDAPUtility {
if (!$ldapLogin) {
$errno = $this->ldap->errno($cr);
\OCP\Util::writeLog('user_ldap',
$this->logger->warning(
'Bind failed: ' . $errno . ': ' . $this->ldap->error($cr),
ILogger::WARN);
['app' => 'user_ldap']
);
// Set to failure mode, if LDAP error code is not one of
// - LDAP_SUCCESS (0)

6
apps/user_ldap/lib/Group_LDAP.php
Unescape Escape View File

@ -49,7 +49,7 @@ use OC\Cache\CappedMemoryCache;
use OC\ServerNotAvailableException;
use OCP\Group\Backend\IGetDisplayNameBackend;
use OCP\GroupInterface;
use OCP\ILogger;
use Psr\Log\LoggerInterface;
class Group_LDAP extends BackendUtility implements GroupInterface, IGroupLDAP, IGetDisplayNameBackend {
protected $enabled = false;
@ -62,7 +62,7 @@ class Group_LDAP extends BackendUtility implements GroupInterface, IGroupLDAP, I
protected $cachedNestedGroups;
/** @var GroupPluginManager */
protected $groupPluginManager;
/** @var ILogger */
/** @var LoggerInterface */
protected $logger;
/**
@ -82,7 +82,7 @@ class Group_LDAP extends BackendUtility implements GroupInterface, IGroupLDAP, I
$this->cachedGroupsByMember = new CappedMemoryCache();
$this->cachedNestedGroups = new CappedMemoryCache();
$this->groupPluginManager = $groupPluginManager;
$this->logger = OC::$server->getLogger();
$this->logger = OC::$server->get(LoggerInterface::class);
$this->ldapGroupMemberAssocAttr = strtolower($gAssoc);
}

46
apps/user_ldap/lib/Jobs/UpdateGroups.php
Unescape Escape View File

@ -35,7 +35,6 @@ use OCP\Group\Events\UserAddedEvent;
use OCP\Group\Events\UserRemovedEvent;
use OCP\IDBConnection;
use OCP\IGroupManager;
use OCP\ILogger;
use OCP\IUser;
use OCP\IUserManager;
use Psr\Log\LoggerInterface;
@ -89,15 +88,19 @@ class UpdateGroups extends TimedJob {
}
public function updateGroups() {
\OCP\Util::writeLog('user_ldap', 'Run background job "updateGroups"', ILogger::DEBUG);
$this->logger->debug(
'Run background job "updateGroups"',
['app' => 'user_ldap']
);
$knownGroups = array_keys($this->getKnownGroups());
$actualGroups = $this->groupBackend->getGroups();
if (empty($actualGroups) && empty($knownGroups)) {
\OCP\Util::writeLog('user_ldap',
$this->logger->info(
'bgJ "updateGroups" groups do not seem to be configured properly, aborting.',
ILogger::INFO);
['app' => 'user_ldap']
);
return;
}
@ -105,7 +108,10 @@ class UpdateGroups extends TimedJob {
$this->handleCreatedGroups(array_diff($actualGroups, $knownGroups));
$this->handleRemovedGroups(array_diff($knownGroups, $actualGroups));
\OCP\Util::writeLog('user_ldap', 'bgJ "updateGroups" Finished.', ILogger::DEBUG);
$this->logger->debug(
'bgJ "updateGroups" Finished.',
['app' => 'user_ldap']
);
}
/**
@ -198,46 +204,56 @@ class UpdateGroups extends TimedJob {
* @param string[] $createdGroups
*/
private function handleCreatedGroups($createdGroups) {
\OCP\Util::writeLog('user_ldap', 'bgJ "updateGroups" dealing with created Groups.', ILogger::DEBUG);
$this->logger->debug(
'bgJ "updateGroups" dealing with created Groups.',
['app' => 'user_ldap']
);
$query = $this->dbc->getQueryBuilder();
$query->insert('ldap_group_members')
->setValue('owncloudname', $query->createParameter('owncloudname'))
->setValue('owncloudusers', $query->createParameter('owncloudusers'));
foreach ($createdGroups as $createdGroup) {
\OCP\Util::writeLog('user_ldap',
$this->logger->info(
'bgJ "updateGroups" new group "' . $createdGroup . '" found.',
ILogger::INFO);
['app' => 'user_ldap']
);
$users = serialize($this->groupBackend->usersInGroup($createdGroup));
$query->setParameter('owncloudname', $createdGroup)
->setParameter('owncloudusers', $users);
$query->execute();
}
\OCP\Util::writeLog('user_ldap',
$this->logger->debug(
'bgJ "updateGroups" FINISHED dealing with created Groups.',
ILogger::DEBUG);
['app' => 'user_ldap']
);
}
/**
* @param string[] $removedGroups
*/
private function handleRemovedGroups($removedGroups) {
\OCP\Util::writeLog('user_ldap', 'bgJ "updateGroups" dealing with removed groups.', ILogger::DEBUG);
$this->logger->debug(
'bgJ "updateGroups" dealing with removed groups.',
['app' => 'user_ldap']
);
$query = $this->dbc->getQueryBuilder();
$query->delete('ldap_group_members')
->where($query->expr()->eq('owncloudname', $query->createParameter('owncloudname')));
foreach ($removedGroups as $removedGroup) {
\OCP\Util::writeLog('user_ldap',
$this->logger->info(
'bgJ "updateGroups" group "' . $removedGroup . '" was removed.',
ILogger::INFO);
['app' => 'user_ldap']
);
$query->setParameter('owncloudname', $removedGroup);
$query->execute();
}
\OCP\Util::writeLog('user_ldap',
$this->logger->debug(
'bgJ "updateGroups" FINISHED dealing with removed groups.',
ILogger::DEBUG);
['app' => 'user_ldap']
);
}
}

42
apps/user_ldap/lib/User_LDAP.php
Unescape Escape View File

@ -45,10 +45,9 @@ use OCA\User_LDAP\Exceptions\NotOnLDAP;
use OCA\User_LDAP\User\OfflineUser;
use OCA\User_LDAP\User\User;
use OCP\IConfig;
use OCP\ILogger;
use OCP\IUserSession;
use OCP\Notification\IManager as INotificationManager;
use OCP\Util;
use Psr\Log\LoggerInterface;
class User_LDAP extends BackendUtility implements \OCP\IUserBackend, \OCP\UserInterface, IUserLDAP {
/** @var \OCP\IConfig */
@ -60,6 +59,9 @@ class User_LDAP extends BackendUtility implements \OCP\IUserBackend, \OCP\UserIn
/** @var UserPluginManager */
protected $userPluginManager;
/** @var LoggerInterface */
protected $logger;
/**
* @param Access $access
* @param \OCP\IConfig $ocConfig
@ -71,6 +73,7 @@ class User_LDAP extends BackendUtility implements \OCP\IUserBackend, \OCP\UserIn
$this->ocConfig = $ocConfig;
$this->notificationManager = $notificationManager;
$this->userPluginManager = $userPluginManager;
$this->logger = \OC::$server->get(LoggerInterface::class);
}
/**
@ -172,17 +175,21 @@ class User_LDAP extends BackendUtility implements \OCP\IUserBackend, \OCP\UserIn
try {
$ldapRecord = $this->getLDAPUserByLoginName($uid);
} catch (NotOnLDAP $e) {
\OC::$server->getLogger()->logException($e, ['app' => 'user_ldap', 'level' => ILogger::DEBUG]);
$this->logger->debug(
$e->getMessage(),
['app' => 'user_ldap', 'exception' => $e]
);
return false;
}
$dn = $ldapRecord['dn'][0];
$user = $this->access->userManager->get($dn);
if (!$user instanceof User) {
Util::writeLog('user_ldap',
$this->logger->warning(
'LDAP Login: Could not get user object for DN ' . $dn .
'. Maybe the LDAP entry has no set display name attribute?',
ILogger::WARN);
['app' => 'user_ldap']
);
return false;
}
if ($user->getUsername() !== false) {
@ -265,16 +272,20 @@ class User_LDAP extends BackendUtility implements \OCP\IUserBackend, \OCP\UserIn
$this->access->getFilterPartForUserSearch($search)
]);
Util::writeLog('user_ldap',
$this->logger->debug(
'getUsers: Options: search '.$search.' limit '.$limit.' offset '.$offset.' Filter: '.$filter,
ILogger::DEBUG);
['app' => 'user_ldap']
);
//do the search and translate results to Nextcloud names
$ldap_users = $this->access->fetchListOfUsers(
$filter,
$this->access->userManager->getAttributes(true),
$limit, $offset);
$ldap_users = $this->access->nextcloudUserNames($ldap_users);
Util::writeLog('user_ldap', 'getUsers: '.count($ldap_users). ' Users found', ILogger::DEBUG);
$this->logger->debug(
'getUsers: '.count($ldap_users). ' Users found',
['app' => 'user_ldap']
);
$this->access->connection->writeToCache($cachekey, $ldap_users);
return $ldap_users;
@ -352,8 +363,10 @@ class User_LDAP extends BackendUtility implements \OCP\IUserBackend, \OCP\UserIn
$user = $this->access->userManager->get($uid);
if (is_null($user)) {
Util::writeLog('user_ldap', 'No DN found for '.$uid.' on '.
$this->access->connection->ldapHost, ILogger::DEBUG);
$this->logger->debug(
'No DN found for '.$uid.' on '.$this->access->connection->ldapHost,
['app' => 'user_ldap']
);
$this->access->connection->writeToCache('userExists'.$uid, false);
return false;
}
@ -378,12 +391,13 @@ class User_LDAP extends BackendUtility implements \OCP\IUserBackend, \OCP\UserIn
$marked = $this->ocConfig->getUserValue($uid, 'user_ldap', 'isDeleted', 0);
if ((int)$marked === 0) {
\OC::$server->getLogger()->notice(
$this->logger->notice(
'User '.$uid . ' is not marked as deleted, not cleaning up.',
['app' => 'user_ldap']);
['app' => 'user_ldap']
);
return false;
}
\OC::$server->getLogger()->info('Cleaning up after user ' . $uid,
$this->logger->info('Cleaning up after user ' . $uid,
['app' => 'user_ldap']);
$this->access->getUserMapper()->unmap($uid); // we don't emit unassign signals here, since it is implicit to delete signals fired from core
@ -618,7 +632,7 @@ class User_LDAP extends BackendUtility implements \OCP\IUserBackend, \OCP\UserIn
);
$this->access->cacheUserExists($username);
} else {
\OC::$server->getLogger()->warning(
$this->logger->warning(
'Failed to map created LDAP user with userid {userid}, because UUID could not be determined',
[
'app' => 'user_ldap',

50
apps/user_ldap/lib/Wizard.php
Unescape Escape View File

@ -38,7 +38,7 @@
namespace OCA\User_LDAP;
use OC\ServerNotAvailableException;
use OCP\ILogger;
use Psr\Log\LoggerInterface;
class Wizard extends LDAPUtility {
/** @var \OCP\IL10N */
@ -49,6 +49,9 @@ class Wizard extends LDAPUtility {
protected $result;
protected $resultCache = [];
/** @var LoggerInterface */
protected $logger;
public const LRESULT_PROCESSED_OK = 2;
public const LRESULT_PROCESSED_INVALID = 3;
public const LRESULT_PROCESSED_SKIP = 4;
@ -76,6 +79,7 @@ class Wizard extends LDAPUtility {
}
$this->access = $access;
$this->result = new WizardResult();
$this->logger = \OC::$server->get(LoggerInterface::class);
}
public function __destruct() {
@ -299,9 +303,11 @@ class Wizard extends LDAPUtility {
if ($winner !== '') {
$this->applyFind('ldap_email_attr', $winner);
if ($writeLog) {
\OCP\Util::writeLog('user_ldap', 'The mail attribute has ' .
'automatically been reset, because the original value ' .
'did not return any results.', ILogger::INFO);
$this->logger->info(
'The mail attribute has automatically been reset, '.
'because the original value did not return any results.',
['app' => 'user_ldap']
);
}
}
@ -679,7 +685,10 @@ class Wizard extends LDAPUtility {
foreach ($portSettings as $setting) {
$p = $setting['port'];
$t = $setting['tls'];
\OCP\Util::writeLog('user_ldap', 'Wiz: trying port '. $p . ', TLS '. $t, ILogger::DEBUG);
$this->logger->debug(
'Wiz: trying port '. $p . ', TLS '. $t,
['app' => 'user_ldap']
);
//connectAndBind may throw Exception, it needs to be catched by the
//callee of this method
@ -702,7 +711,10 @@ class Wizard extends LDAPUtility {
'ldapTLS' => (int)$t
];
$this->configuration->setConfiguration($config);
\OCP\Util::writeLog('user_ldap', 'Wiz: detected Port ' . $p, ILogger::DEBUG);
$this->logger->debug(
'Wiz: detected Port ' . $p,
['app' => 'user_ldap']
);
$this->result->addChange('ldap_port', $p);
return $this->result;
}
@ -847,8 +859,10 @@ class Wizard extends LDAPUtility {
if (!$this->ldap->isResource($rr)) {
$errorNo = $this->ldap->errno($cr);
$errorMsg = $this->ldap->error($cr);
\OCP\Util::writeLog('user_ldap', 'Wiz: Could not search base '.$base.
' Error '.$errorNo.': '.$errorMsg, ILogger::INFO);
$this->logger->info(
'Wiz: Could not search base '.$base.' Error '.$errorNo.': '.$errorMsg,
['app' => 'user_ldap']
);
return false;
}
$entries = $this->ldap->countEntries($cr, $rr);
@ -1024,7 +1038,10 @@ class Wizard extends LDAPUtility {
break;
}
\OCP\Util::writeLog('user_ldap', 'Wiz: Final filter '.$filter, ILogger::DEBUG);
$this->logger->debug(
'Wiz: Final filter '.$filter,
['app' => 'user_ldap']
);
return $filter;
}
@ -1044,7 +1061,10 @@ class Wizard extends LDAPUtility {
if (!$hostInfo) {
throw new \Exception(self::$l->t('Invalid Host'));
}
\OCP\Util::writeLog('user_ldap', 'Wiz: Attempting to connect ', ILogger::DEBUG);
$this->logger->debug(
'Wiz: Attempting to connect',
['app' => 'user_ldap']
);
$cr = $this->ldap->connect($host, $port);
if (!is_resource($cr)) {
throw new \Exception(self::$l->t('Invalid Host'));
@ -1063,7 +1083,10 @@ class Wizard extends LDAPUtility {
}
}
\OCP\Util::writeLog('user_ldap', 'Wiz: Attemping to Bind ', ILogger::DEBUG);
$this->logger->debug(
'Wiz: Attemping to Bind',
['app' => 'user_ldap']
);
//interesting part: do the bind!
$login = $this->ldap->bind($cr,
$this->configuration->ldapAgentName,
@ -1078,7 +1101,10 @@ class Wizard extends LDAPUtility {
if ($login === true) {
$this->ldap->unbind($cr);
\OCP\Util::writeLog('user_ldap', 'Wiz: Bind successful to Port '. $port . ' TLS ' . (int)$tls, ILogger::DEBUG);
$this->logger->debug(
'Wiz: Bind successful to Port '. $port . ' TLS ' . (int)$tls,
['app' => 'user_ldap']
);
return true;
}

Write Preview
Loading…
Cancel
Save