Merge branch 'develop' into develop-14

Author: mlojewski-me

CHANGELOG.md

@@ -6,9 +6,15 @@ and this project adheres to [Semantic Versioning](http://semver.org/spec/v2.0.0.
 
 ## [Unreleased]
 ### Added
-- SHA512 Whirlpool hashing algorithm
-- phpass hashing implementation
+- SHA512 Whirlpool hash algorithm
+- WoltLab Community Framework 2.x hash algorithm
+- phpass hash implementation
 - Support for salt column
+- User quota synchronization
+
+### Changed
+- Example SQL script in README file
+- Fixed misspelling
 
 ### Changed
 - Support for Nextcloud 14 only
@@ -18,18 +24,16 @@ and this project adheres to [Semantic Versioning](http://semver.org/spec/v2.0.0.
 ### Fixed
 - Table and column autocomplete in settings panel
 
-## [4.0.0-rc2]
+## [4.0.0-rc2] - 2018-06-14
 ### Added
 - User active column
 
 ### Changed
 - Fixed "Use of undefined constant" error for Argon2 Crypt with PHP below 7.2.
 
-## [4.0.0-rc1]
+## [4.0.0-rc1] - 2018-06-13
 ### Added
-- New hashing algorithms: Argon2 Crypt (PHP 7.2 and above), Blowfish Crypt, Courier base64-encoded MD5, Courier base64-encoded SHA1,
-  Courier base64-encoded SHA256, Courier hexadecimal MD5, Extended DES Crypt, SHA256 Crypt,
-  SHA512 Crypt, SSHA512, Standard DES Crypt
+- New hash algorithms: Argon2 Crypt (PHP 7.2 and above), Blowfish Crypt, Courier base64-encoded MD5, Courier base64-encoded SHA1, Courier base64-encoded SHA256, Courier hexadecimal MD5, Extended DES Crypt, SHA256 Crypt, SHA512 Crypt, SSHA512, Standard DES Crypt
 - Option to allow users to change their display names
 - Option to allow user to change its avatar 
 - Database query results cache
@@ -40,10 +44,10 @@ and this project adheres to [Semantic Versioning](http://semver.org/spec/v2.0.0.
 - The whole core implementation, which is NOT COMPATIBLE with the previous versions.
 - Minimum supported PHP version - 7.0
 
-## Removed
-- MySQL ENCRYPT() hashing implementation - Function is deprecated as of MySQL 5.7.6 and will be removed in a future MySQL release.
-- MySQL PASSWORD() hashing implementation - Function is deprecated as of MySQL 5.7.6 and will be removed in a future MySQL release.
-- Redmine hashing implementation - Cannot implement in new core system.
+### Removed
+- MySQL ENCRYPT() hash implementation - Function is deprecated as of MySQL 5.7.6 and will be removed in a future MySQL release.
+- MySQL PASSWORD() hash implementation - Function is deprecated as of MySQL 5.7.6 and will be removed in a future MySQL release.
+- Redmine hash implementation - Cannot implement in new core system.
 - User active column - Use database view instead
 - Domain support
 

README.md

@@ -50,8 +50,9 @@ Name | Description | Details
 **Allow display name change** | With this option enabled user can change its display name. The display name change is propagated to the database. | Optional.<br/>Default: false.<br/>Requires: user *Display name* column.
 **Allow password change** | Can user change its password. The password change is propagated to the database. See [Hash algorithms](#hash-algorithms). | Optional.<br/>Default: false.
 **Use cache** | Use database query results cache. The cache can be cleared any time with the *Clear cache* button click. | Optional.<br/>Default: false.
-**Hashing algorithm** | How users passwords are stored in the database. See [Hash algorithms](#hash-algorithms). | Mandatory.
-**Email sync** | Sync e-mail address with the Nextcloud.<br/>- *None* - Disables this feature. This is the default option.<br/>- *Synchronise only once* - Copy the e-mail address to the Nextcloud storage if its not set.<br/>- *Nextcloud always wins* - Always copy the e-mail address to the database. This updates the user table.<br/>- *SQL always wins* - Always copy the e-mail address to the Nextcloud storage. | Optional.<br/>Default: *None*.<br/>Requires: user *Email* column.
+**Hash algorithm** | How users passwords are stored in the database. See [Hash algorithms](#hash-algorithms). | Mandatory.
+**Email sync** | Sync e-mail address with the Nextcloud.<br/>- *None* - Disables this feature. This is the default option.<br/>- *Synchronise only once* - Copy the e-mail address to the Nextcloud preferences if its not set.<br/>- *Nextcloud always wins* - Always copy the e-mail address to the database. This updates the user table.<br/>- *SQL always wins* - Always copy the e-mail address to the Nextcloud preferences. | Optional.<br/>Default: *None*.<br/>Requires: user *Email* column.
+**Quota sync** | Sync user quota with the Nextcloud.<br/>- *None* - Disables this feature. This is the default option.<br/>- *Synchronise only once* - Copy the user quota to the Nextcloud preferences if its not set.<br/>- *Nextcloud always wins* - Always copy the user quota to the database. This updates the user table.<br/>- *SQL always wins* - Always copy the user quota to the Nextcloud preferences. | Optional.<br/>Default: *None*.<br/>Requires: user *Quota* column.
 **Home mode** | User storage path.<br/>- *Default* - Let the Nextcloud manage this. The default option.<br/>- *Query* - Use location from the user table pointed by the *home* column.<br/>- *Static* - Use static location. The `%u` variable is replaced with the username of the user. | Optional<br/>Default: *Default*.
 **Home Location** | User storage path for the `static` *home mode*. | Mandatory if the *Home mode* is set to `Static`.
 
@@ -64,11 +65,12 @@ Name | Description | Details
 **Table name** | The table name. | Mandatory for user backend.
 **Username** | Username column. | Mandatory for user backend.
 **Email** | E-mail column. | Mandatory for *Email sync* option.
+**Quota** | Quota column. | Mandatory for *Quota sync* option.
 **Home** | Home path column. | Mandatory for `Query` *Home sync* option.
 **Password** | Password hash column. | Mandatory for user backend.
 **Display name** | Display name column. | Optional.
 **Active** | Flag indicating if user can log in. | Optional.<br/>Default: true.
-**Can change avatar** | Flag indicating if user can change its avatar. | Optional.<br/>Default: false.
+**Provide avatar** | Flag indicating if user can change its avatar. | Optional.<br/>Default: false.
 **Salt** | Salt which is appended to password when checking or changing the password. | Optional.
 
 #### Group table
@@ -106,36 +108,34 @@ but be aware that some functionalities requires data changes (update queries).
 
 If you don't have any database model yet you can use below tables (MySQL):
 ```
-CREATE TABLE sql_users
+CREATE TABLE sql_user
 (
-  id                INT         AUTO_INCREMENT PRIMARY KEY,
-  username          VARCHAR(16) NOT NULL,
-  display_name      TEXT        NULL,
-  email             TEXT        NULL,
-  home              TEXT        NULL,
-  password          TEXT        NOT NULL,
-  active            TINYINT(1)  NOT NULL DEFAULT '1',
-  can_change_avatar BOOLEAN     NOT NULL DEFAULT FALSE,
-  CONSTRAINT users_username_uindex UNIQUE (username)
+  username       VARCHAR(16) PRIMARY KEY,
+  display_name   TEXT        NULL,
+  email          TEXT        NULL,
+  quota          TEXT        NULL,
+  home           TEXT        NULL,
+  password       TEXT        NOT NULL,
+  active         TINYINT(1)  NOT NULL DEFAULT '1',
+  provide_avatar BOOLEAN     NOT NULL DEFAULT FALSE
 );
 
 CREATE TABLE sql_group
 (
-  id           INT         AUTO_INCREMENT PRIMARY KEY,
-  name         VARCHAR(16) NOT NULL,
+  name         VARCHAR(16) PRIMARY KEY,
   display_name TEXT        NULL,
-  admin        BOOLEAN     NOT NULL DEFAULT FALSE,
-  CONSTRAINT group_name_uindex UNIQUE (name)
+  admin        BOOLEAN     NOT NULL DEFAULT FALSE
 );
 
 CREATE TABLE sql_user_group
 (
-  id         INT         AUTO_INCREMENT PRIMARY KEY,
-  group_name VARCHAR(16) NOT NULL,
   username   VARCHAR(16) NOT NULL,
-  CONSTRAINT user_group_group_name_username_uindex UNIQUE (group_name, username),
-  INDEX user_group_group_name_index (group_name),
-  INDEX user_group_username_index (username)
+  group_name VARCHAR(16) NOT NULL,
+  PRIMARY KEY (username, group_name),
+  FOREIGN KEY (username) REFERENCES sql_user (username),
+  FOREIGN KEY (group_name) REFERENCES sql_group (name),
+  INDEX sql_user_group_username_idx (username),
+  INDEX sql_user_group_group_name_idx (group_name)
 );
 ```
 
@@ -149,7 +149,7 @@ User table: wp_users
 Username column: user_login
 Password column: user_pass
 
-Hashing algorithm: Unix (Crypt) or Portable PHP password
+Hash algorithm: Unix (Crypt) or Portable PHP password
 ```
 
 #### JHipster
@@ -166,7 +166,7 @@ Password column: password_hash
 Email column: email
 Active column: activated
 
-Hashing algorithm: Unix (Crypt)
+Hash algorithm: Unix (Crypt)
 ```
 
 ## Hash algorithms
@@ -196,6 +196,7 @@ SHA1 | No salt supported. | 5baa61e4c9b93f3f0682250b6cf8331b7ee68fd8
 SHA512 Whirlpool | No salt supported. | a96b16ebb691dbe968b0d66d0d924cff5cf5de5e0885181d00761d87f295b2bf3d3c66187c050fc01c196ff3acaa48d3561ffd170413346e934a32280d632f2e
 SSHA256 | Generates 32 chars salt. | {SSHA256}+WxTB3JxprNteeovsuSYtgI+UkVPA9lfwGoYkz3Ff7hjd1FSdmlTMkNsSExyR21KM3NvNTZ5V0p4WXJMUjFzUg==
 SSHA512 | Generates 32 chars salt. | {SSHA512}It+v1kAEUBbhMJYJ2swAtz+RLE6ispv/FB6G/ALhK/YWwEmrloY+0jzrWIfmu+rWUXp8u0Tg4jLXypC5oXAW00IyYnRVdEZJbE9wak96bkNRVWFCYmlJNWxrdTA0QmhL
+WoltLab Community Framework 2.x | Double salted bcrypt. | $2a$08$XEQDKNU/Vbootwxv5Gp7gujxFX/RUFsZLvQPYM435Dd3/p17fto02
 
 ## Development
 
@@ -205,7 +206,7 @@ Add a new class in the `OCA\UserSQL\Platform` namespace which extends the `Abstr
 Add this driver in `admin.php` template  to `$drivers` variable and in method `getPlatform(Connection $connection)`
 of `PlatformFactory` class.
 
-#### New hashing algorithm support
+#### New hash algorithm support
 
 Create a new class in `OCA\UserSQL\Crypto` namespace which implements `IPasswordAlgorithm` interface.
 Do not forget to write unit tests.

img/screenshot.png

@@ -76,7 +76,7 @@ user_sql.adminSettingsUI = function () {
         );
 
         autocomplete(
-            "#db-table-user-column-uid, #db-table-user-column-email, #db-table-user-column-home, #db-table-user-column-password, #db-table-user-column-name, #db-table-user-column-active, #db-table-user-column-avatar, #db-table-user-column-salt",
+            "#db-table-user-column-uid, #db-table-user-column-email, #db-table-user-column-quota, #db-table-user-column-home, #db-table-user-column-password, #db-table-user-column-name, #db-table-user-column-active, #db-table-user-column-avatar, #db-table-user-column-salt",
             "/apps/user_sql/settings/autocomplete/table/user"
         );
 

js/settings.js

@@ -94,7 +94,7 @@ public function doAction(User $user)
         $result = false;
 
         switch ($this->properties[Opt::EMAIL_SYNC]) {
-        case App::EMAIL_INITIAL:
+        case App::SYNC_INITIAL:
             if (empty($ncMail) && !empty($user->email)) {
                 $this->config->setUserValue(
                     $user->uid, "settings", "email", $user->email
@@ -103,7 +103,7 @@ public function doAction(User $user)
 
             $result = true;
             break;
-        case App::EMAIL_FORCE_NC:
+        case App::SYNC_FORCE_NC:
             if (!empty($ncMail) && $user->email !== $ncMail) {
                 $user = $this->userRepository->findByUid($user->uid);
                 if (!($user instanceof User)) {
@@ -115,7 +115,7 @@ public function doAction(User $user)
             }
 
             break;
-        case App::EMAIL_FORCE_SQL:
+        case App::SYNC_FORCE_SQL:
             if (!empty($user->email) && $user->email !== $ncMail) {
                 $this->config->setUserValue(
                     $user->uid, "settings", "email", $user->email

lib/Action/EmailSync.php

@@ -0,0 +1,137 @@
+<?php
+/**
+ * Nextcloud - user_sql
+ *
+ * @copyright 2018 Marcin Łojewski <dev@mlojewski.me>
+ * @author    Marcin Łojewski <dev@mlojewski.me>
+ *
+ * This program is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU Affero General Public License as
+ * published by the Free Software Foundation, either version 3 of the
+ * License, or (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU Affero General Public License for more details.
+ *
+ * You should have received a copy of the GNU Affero General Public License
+ * along with this program.  If not, see <https://www.gnu.org/licenses/>.
+ */
+
+namespace OCA\UserSQL\Action;
+
+use OCA\UserSQL\Constant\App;
+use OCA\UserSQL\Constant\Opt;
+use OCA\UserSQL\Model\User;
+use OCA\UserSQL\Properties;
+use OCA\UserSQL\Repository\UserRepository;
+use OCP\IConfig;
+use OCP\ILogger;
+
+/**
+ * Synchronizes the user quota.
+ *
+ * @author Marcin Łojewski <dev@mlojewski.me>
+ */
+class QuotaSync implements IUserAction
+{
+    /**
+     * @var string The application name.
+     */
+    private $appName;
+    /**
+     * @var ILogger The logger instance.
+     */
+    private $logger;
+    /**
+     * @var Properties The properties array.
+     */
+    private $properties;
+    /**
+     * @var IConfig The config instance.
+     */
+    private $config;
+    /**
+     * @var UserRepository The user repository.
+     */
+    private $userRepository;
+
+    /**
+     * The default constructor.
+     *
+     * @param string         $appName        The application name.
+     * @param ILogger        $logger         The logger instance.
+     * @param Properties     $properties     The properties array.
+     * @param IConfig        $config         The config instance.
+     * @param UserRepository $userRepository The user repository.
+     */
+    public function __construct(
+        $appName, ILogger $logger, Properties $properties, IConfig $config,
+        UserRepository $userRepository
+    ) {
+        $this->appName = $appName;
+        $this->logger = $logger;
+        $this->properties = $properties;
+        $this->config = $config;
+        $this->userRepository = $userRepository;
+    }
+
+    /**
+     * @inheritdoc
+     * @throws \OCP\PreConditionNotMetException
+     */
+    public function doAction(User $user)
+    {
+        $this->logger->debug(
+            "Entering QuotaSync#doAction($user->uid)", ["app" => $this->appName]
+        );
+
+        $ncQuota = $this->config->getUserValue(
+            $user->uid, "files", "quota", ""
+        );
+
+        $result = false;
+
+        switch ($this->properties[Opt::QUOTA_SYNC]) {
+        case App::SYNC_INITIAL:
+            if (empty($ncQuota) && !empty($user->quota)) {
+                $this->config->setUserValue(
+                    $user->uid, "files", "quota", $user->quota
+                );
+            }
+
+            $result = true;
+            break;
+        case App::SYNC_FORCE_NC:
+            if (!empty($ncQuota) && $user->quota !== $ncQuota) {
+                $user = $this->userRepository->findByUid($user->uid);
+                if (!($user instanceof User)) {
+                    break;
+                }
+
+                $user->quota = $ncQuota;
+                $result = $this->userRepository->save($user);
+            }
+
+            break;
+        case App::SYNC_FORCE_SQL:
+            if (!empty($user->quota) && $user->quota !== $ncQuota) {
+                $this->config->setUserValue(
+                    $user->uid, "files", "quota", $user->quota
+                );
+            }
+
+            $result = true;
+            break;
+        }
+
+        $this->logger->debug(
+            "Returning QuotaSync#doAction($user->uid): " . ($result ? "true"
+                : "false"),
+            ["app" => $this->appName]
+        );
+
+        return $result;
+    }
+}

lib/Action/QuotaSync.php

@@ -23,6 +23,7 @@
 
 use OCA\UserSQL\Action\EmailSync;
 use OCA\UserSQL\Action\IUserAction;
+use OCA\UserSQL\Action\QuotaSync;
 use OCA\UserSQL\Cache;
 use OCA\UserSQL\Constant\App;
 use OCA\UserSQL\Constant\DB;
@@ -130,6 +131,14 @@ private function initActions()
                 $this->userRepository
             );
         }
+        if (!empty($this->properties[Opt::QUOTA_SYNC])
+            && !empty($this->properties[DB::USER_QUOTA_COLUMN])
+        ) {
+            $this->actions[] = new QuotaSync(
+                $this->appName, $this->logger, $this->properties, $this->config,
+                $this->userRepository
+            );
+        }
     }
 
     /**

lib/Backend/UserBackend.php

@@ -34,7 +34,7 @@ final class App
     const HOME_QUERY = "query";
     const HOME_STATIC = "static";
 
-    const EMAIL_FORCE_NC = "force_nc";
-    const EMAIL_FORCE_SQL = "force_sql";
-    const EMAIL_INITIAL = "initial";
+    const SYNC_FORCE_NC = "force_nc";
+    const SYNC_FORCE_SQL = "force_sql";
+    const SYNC_INITIAL = "initial";
 }

lib/Constant/App.php

@@ -51,6 +51,7 @@ final class DB
     const USER_HOME_COLUMN = "db.table.user.column.home";
     const USER_NAME_COLUMN = "db.table.user.column.name";
     const USER_PASSWORD_COLUMN = "db.table.user.column.password";
+    const USER_QUOTA_COLUMN = "db.table.user.column.quota";
     const USER_SALT_COLUMN = "db.table.user.column.salt";
     const USER_UID_COLUMN = "db.table.user.column.uid";
 }

lib/Constant/DB.php

@@ -34,5 +34,6 @@ final class Opt
     const HOME_MODE = "opt.home_mode";
     const NAME_CHANGE = "opt.name_change";
     const PASSWORD_CHANGE = "opt.password_change";
+    const QUOTA_SYNC = "opt.quota_sync";
     const USE_CACHE = "opt.use_cache";
 }