mbk-lab
/
nextcloud
2
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

Refactored code to avoid performance problem 

Moved the dynamic group processing to the top and removed condition in memberOf processing.

Also, changed variable name $value to $memberUrl
This commit is contained in:
alexweirig 2016-01-28 14:43:55 +01:00 committed by Arthur Schiwon
parent 0d797637f3
commit 39aac2c66b
1 changed files with 37 additions and 41 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

78
apps/user_ldap/group_ldap.php
View File

@ -453,6 +453,39 @@ class GROUP_LDAP extends BackendUtility implements \OCP\GroupInterface {
$dynamicGroupMemberURL = strtolower($this->access->connection->ldapDynamicGroupMemberURL);
if (!empty($dynamicGroupMemberURL)) {
// look through dynamic groups to add them to the result array if needed
$groupsToMatch = $this->access->fetchListOfGroups(
$this->access->connection->ldapGroupFilter,array('dn',$dynamicGroupMemberURL));
foreach($groupsToMatch as $memberUrl) {
if (!array_key_exists($dynamicGroupMemberURL, $memberUrl)) {
continue;
}
$pos = strpos($memberUrl[$dynamicGroupMemberURL][0], '(');
if ($pos !== false) {
$memberUrlFilter = substr($memberUrl[$dynamicGroupMemberURL][0],$pos);
// apply filter via ldap search to see if this user is in this
// dynamic group
$userMatch = $this->access->readAttribute(
$uid,
$this->access->connection->ldapUserDisplayName,
$memberUrlFilter
);
if ($userMatch !== false) {
// match found so this user is in this group
$pos = strpos($memberUrl['dn'][0], ',');
if ($pos !== false) {
$membershipGroup = substr($memberUrl['dn'][0],3,$pos-3);
$groups[] = $membershipGroup;
}
}
} else {
\OCP\Util::writeLog('user_ldap', 'No search filter found on member url '.
'of group ' . $dnGroup, \OCP\Util::DEBUG);
}
}
}
// if possible, read out membership via memberOf. It's far faster than
// performing a search, which still is a fallback later.
if(intval($this->access->connection->hasMemberOfFilterSupport) === 1
@ -470,15 +503,11 @@ class GROUP_LDAP extends BackendUtility implements \OCP\GroupInterface {
}
}
if (empty($dynamicGroupMemberURL)) {
// if dynamic group membership is not enabled then we can return
// straight away
if($primaryGroup !== false) {
$groups[] = $primaryGroup;
}
$this->access->connection->writeToCache($cacheKey, $groups);
return $groups;
if($primaryGroup !== false) {
$groups[] = $primaryGroup;
}
$this->access->connection->writeToCache($cacheKey, $groups);
return $groups;
}
//uniqueMember takes DN, memberuid the uid, so we need to distinguish
@ -510,39 +539,6 @@ class GROUP_LDAP extends BackendUtility implements \OCP\GroupInterface {
$groups[] = $primaryGroup;
}
if (!empty($dynamicGroupMemberURL)) {
// look through dynamic groups to add them to the result array if needed
$groupsToMatch = $this->access->fetchListOfGroups(
$this->access->connection->ldapGroupFilter,array('dn',$dynamicGroupMemberURL));
foreach($groupsToMatch as $value) {
if (!array_key_exists($dynamicGroupMemberURL, $value)) {
continue;
}
$pos = strpos($value[$dynamicGroupMemberURL][0], '(');
if ($pos !== false) {
$memberUrlFilter = substr($value[$dynamicGroupMemberURL][0],$pos);
// apply filter via ldap search to see if this user is in this
// dynamic group
$userMatch = $this->access->readAttribute(
$uid,
$this->access->connection->ldapUserDisplayName,
$memberUrlFilter
);
if ($userMatch !== false) {
// match found so this user is in this group
$pos = strpos($value['dn'][0], ',');
if ($pos !== false) {
$membershipGroup = substr($value['dn'][0],3,$pos-3);
$groups[] = $membershipGroup;
}
}
} else {
\OCP\Util::writeLog('user_ldap', 'No search filter found on member url '.
'of group ' . $dnGroup, \OCP\Util::DEBUG);
}
}
}
$groups = array_unique($groups, SORT_LOCALE_STRING);
$this->access->connection->writeToCache($cacheKey, $groups);