From 4aadfd75c82b4ad33aa26953c18c3694d52a15b6 Mon Sep 17 00:00:00 2001 From: KoS Date: Sun, 23 Oct 2016 19:25:44 +0200 Subject: IMAP login can be restricted to a specific domain name. --- user_external/lib/imap.php | 23 +++++++++++++++++++++-- 1 file changed, 21 insertions(+), 2 deletions(-) diff --git a/user_external/lib/imap.php b/user_external/lib/imap.php index 3ccebf094..4c5c57a78 100644 --- a/user_external/lib/imap.php +++ b/user_external/lib/imap.php @@ -17,16 +17,19 @@ */ class OC_User_IMAP extends \OCA\user_external\Base { private $mailbox; + private $domain; /** * Create new IMAP authentication provider * * @param string $mailbox PHP imap_open mailbox definition, e.g. * {127.0.0.1:143/imap/readonly} + * @param string $domain If provided, loging will be restricted to this domain */ - public function __construct($mailbox) { + public function __construct($mailbox, $domain = '') { parent::__construct($mailbox); $this->mailbox=$mailbox; + $this->domain=$domain; } /** @@ -42,7 +45,23 @@ class OC_User_IMAP extends \OCA\user_external\Base { OCP\Util::writeLog('user_external', 'ERROR: PHP imap extension is not installed', OCP\Util::ERROR); return false; } - $mbox = @imap_open($this->mailbox, $uid, $password, OP_HALFOPEN, 1); + + // Check if we only want logins from ONE domain and strip the domain part from UID + if($this->domain != '') { + $pieces = explode('@', $uid); + if(count($pieces) == 1) { + $username = $uid . "@" . $this->domain; + }elseif((count($pieces) == 2) and ($pieces[1] == $this->domain)) { + $username = $uid; + $uid = $pieces[0]; + }else{ + return false; + } + }else{ + $username = $uid; + } + + $mbox = @imap_open($this->mailbox, $username, $password, OP_HALFOPEN, 1); imap_errors(); imap_alerts(); if($mbox !== FALSE) { -- cgit v1.2.3 From eb092576f2234374fd0a851b657b1b07f7545c5d Mon Sep 17 00:00:00 2001 From: KoS Date: Sun, 23 Oct 2016 19:28:10 +0200 Subject: IMAP login can be restricted to a specific domain name. --- user_external/README.md | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/user_external/README.md b/user_external/README.md index 3138f023a..c6ab2661d 100644 --- a/user_external/README.md +++ b/user_external/README.md @@ -66,12 +66,16 @@ Add the following to your `config.php`: array( 'class' => 'OC_User_IMAP', 'arguments' => array( - '{127.0.0.1:143/imap/readonly}', + '{127.0.0.1:143/imap/readonly}', 'example.com' ), ), ), This connects to the IMAP server on IP `127.0.0.1`, in readonly mode. +If a domain name (e.g. example.com) is specified, then this makes sure that +only users from this domain will be allowed to login. After successfull +login the domain part will be striped and the rest used as username in +NextCloud. e.g. 'username@example.com' will be 'username' in NextCloud. Read the [imap_open][0] PHP manual page to learn more about the allowed parameters. -- cgit v1.2.3 From 9d9342d5cdb7de813834ae0a7d2a9b44dff4234e Mon Sep 17 00:00:00 2001 From: Joas Schilling Date: Tue, 18 Apr 2017 13:02:58 +0200 Subject: Update issue_template.md --- issue_template.md | 89 +++++++++++++++++++++++++++++++++++++++++++++---------- 1 file changed, 74 insertions(+), 15 deletions(-) diff --git a/issue_template.md b/issue_template.md index 3377504e6..5219a4f7e 100644 --- a/issue_template.md +++ b/issue_template.md @@ -1,5 +1,9 @@ ### Affected apps Tell us which app(s) you are talking about +### Steps to reproduce +1. +2. +3. ### Expected behaviour Tell us what should happen @@ -7,26 +11,81 @@ Tell us what should happen ### Actual behaviour Tell us what happens instead -### Steps to reproduce -1. -2. -3. - ### Server configuration -Operating system: + + +**Operating system**: + +**Web server:** + +**Database:** + +**PHP version:** + +**Server version:** (see your admin page) -Web server: +**Calendar version:** (see the apps page) -Database: +**Updated from an older installed version or fresh install:** -PHP version: +**Signing status (ownCloud/Nextcloud 9.0 and above):** -ownCloud version: +``` +Login as admin user into your cloud and access +http://example.com/index.php/settings/integrity/failed +paste the results here. +``` + +**List of activated apps:** + +``` +If you have access to your command line run e.g.: +sudo -u www-data php occ app:list +from within your instance's installation folder +``` + +**Nextcloud configuration:** + +``` +If you have access to your command line run e.g.: +sudo -u www-data php occ config:list system +from within your instance's installation folder + +or + +Insert your config.php content here +Make sure to remove all sensitive content such as passwords. (e.g. database password, passwordsalt, secret, smtp password, …) +``` + +**Are you using external storage, if yes which one:** local/smb/sftp/... + +**Are you using encryption:** yes/no + +**Are you using an external user-backend, if yes which one:** LDAP/ActiveDirectory/Webdav/... + +#### LDAP configuration (delete this part if not used) + +``` +With access to your command line run e.g.: +sudo -u www-data php occ ldap:show-config +from within your instance's installation folder + +Without access to your command line download the data/owncloud.db to your local +computer or access your SQL server remotely and run the select query: +SELECT * FROM `oc_appconfig` WHERE `appid` = 'user_ldap'; + + +Be sure to replace sensitive data as the name/IP-address of your LDAP server or groups. +``` ### Client configuration -Browser: +**Browser:** + +**Operating system:** -Operating system: +**CalDAV-clients:** ### Logs #### Web server error log @@ -34,9 +93,9 @@ Operating system: Insert your webserver log here ``` -#### ownCloud log (data/owncloud.log) +#### Log file (data/nextcloud.log) ``` -Insert your ownCloud log here +Insert your nextcloud.log file here ``` #### Browser log @@ -44,6 +103,6 @@ Insert your ownCloud log here Insert your browser log here, this could for example include: a) The javascript console log -b) The network log +b) The network log c) ... ``` -- cgit v1.2.3