make performance less bad. Still far from good, but at least it works
This commit is contained in:
parent
a7a532f58a
commit
4e8c7570d4
|
@ -34,6 +34,11 @@ class GROUP_LDAP extends BackendUtility implements \OCP\GroupInterface {
|
||||||
*/
|
*/
|
||||||
protected $cachedGroupMembers = array();
|
protected $cachedGroupMembers = array();
|
||||||
|
|
||||||
|
/**
|
||||||
|
* @var string[] $cachedGroupsByMember array of groups with uid as key
|
||||||
|
*/
|
||||||
|
protected $cachedGroupsByMember = array();
|
||||||
|
|
||||||
public function __construct(Access $access) {
|
public function __construct(Access $access) {
|
||||||
parent::__construct($access);
|
parent::__construct($access);
|
||||||
$filter = $this->access->connection->ldapGroupFilter;
|
$filter = $this->access->connection->ldapGroupFilter;
|
||||||
|
@ -98,16 +103,28 @@ class GROUP_LDAP extends BackendUtility implements \OCP\GroupInterface {
|
||||||
}
|
}
|
||||||
|
|
||||||
//extra work if we don't get back user DNs
|
//extra work if we don't get back user DNs
|
||||||
//TODO: this can be done with one LDAP query
|
|
||||||
if(strtolower($this->access->connection->ldapGroupMemberAssocAttr) === 'memberuid') {
|
if(strtolower($this->access->connection->ldapGroupMemberAssocAttr) === 'memberuid') {
|
||||||
$dns = array();
|
$dns = array();
|
||||||
|
$filterParts = array();
|
||||||
|
$bytes = 0;
|
||||||
foreach($members as $mid) {
|
foreach($members as $mid) {
|
||||||
$filter = str_replace('%uid', $mid, $this->access->connection->ldapLoginFilter);
|
$filter = str_replace('%uid', $mid, $this->access->connection->ldapLoginFilter);
|
||||||
$ldap_users = $this->access->fetchListOfUsers($filter, 'dn');
|
$filterParts[] = $filter;
|
||||||
if(count($ldap_users) < 1) {
|
$bytes += strlen($filter);
|
||||||
continue;
|
if($bytes >= 9000000) {
|
||||||
|
// AD has a default input buffer of 10 MB, we do not want
|
||||||
|
// to take even the chance to exceed it
|
||||||
|
$filter = $this->access->combineFilterWithOr($filterParts);
|
||||||
|
$bytes = 0;
|
||||||
|
$filterParts = array();
|
||||||
|
$users = $this->access->fetchListOfUsers($filter, 'dn', count($filterParts));
|
||||||
|
$dns = array_merge($dns, $users);
|
||||||
}
|
}
|
||||||
$dns[] = $ldap_users[0];
|
}
|
||||||
|
if(count($filterParts) > 0) {
|
||||||
|
$filter = $this->access->combineFilterWithOr($filterParts);
|
||||||
|
$users = $this->access->fetchListOfUsers($filter, 'dn', count($filterParts));
|
||||||
|
$dns = array_merge($dns, $users);
|
||||||
}
|
}
|
||||||
$members = $dns;
|
$members = $dns;
|
||||||
}
|
}
|
||||||
|
@ -316,8 +333,13 @@ class GROUP_LDAP extends BackendUtility implements \OCP\GroupInterface {
|
||||||
$uid = $userDN;
|
$uid = $userDN;
|
||||||
}
|
}
|
||||||
|
|
||||||
$groups = array_values($this->getGroupsByMember($uid));
|
if(isset($this->cachedGroupsByMember[$uid])) {
|
||||||
$groups = $this->access->ownCloudGroupNames($groups);
|
$groups = $this->cachedGroupsByMember[$uid];
|
||||||
|
} else {
|
||||||
|
$groups = array_values($this->getGroupsByMember($uid));
|
||||||
|
$groups = $this->access->ownCloudGroupNames($groups);
|
||||||
|
$this->cachedGroupsByMember[$uid] = $groups;
|
||||||
|
}
|
||||||
|
|
||||||
$primaryGroup = $this->getUserPrimaryGroup($userDN);
|
$primaryGroup = $this->getUserPrimaryGroup($userDN);
|
||||||
if($primaryGroup !== false) {
|
if($primaryGroup !== false) {
|
||||||
|
|
|
@ -1359,7 +1359,7 @@ class Access extends LDAPUtility implements user\IUserTools {
|
||||||
* @param string[] $bases array containing the allowed base DN or DNs
|
* @param string[] $bases array containing the allowed base DN or DNs
|
||||||
* @return bool
|
* @return bool
|
||||||
*/
|
*/
|
||||||
private function isDNPartOfBase($dn, $bases) {
|
public function isDNPartOfBase($dn, $bases) {
|
||||||
$belongsToBase = false;
|
$belongsToBase = false;
|
||||||
$bases = $this->sanitizeDN($bases);
|
$bases = $this->sanitizeDN($bases);
|
||||||
|
|
||||||
|
|
|
@ -223,10 +223,9 @@ class Manager extends PublicEmitter implements IGroupManager {
|
||||||
if(!empty($search)) {
|
if(!empty($search)) {
|
||||||
// only user backends have the capability to do a complex search for users
|
// only user backends have the capability to do a complex search for users
|
||||||
$searchOffset = 0;
|
$searchOffset = 0;
|
||||||
|
$searchLimit = $limit * 100;
|
||||||
if($limit === -1) {
|
if($limit === -1) {
|
||||||
$searchLimit = $group->count('');
|
$searchLimit = 500;
|
||||||
} else {
|
|
||||||
$searchLimit = $limit * 2;
|
|
||||||
}
|
}
|
||||||
|
|
||||||
do {
|
do {
|
||||||
|
|
Loading…
Reference in New Issue