LDAP: optimize LDAP requests for users and groups. Settings are still to do, though.
This commit is contained in:
parent
6ee7dc5f59
commit
912c87eeda
|
@ -47,14 +47,12 @@ class OC_GROUP_LDAP extends OC_Group_Backend {
|
||||||
LDAP_GROUP_MEMBER_ASSOC_ATTR.'='.$uid,
|
LDAP_GROUP_MEMBER_ASSOC_ATTR.'='.$uid,
|
||||||
$this->ldapGroupDisplayName.'='.$gid
|
$this->ldapGroupDisplayName.'='.$gid
|
||||||
));
|
));
|
||||||
$groups = OC_LDAP::search($filter, $this->ldapGroupDisplayName);
|
$groups = $this->retrieveList($filter, $this->ldapGroupDisplayName);
|
||||||
|
|
||||||
if(count($groups) == 1) {
|
if(count($groups) > 0) {
|
||||||
return true;
|
return true;
|
||||||
} else if(count($groups) < 1) {
|
|
||||||
return false;
|
|
||||||
} else {
|
} else {
|
||||||
throw new Exception('Too many groups of the same name!? – this exception should never been thrown :)');
|
return false;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -85,7 +83,7 @@ class OC_GROUP_LDAP extends OC_Group_Backend {
|
||||||
$this->ldapGroupDisplayName.'='.$gid
|
$this->ldapGroupDisplayName.'='.$gid
|
||||||
));
|
));
|
||||||
|
|
||||||
return $this->retrieveList($filter, $this->ldapGroupMemberAttr);
|
return $this->retrieveList($filter, $this->ldapGroupMemberAttr, false);
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
|
@ -95,13 +93,7 @@ class OC_GROUP_LDAP extends OC_Group_Backend {
|
||||||
* Returns a list with all groups
|
* Returns a list with all groups
|
||||||
*/
|
*/
|
||||||
public function getGroups() {
|
public function getGroups() {
|
||||||
$groups = OC_LDAP::search($this->ldapGroupFilter, $this->ldapGroupDisplayName);
|
return $this->retrieveList($this->ldapGroupFilter, $this->ldapGroupDisplayName);
|
||||||
|
|
||||||
if(count($groups) == 0 )
|
|
||||||
return array();
|
|
||||||
else {
|
|
||||||
return array_unique($groups, SORT_LOCALE_STRING);
|
|
||||||
}
|
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
|
@ -113,8 +105,13 @@ class OC_GROUP_LDAP extends OC_Group_Backend {
|
||||||
return in_array($gid, $this->getGroups());
|
return in_array($gid, $this->getGroups());
|
||||||
}
|
}
|
||||||
|
|
||||||
private function retrieveList($filter, $attr) {
|
private function retrieveList($filter, $attr, $searchForGroups = true) {
|
||||||
$list = OC_LDAP::search($filter, $attr);
|
if($searchForGroups) {
|
||||||
|
$list = OC_LDAP::searchGroups($filter, $attr);
|
||||||
|
} else {
|
||||||
|
$list = OC_LDAP::searchUsers($filter, $attr);
|
||||||
|
}
|
||||||
|
|
||||||
|
|
||||||
if(is_array($list)) {
|
if(is_array($list)) {
|
||||||
return array_unique($list, SORT_LOCALE_STRING);
|
return array_unique($list, SORT_LOCALE_STRING);
|
||||||
|
|
|
@ -38,6 +38,8 @@ class OC_LDAP {
|
||||||
static protected $ldapHost;
|
static protected $ldapHost;
|
||||||
static protected $ldapPort;
|
static protected $ldapPort;
|
||||||
static protected $ldapBase;
|
static protected $ldapBase;
|
||||||
|
static protected $ldapBaseUsers;
|
||||||
|
static protected $ldapBaseGroups;
|
||||||
static protected $ldapAgentName;
|
static protected $ldapAgentName;
|
||||||
static protected $ldapAgentPassword;
|
static protected $ldapAgentPassword;
|
||||||
static protected $ldapTLS;
|
static protected $ldapTLS;
|
||||||
|
@ -65,15 +67,40 @@ class OC_LDAP {
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* @brief executes an LDAP search
|
* @brief executes an LDAP search, optimized for Users
|
||||||
* @param $filter the LDAP filter for the search
|
* @param $filter the LDAP filter for the search
|
||||||
* @param $attr optional, when a certain attribute shall be filtered out
|
* @param $attr optional, when a certain attribute shall be filtered out
|
||||||
* @returns array with the search result
|
* @returns array with the search result
|
||||||
*
|
*
|
||||||
* Executes an LDAP search
|
* Executes an LDAP search
|
||||||
*/
|
*/
|
||||||
static public function search($filter, $attr = null) {
|
static public function searchUsers($filter, $attr = null) {
|
||||||
$sr = ldap_search(self::getConnectionResource(), self::$ldapBase, $filter, array($attr));
|
return self::search($filter, self::$ldapBaseUsers, $attr);
|
||||||
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* @brief executes an LDAP search, optimized for Groups
|
||||||
|
* @param $filter the LDAP filter for the search
|
||||||
|
* @param $attr optional, when a certain attribute shall be filtered out
|
||||||
|
* @returns array with the search result
|
||||||
|
*
|
||||||
|
* Executes an LDAP search
|
||||||
|
*/
|
||||||
|
static public function searchGroups($filter, $attr = null) {
|
||||||
|
return self::search($filter, self::$ldapBaseGroups, $attr);
|
||||||
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* @brief executes an LDAP search
|
||||||
|
* @param $filter the LDAP filter for the search
|
||||||
|
* @param $base the LDAP subtree that shall be searched
|
||||||
|
* @param $attr optional, when a certain attribute shall be filtered out
|
||||||
|
* @returns array with the search result
|
||||||
|
*
|
||||||
|
* Executes an LDAP search
|
||||||
|
*/
|
||||||
|
static private function search($filter, $base, $attr = null) {
|
||||||
|
$sr = ldap_search(self::getConnectionResource(), $base, $filter, array($attr));
|
||||||
$findings = ldap_get_entries(self::getConnectionResource(), $sr );
|
$findings = ldap_get_entries(self::getConnectionResource(), $sr );
|
||||||
|
|
||||||
if(!is_null($attr)) {
|
if(!is_null($attr)) {
|
||||||
|
@ -151,6 +178,8 @@ class OC_LDAP {
|
||||||
self::$ldapAgentName = OC_Appconfig::getValue('user_ldap', 'ldap_dn','');
|
self::$ldapAgentName = OC_Appconfig::getValue('user_ldap', 'ldap_dn','');
|
||||||
self::$ldapAgentPassword = OC_Appconfig::getValue('user_ldap', 'ldap_password','');
|
self::$ldapAgentPassword = OC_Appconfig::getValue('user_ldap', 'ldap_password','');
|
||||||
self::$ldapBase = OC_Appconfig::getValue('user_ldap', 'ldap_base', '');
|
self::$ldapBase = OC_Appconfig::getValue('user_ldap', 'ldap_base', '');
|
||||||
|
self::$ldapBaseUsers = OC_Appconfig::getValue('user_ldap', 'ldap_base_users',self::$ldapBase);
|
||||||
|
self::$ldapBaseGroups = OC_Appconfig::getValue('user_ldap', 'ldap_base_groups', self::$ldapBase);
|
||||||
self::$ldapTLS = OC_Appconfig::getValue('user_ldap', 'ldap_tls',0);
|
self::$ldapTLS = OC_Appconfig::getValue('user_ldap', 'ldap_tls',0);
|
||||||
self::$ldapNoCase = OC_Appconfig::getValue('user_ldap', 'ldap_nocase', 0);
|
self::$ldapNoCase = OC_Appconfig::getValue('user_ldap', 'ldap_nocase', 0);
|
||||||
self::$ldapUserDisplayName = OC_Appconfig::getValue('user_ldap', 'ldap_display_name', OC_USER_BACKEND_LDAP_DEFAULT_DISPLAY_NAME);
|
self::$ldapUserDisplayName = OC_Appconfig::getValue('user_ldap', 'ldap_display_name', OC_USER_BACKEND_LDAP_DEFAULT_DISPLAY_NAME);
|
||||||
|
@ -163,6 +192,8 @@ class OC_LDAP {
|
||||||
|| ( empty(self::$ldapAgentName) && empty(self::$ldapAgentPassword))
|
|| ( empty(self::$ldapAgentName) && empty(self::$ldapAgentPassword))
|
||||||
)
|
)
|
||||||
&& !empty(self::$ldapBase)
|
&& !empty(self::$ldapBase)
|
||||||
|
&& !empty(self::$ldapBaseUsers)
|
||||||
|
&& !empty(self::$ldapBaseGroups)
|
||||||
&& !empty(self::$ldapUserDisplayName)
|
&& !empty(self::$ldapUserDisplayName)
|
||||||
)
|
)
|
||||||
{
|
{
|
||||||
|
|
Loading…
Reference in New Issue