Added tons of Hooks to OC_USER and OC_GROUP

owncloud · Apr 18, 2011 · b37fb91 · b37fb91
1 parent 1fe5f5a
commit b37fb91
Show file tree

Hide file tree

Showing 4 changed files with 131 additions and 20 deletions.
diff --git a/lib/User/backend.php b/lib/User/backend.php
@@ -30,13 +30,14 @@ abstract class OC_USER_BACKEND {
 
 	/**
 	 * @brief Create a new user
-	 * @param $username The username of the user to create
+	 * @param $uid The username of the user to create
 	 * @param $password The password of the new user
 	 * @returns true/false
 	 *
-	 * Creates a new user
+	 * Creates a new user. Basic checking of username is done in OC_USER
+	 * itself, not in its subclasses.
 	 */
-	public static function createUser($username, $password){}
+	public static function createUser($uid, $password){}
 
 	/**
 	 * @brief delete a user

diff --git a/lib/User/database.php b/lib/User/database.php
@@ -43,23 +43,24 @@ class OC_USER_DATABASE extends OC_USER_BACKEND {
 
 	/**
 	 * @brief Create a new user
-	 * @param $username The username of the user to create
+	 * @param $uid The username of the user to create
 	 * @param $password The password of the new user
 	 * @returns true/false
 	 *
-	 * Creates a new user
+	 * Creates a new user. Basic checking of username is done in OC_USER
+	 * itself, not in its subclasses.
 	 */
-	public static function createUser( $username, $password ){
+	public static function createUser( $uid, $password ){
 		// Check if the user already exists
 		$query = OC_DB::prepare( "SELECT * FROM `*PREFIX*users` WHERE uid = ?" );
-		$result = $query->execute( array( $username ));
+		$result = $query->execute( array( $uid ));
 
 		if ( $result->numRows() > 0 ){
 			return false;
 		}
 		else{
 			$query = OC_DB::prepare( "INSERT INTO `*PREFIX*users` ( `uid`, `password` ) VALUES( ?, ? )" );
-			$result = $query->execute( array( $username, sha1( $password )));
+			$result = $query->execute( array( $uid, sha1( $password )));
 
 			return $result ? true : false;
 		}

diff --git a/lib/group.php b/lib/group.php
@@ -22,6 +22,16 @@
 
 /**
  * This class provides all methods needed for managing groups.
+ *
+ * Hooks provided:
+ *   pre_createGroup(&run, gid)
+ *   post_createGroup(gid)
+ *   pre_deleteGroup(&run, gid)
+ *   post_deleteGroup(gid)
+ *   pre_addToGroup(&run, uid, gid)
+ *   post_addToGroup(uid, gid)
+ *   pre_removeFromGroup(&run, uid, gid)
+ *   post_removeFromGroup(uid, gid)
  */
 class OC_GROUP {
 	// The backend used for user management
@@ -84,10 +94,26 @@ public static function setBackend( $backend = 'database' ){
 	 * @returns true/false
 	 *
 	 * Trys to create a new group. If the group name already exists, false will
-	 * be returned.
+	 * be returned. Basic checking of Group name
+	 *
+	 * Allowed characters in the username are: "a-z", "A-Z", "0-9" and "_.@-"
 	 */
 	public static function createGroup( $gid ){
-		return self::$_backend->createGroup($gid);
+		// Check the name for bad characters
+		// Allowed are: "a-z", "A-Z", "0-9" and "_.@-"
+		if( preg_match( '/[^a-zA-Z0-9 _\.@\-]/', $gid )){
+			return false;
+		}
+		$run = true;
+		OC_HOOK::emit( "OC_GROUP", "pre_createGroup", array( "run" => &$run, "gid" => $gid ));
+
+		if( $run && self::$_backend->createGroup( $gid )){
+			OC_HOOK::emit( "OC_GROUP", "post_createGroup", array( "gid" => $gid ));
+			return true;
+		}
+		else{
+			return false;
+		}
 	}
 
 	/**
@@ -98,7 +124,16 @@ public static function createGroup( $gid ){
 	 * Deletes a group and removes it from the group_user-table
 	 */
 	public static function deleteGroup( $gid ){
-		return self::$_backend->deleteGroup($gid);
+		$run = true;
+		OC_HOOK::emit( "OC_GROUP", "pre_deleteGroup", array( "run" => &$run, "gid" => $gid ));
+
+		if( $run && self::$_backend->deleteGroup( $gid )){
+			OC_HOOK::emit( "OC_GROUP", "post_deleteGroup", array( "gid" => $gid ));
+			return true;
+		}
+		else{
+			return false;
+		}
 	}
 
 	/**
@@ -122,7 +157,16 @@ public static function inGroup( $uid, $gid ){
 	 * Adds a user to a group.
 	 */
 	public static function addToGroup( $uid, $gid ){
-		return self::$_backend->addToGroup($uid, $gid);
+		$run = true;
+		OC_HOOK::emit( "OC_GROUP", "pre_addToGroup", array( "run" => &$run, "uid" => $uid, "gid" => $gid ));
+
+		if( $run && self::$_backend->addToGroup( $uid, $gid )){
+			OC_HOOK::emit( "OC_GROUP", "post_addToGroup", array( "uid" => $uid, "gid" => $gid ));
+			return true;
+		}
+		else{
+			return false;
+		}
 	}
 
 	/**
@@ -134,7 +178,16 @@ public static function addToGroup( $uid, $gid ){
 	 * removes the user from a group.
 	 */
 	public static function removeFromGroup( $uid, $gid ){
-		return self::$_backend->removeFromGroup($uid, $gid);
+		$run = true;
+		OC_HOOK::emit( "OC_GROUP", "pre_removeFromGroup", array( "run" => &$run, "uid" => $uid, "gid" => $gid ));
+
+		if( $run && self::$_backend->removeFromGroup( $uid, $gid )){
+			OC_HOOK::emit( "OC_GROUP", "post_removeFromGroup", array( "uid" => $uid, "gid" => $gid ));
+			return true;
+		}
+		else{
+			return false;
+		}
 	}
 
 	/**

diff --git a/lib/user.php b/lib/user.php
@@ -26,6 +26,17 @@
 
 /**
  * This class provides all methods for user management.
+ *
+ * Hooks provided:
+ *   pre_createUser(&run, uid, password)
+ *   post_createUser(uid, password)
+ *   pre_deleteUser(&run, uid)
+ *   post_deleteUser(uid)
+ *   pre_setPassword(&run, uid, password)
+ *   post_setPassword(uid, password)
+ *   pre_login(&run, uid)
+ *   post_login(uid)
+ *   logout()
  */
 class OC_USER {
 	// The backend used for user management
@@ -88,14 +99,31 @@ public static function setBackend( $backend = 'database' ){
 
 	/**
 	 * @brief Create a new user
-	 * @param $username The username of the user to create
+	 * @param $uid The username of the user to create
 	 * @param $password The password of the new user
 	 * @returns true/false
 	 *
-	 * Creates a new user
+	 * Creates a new user. Basic checking of username is done in OC_USER
+	 * itself, not in its subclasses.
+	 *
+	 * Allowed characters in the username are: "a-z", "A-Z", "0-9" and "_.@-"
 	 */
-	public static function createUser( $username, $password ){
-		return self::$_backend->createUser( $username, $password );
+	public static function createUser( $uid, $password ){
+		// Check the name for bad characters
+		// Allowed are: "a-z", "A-Z", "0-9" and "_.@-"
+		if( preg_match( '/[^a-zA-Z0-9 _\.@\-]/', $uid )){
+			return false;
+		}
+		$run = true;
+		OC_HOOK::emit( "OC_USER", "pre_createUser", array( "run" => &$run, "uid" => $uid, "password" => $password ));
+
+		if( $run && self::$_backend->createUser( $uid, $password )){
+			OC_HOOK::emit( "OC_USER", "post_createUser", array( "uid" => $uid, "password" => $password ));
+			return true;
+		}
+		else{
+			return false;
+		}
 	}
 
 	/**
@@ -106,7 +134,16 @@ public static function createUser( $username, $password ){
 	 * Deletes a user
 	 */
 	public static function deleteUser( $uid ){
-		return self::$_backend->deleteUser( $uid );
+		$run = true;
+		OC_HOOK::emit( "OC_USER", "pre_deleteUser", array( "run" => &$run, "uid" => $uid ));
+
+		if( $run && self::$_backend->deleteUser( $uid )){
+			OC_HOOK::emit( "OC_USER", "post_deleteUser", array( "uid" => $uid ));
+			return true;
+		}
+		else{
+			return false;
+		}
 	}
 
 	/**
@@ -118,7 +155,16 @@ public static function deleteUser( $uid ){
 	 * Log in a user - if the password is ok
 	 */
 	public static function login( $uid, $password ){
-		return self::$_backend->login( $uid, $password );
+		$run = true;
+		OC_HOOK::emit( "OC_USER", "pre_login", array( "run" => &$run, "uid" => $uid ));
+
+		if( $run && self::$_backend->login( $uid, $password )){
+			OC_HOOK::emit( "OC_USER", "post_login", array( "uid" => $uid ));
+			return true;
+		}
+		else{
+			return false;
+		}
 	}
 
 	/**
@@ -128,6 +174,7 @@ public static function login( $uid, $password ){
 	 * Logout, destroys session
 	 */
 	public static function logout(){
+		OC_HOOK::emit( "OC_USER", "logout", array());
 		return self::$_backend->logout();
 	}
 
@@ -160,7 +207,16 @@ public static function generatePassword(){
 	 * Change the password of a user
 	 */
 	public static function setPassword( $uid, $password ){
-		return self::$_backend->setPassword( $uid, $password );
+		$run = true;
+		OC_HOOK::emit( "OC_USER", "pre_setPassword", array( "run" => &$run, "uid" => $uid, "password" => $password ));
+
+		if( $run && self::$_backend->setPassword( $uid, $password )){
+			OC_HOOK::emit( "OC_USER", "post_setPassword", array( "uid" => $uid, "password" => $password ));
+			return true;
+		}
+		else{
+			return false;
+		}
 	}
 
 	/**