Merge branch 'master' into external-fix-links

issue_template.md

@@ -1,49 +1,108 @@
 ### Affected apps
 Tell us which app(s) you are talking about
+### Steps to reproduce
+1.
+2.
+3.
 
 ### Expected behaviour
 Tell us what should happen
 
 ### Actual behaviour
 Tell us what happens instead
 
-### Steps to reproduce
-1. 
-2. 
-3. 
-
 ### Server configuration
-Operating system:
+<!--
+You can use the Issue Template application to prefill most of the required information: https://apps.nextcloud.com/apps/issuetemplate
+-->
+
+**Operating system**:
+
+**Web server:**
+
+**Database:**
+
+**PHP version:**
+
+**Server version:** (see your admin page)
 
-Web server: 
+**Calendar version:** (see the apps page)
 
-Database:
+**Updated from an older installed version or fresh install:**
 
-PHP version:
+**Signing status (ownCloud/Nextcloud 9.0 and above):**
 
-ownCloud version:
+```
+Login as admin user into your cloud and access
+http://example.com/index.php/settings/integrity/failed
+paste the results here.
+```
+
+**List of activated apps:**
+
+```
+If you have access to your command line run e.g.:
+sudo -u www-data php occ app:list
+from within your instance's installation folder
+```
+
+**Nextcloud configuration:**
+
+```
+If you have access to your command line run e.g.:
+sudo -u www-data php occ config:list system
+from within your instance's installation folder
+
+or
+
+Insert your config.php content here
+Make sure to remove all sensitive content such as passwords. (e.g. database password, passwordsalt, secret, smtp password, …)
+```
+
+**Are you using external storage, if yes which one:** local/smb/sftp/...
+
+**Are you using encryption:** yes/no
+
+**Are you using an external user-backend, if yes which one:** LDAP/ActiveDirectory/Webdav/...
+
+#### LDAP configuration (delete this part if not used)
+
+```
+With access to your command line run e.g.:
+sudo -u www-data php occ ldap:show-config
+from within your instance's installation folder
+
+Without access to your command line download the data/owncloud.db to your local
+computer or access your SQL server remotely and run the select query:
+SELECT * FROM `oc_appconfig` WHERE `appid` = 'user_ldap';
+
+
+Be sure to replace sensitive data as the name/IP-address of your LDAP server or groups.
+```
 
 ### Client configuration
-Browser:
+**Browser:**
+
+**Operating system:**
 
-Operating system:
+**CalDAV-clients:**
 
 ### Logs
 #### Web server error log
 ```
 Insert your webserver log here
 ```
 
-#### ownCloud log (data/owncloud.log)
+#### Log file (data/nextcloud.log)
 ```
-Insert your ownCloud log here
+Insert your nextcloud.log file here
 ```
 
 #### Browser log
 ```
 Insert your browser log here, this could for example include:
 
 a) The javascript console log
-b) The network log 
+b) The network log
 c) ...
 ```

user_external/README.md

@@ -66,12 +66,16 @@ Add the following to your `config.php`:
         array(
             'class' => 'OC_User_IMAP',
             'arguments' => array(
-                '{127.0.0.1:143/imap/readonly}',
+                '{127.0.0.1:143/imap/readonly}', 'example.com'
             ),
         ),
     ),
 
 This connects to the IMAP server on IP `127.0.0.1`, in readonly mode.
+If a domain name (e.g. example.com) is specified, then this makes sure that 
+only users from this domain will be allowed to login. After successfull
+login the domain part will be striped and the rest used as username in
+NextCloud. e.g. 'username@example.com' will be 'username' in NextCloud.
 
 Read the [imap_open][0] PHP manual page to learn more about the allowed
 parameters.

user_external/lib/imap.php

@@ -17,16 +17,19 @@
  */
 class OC_User_IMAP extends \OCA\user_external\Base {
 	private $mailbox;
+	private $domain;
 
 	/**
 	 * Create new IMAP authentication provider
 	 *
 	 * @param string $mailbox PHP imap_open mailbox definition, e.g.
 	 *                        {127.0.0.1:143/imap/readonly}
+	 * @param string $domain  If provided, loging will be restricted to this domain
 	 */
-	public function __construct($mailbox) {
+	public function __construct($mailbox, $domain = '') {
 		parent::__construct($mailbox);
 		$this->mailbox=$mailbox;
+		$this->domain=$domain;
 	}
 
 	/**
@@ -42,7 +45,23 @@ public function checkPassword($uid, $password) {
 			OCP\Util::writeLog('user_external', 'ERROR: PHP imap extension is not installed', OCP\Util::ERROR);
 			return false;
 		}
-		$mbox = @imap_open($this->mailbox, $uid, $password, OP_HALFOPEN, 1);
+
+ 		// Check if we only want logins from ONE domain and strip the domain part from UID		
+ 		if($this->domain != '') {
+ 			$pieces = explode('@', $uid);
+ 			if(count($pieces) == 1) {
+ 				$username = $uid . "@" . $this->domain;
+ 			}elseif((count($pieces) == 2) and ($pieces[1] == $this->domain)) {
+ 				$username = $uid;
+ 				$uid = $pieces[0];
+ 			}else{
+ 				return false;
+ 			}
+ 		}else{
+ 			$username = $uid;
+ 		}
+
+ 		$mbox = @imap_open($this->mailbox, $username, $password, OP_HALFOPEN, 1);
 		imap_errors();
 		imap_alerts();
 		if($mbox !== FALSE) {