|
8 | 8 |
|
9 | 9 | namespace OCA\User_LDAP\Command; |
10 | 10 |
|
11 | | -use OCA\User_LDAP\Helper; |
12 | | -use OCA\User_LDAP\Mapping\UserMapping; |
13 | | -use OCA\User_LDAP\User\DeletedUsersIndex; |
14 | | -use OCA\User_LDAP\User_Proxy; |
| 11 | +use OCA\User_LDAP\Service\CheckUserService; |
15 | 12 | use OCP\IUserManager; |
16 | 13 | use Symfony\Component\Console\Command\Command; |
17 | 14 | use Symfony\Component\Console\Input\InputArgument; |
|
21 | 18 |
|
22 | 19 | class CheckUser extends Command { |
23 | 20 | public function __construct( |
24 | | - protected User_Proxy $backend, |
25 | | - protected Helper $helper, |
26 | | - protected DeletedUsersIndex $dui, |
27 | | - protected UserMapping $mapping, |
28 | | - protected IUserManager $userManager, |
| 21 | + private readonly IUserManager $userManager, |
| 22 | + private readonly CheckUserService $checkUserService, |
29 | 23 | ) { |
30 | 24 | parent::__construct(); |
31 | 25 | } |
@@ -77,7 +71,11 @@ protected function configure(): void { |
77 | 71 | #[\Override] |
78 | 72 | protected function execute(InputInterface $input, OutputInterface $output): int { |
79 | 73 | try { |
80 | | - $this->assertAllowed($input->getOption('force')); |
| 74 | + if (!$this->checkUserService->assertAllowed($input->getOption('force'))) { |
| 75 | + throw new \Exception('Cannot check user existence, because ' |
| 76 | + . 'disabled LDAP configurations are present.'); |
| 77 | + } |
| 78 | + |
81 | 79 | $uid = $input->getArgument('ocName'); |
82 | 80 |
|
83 | 81 | if ($uid !== null) { |
@@ -109,77 +107,18 @@ protected function execute(InputInterface $input, OutputInterface $output): int |
109 | 107 | } |
110 | 108 |
|
111 | 109 | private function checkUser(InputInterface $input, OutputInterface $output, string $uid): int { |
112 | | - if ($this->backend->getLDAPAccess($uid)->stringResemblesDN($uid)) { |
113 | | - $username = $this->backend->dn2UserName($uid); |
114 | | - if ($username !== false) { |
115 | | - $uid = $username; |
116 | | - } |
117 | | - } |
118 | | - $wasMapped = $this->userWasMapped($uid); |
119 | | - $exists = $this->backend->userExistsOnLDAP($uid, true); |
120 | | - if ($exists === true) { |
| 110 | + $result = $this->checkUserService->checkUser($uid, $input->getOption('update')); |
| 111 | + if ($result['exists']) { |
121 | 112 | $output->writeln('The user is still available on LDAP.'); |
122 | | - if ($input->getOption('update')) { |
123 | | - $this->updateUser($uid, $output); |
124 | | - } |
125 | | - return self::SUCCESS; |
126 | | - } |
127 | | - |
128 | | - if ($wasMapped) { |
129 | | - $this->dui->markUser($uid); |
| 113 | + } elseif ($result['wasMapped']) { |
130 | 114 | $output->writeln('The user does not exists on LDAP anymore.'); |
131 | | - $output->writeln('Clean up the user\'s remnants by: ./occ user:delete "' |
132 | | - . $uid . '"'); |
133 | | - return self::SUCCESS; |
134 | | - } |
135 | | - |
136 | | - throw new \Exception('The given user is not a recognized LDAP user.'); |
137 | | - } |
138 | | - |
139 | | - /** |
140 | | - * checks whether a user is actually mapped |
141 | | - * @param string $ocName the username as used in Nextcloud |
142 | | - */ |
143 | | - protected function userWasMapped(string $ocName): bool { |
144 | | - $dn = $this->mapping->getDNByName($ocName); |
145 | | - return $dn !== false; |
146 | | - } |
147 | | - |
148 | | - /** |
149 | | - * checks whether the setup allows reliable checking of LDAP user existence |
150 | | - * @throws \Exception |
151 | | - */ |
152 | | - protected function assertAllowed(bool $force): void { |
153 | | - if ($this->helper->haveDisabledConfigurations() && !$force) { |
154 | | - throw new \Exception('Cannot check user existence, because ' |
155 | | - . 'disabled LDAP configurations are present.'); |
| 115 | + $output->writeln('Clean up the user\'s remnants by: ./occ user:delete "' . $uid . '"'); |
156 | 116 | } |
157 | | - |
158 | | - // we don't check ldapUserCleanupInterval from config.php because this |
159 | | - // action is triggered manually, while the setting only controls the |
160 | | - // background job. |
161 | | - } |
162 | | - |
163 | | - private function updateUser(string $uid, OutputInterface $output): void { |
164 | | - try { |
165 | | - $access = $this->backend->getLDAPAccess($uid); |
166 | | - $attrs = $access->userManager->getAttributes(); |
167 | | - $user = $access->userManager->get($uid); |
168 | | - $avatarAttributes = $access->getConnection()->resolveRule('avatar'); |
169 | | - $baseDn = $this->helper->DNasBaseParameter($user->getDN()); |
170 | | - $result = $access->search('objectclass=*', $baseDn, $attrs, 1, 0); |
171 | | - foreach ($result[0] as $attribute => $valueSet) { |
172 | | - $output->writeln(' ' . $attribute . ': '); |
173 | | - foreach ($valueSet as $value) { |
174 | | - if (in_array($attribute, $avatarAttributes)) { |
175 | | - $value = '{ImageData}'; |
176 | | - } |
177 | | - $output->writeln(' ' . $value); |
178 | | - } |
| 117 | + if (isset($result['attributes'])) { |
| 118 | + foreach ($result['attributes'] as $attribute => $value) { |
| 119 | + $output->writeln(' ' . $attribute . ': ' . $value); |
179 | 120 | } |
180 | | - $access->batchApplyUserAttributes($result); |
181 | | - } catch (\Exception $e) { |
182 | | - $output->writeln('<error>Error while trying to lookup and update attributes from LDAP</error>'); |
183 | 121 | } |
| 122 | + return self::SUCCESS; |
184 | 123 | } |
185 | 124 | } |
0 commit comments