Merge pull request #9848 from dupondje/master

Fix memberOf detection. Fixes: #9835
This commit is contained in:
blizzz 2014-08-11 16:58:30 +02:00
commit c46b60e822
1 changed files with 18 additions and 12 deletions

View File

@ -268,10 +268,10 @@ class Wizard extends LDAPUtility {
throw new \Exception('Could not connect to LDAP');
}
$this->fetchGroups($dbKey, $confKey);
$groups = $this->fetchGroups($dbKey, $confKey);
if($testMemberOf) {
$this->configuration->hasMemberOfFilterSupport = $this->testMemberOf();
$this->configuration->hasMemberOfFilterSupport = $this->testMemberOf($groups);
$this->result->markChange();
if(!$this->configuration->hasMemberOfFilterSupport) {
throw new \Exception('memberOf is not supported by the server');
@ -285,6 +285,7 @@ class Wizard extends LDAPUtility {
* fetches all groups from LDAP
* @param string $dbKey
* @param string $confKey
* @return array $groupEntries
*/
public function fetchGroups($dbKey, $confKey) {
$obclasses = array('posixGroup', 'group', 'zimbraDistributionList', 'groupOfNames');
@ -300,19 +301,22 @@ class Wizard extends LDAPUtility {
$filter = $ldapAccess->combineFilterWithOr($filterParts);
$filter = $ldapAccess->combineFilterWithAnd(array($filter, 'cn=*'));
$groupNames = array();
$groupEntries = array();
$limit = 400;
$offset = 0;
do {
$result = $ldapAccess->searchGroups($filter, array('cn'), $limit, $offset);
$result = $ldapAccess->searchGroups($filter, array('cn','dn'), $limit, $offset);
foreach($result as $item) {
$groups[] = $item[0];
$groupNames[] = $item['cn'];
$groupEntries[] = $item;
}
$offset += $limit;
} while (count($groups) > 0 && count($groups) % $limit === 0);
} while (count($groupNames) > 0 && count($groupNames) % $limit === 0);
if(count($groups) > 0) {
natsort($groups);
$this->result->addOptions($dbKey, array_values($groups));
if(count($groupNames) > 0) {
natsort($groupNames);
$this->result->addOptions($dbKey, array_values($groupNames));
} else {
throw new \Exception(self::$l->t('Could not find the desired feature'));
}
@ -322,6 +326,7 @@ class Wizard extends LDAPUtility {
//something is already configured? pre-select it.
$this->result->addChange($dbKey, $setFeatures);
}
return $groupEntries;
}
public function determineGroupMemberAssoc() {
@ -653,10 +658,11 @@ class Wizard extends LDAPUtility {
* Checks whether the server supports memberOf in LDAP Filter.
* Requires that groups are determined, thus internally called from within
* determineGroups()
* @param array $groups
* @return bool true if it does, false otherwise
* @throws \Exception
*/
private function testMemberOf() {
private function testMemberOf($groups) {
$cr = $this->getConnection();
if(!$cr) {
throw new \Exception('Could not connect to LDAP');
@ -669,12 +675,12 @@ class Wizard extends LDAPUtility {
$filterPrefix = '(&(objectclass=*)(memberOf=';
$filterSuffix = '))';
foreach($this->resultCache as $dn => $properties) {
if(!isset($properties['cn'])) {
foreach($groups as $groupProperties) {
if(!isset($groupProperties['cn'])) {
//assuming only groups have their cn cached :)
continue;
}
$filter = strtolower($filterPrefix . $dn . $filterSuffix);
$filter = strtolower($filterPrefix . $groupProperties['dn'] . $filterSuffix);
$rr = $this->ldap->search($cr, $base, $filter, array('dn'));
if(!$this->ldap->isResource($rr)) {
continue;