Possibility to limit imap access based on username regexp

README.md

@@ -62,15 +62,15 @@ IMAP user and password need to be given for the Nextcloud login.
 
 
 ### Configuration
-The parameters are `host, port, sslmode, domain`.
+The parameters are `host, port, sslmode, domain, user_regexp`.
 Possible values for sslmode are `ssl` or `tls`.
 Add the following to your `config.php`:
 
     'user_backends' => array(
         array(
             'class' => 'OC_User_IMAP',
             'arguments' => array(
-                '127.0.0.1', 993, 'ssl', 'example.com', true, false
+                '127.0.0.1', 993, 'ssl', 'example.com', true, false, '^user[0-9]?$|^admin_user$|^other_admin_user$'
             ),
         ),
     ),
@@ -88,6 +88,9 @@ the rest used as username in Nextcloud. e.g. '[email protected]' will be
 the user, it is added to a group corresponding to the name of the domain part
 of the address. 
 
+In case when not all email accounts should have access to nexcloud platform you can limit allowed users adding optional user_regexp setting.
+That should be PHP preg_match patern. Be carreful with these setting especially with ^$ chars. Without ^$ patern 'user1' will match also 'other_user10' account!
+
 **⚠⚠ Warning:** If you are [**upgrading** from versions **<0.6.0**](https://github.com/nextcloud/user_external/releases/tag/v0.6.0), beside adapting your `config.php` you also have to change the `backend` column in the `users_external` table of the database. In your pre 0.6.0 database it may look like `{127.0.0.1:993/imap/ssl/readonly}INBOX` or similar, but now it has to be just `127.0.0.1` for everything to work flawless again. ⚠⚠
 
 

lib/imap.php

@@ -35,14 +35,15 @@ class OC_User_IMAP extends \OCA\user_external\Base {
 	 * @param boolean $stripeDomain (whether to stripe the domain part from the username or not)
 	 * @param boolean $groupDomain (whether to add the usere to a group corresponding to the domain of the address)
 	 */
-	public function __construct($mailbox, $port = null, $sslmode = null, $domain = null, $stripeDomain = true, $groupDomain = false) {
+	public function __construct($mailbox, $port = null, $sslmode = null, $domain = null, $stripeDomain = true, $groupDomain = false, $user_regexp = null) {
 		parent::__construct($mailbox);
 		$this->mailbox = $mailbox;
 		$this->port = $port === null ? 143 : $port;
 		$this->sslmode = $sslmode;
 		$this->domain = $domain === null ? '' : $domain;
 		$this->stripeDomain = $stripeDomain;
 		$this->groupDomain = $groupDomain;
+		$this->user_regexp = $user_regexp === null ? '' : $user_regexp;
 	}
 
 	/**
@@ -80,6 +81,16 @@ public function checkPassword($uid, $password) {
 			$username = $uid;
  		}
 
+		if ($this->user_regexp !== '') {
+			if (!preg_match('/'.$this->user_regexp.'/', $username)) {
+				OC::$server->getLogger()->error(
+				'ERROR: User:'.$username.' does NOT match user regexp: '.$this->user_regexp,
+				['app' => 'user_external']
+				);
+				return false;
+			}
+		}
+
 		$groups = [];
 		if ($this->groupDomain && $pieces[1]) {
 					$groups[] = $pieces[1];