Merge pull request #9848 from dupondje/master
Fix memberOf detection. Fixes: #9835
This commit is contained in:
commit
c46b60e822
|
@ -268,10 +268,10 @@ class Wizard extends LDAPUtility {
|
|||
throw new \Exception('Could not connect to LDAP');
|
||||
}
|
||||
|
||||
$this->fetchGroups($dbKey, $confKey);
|
||||
$groups = $this->fetchGroups($dbKey, $confKey);
|
||||
|
||||
if($testMemberOf) {
|
||||
$this->configuration->hasMemberOfFilterSupport = $this->testMemberOf();
|
||||
$this->configuration->hasMemberOfFilterSupport = $this->testMemberOf($groups);
|
||||
$this->result->markChange();
|
||||
if(!$this->configuration->hasMemberOfFilterSupport) {
|
||||
throw new \Exception('memberOf is not supported by the server');
|
||||
|
@ -285,6 +285,7 @@ class Wizard extends LDAPUtility {
|
|||
* fetches all groups from LDAP
|
||||
* @param string $dbKey
|
||||
* @param string $confKey
|
||||
* @return array $groupEntries
|
||||
*/
|
||||
public function fetchGroups($dbKey, $confKey) {
|
||||
$obclasses = array('posixGroup', 'group', 'zimbraDistributionList', 'groupOfNames');
|
||||
|
@ -300,19 +301,22 @@ class Wizard extends LDAPUtility {
|
|||
$filter = $ldapAccess->combineFilterWithOr($filterParts);
|
||||
$filter = $ldapAccess->combineFilterWithAnd(array($filter, 'cn=*'));
|
||||
|
||||
$groupNames = array();
|
||||
$groupEntries = array();
|
||||
$limit = 400;
|
||||
$offset = 0;
|
||||
do {
|
||||
$result = $ldapAccess->searchGroups($filter, array('cn'), $limit, $offset);
|
||||
$result = $ldapAccess->searchGroups($filter, array('cn','dn'), $limit, $offset);
|
||||
foreach($result as $item) {
|
||||
$groups[] = $item[0];
|
||||
$groupNames[] = $item['cn'];
|
||||
$groupEntries[] = $item;
|
||||
}
|
||||
$offset += $limit;
|
||||
} while (count($groups) > 0 && count($groups) % $limit === 0);
|
||||
} while (count($groupNames) > 0 && count($groupNames) % $limit === 0);
|
||||
|
||||
if(count($groups) > 0) {
|
||||
natsort($groups);
|
||||
$this->result->addOptions($dbKey, array_values($groups));
|
||||
if(count($groupNames) > 0) {
|
||||
natsort($groupNames);
|
||||
$this->result->addOptions($dbKey, array_values($groupNames));
|
||||
} else {
|
||||
throw new \Exception(self::$l->t('Could not find the desired feature'));
|
||||
}
|
||||
|
@ -322,6 +326,7 @@ class Wizard extends LDAPUtility {
|
|||
//something is already configured? pre-select it.
|
||||
$this->result->addChange($dbKey, $setFeatures);
|
||||
}
|
||||
return $groupEntries;
|
||||
}
|
||||
|
||||
public function determineGroupMemberAssoc() {
|
||||
|
@ -653,10 +658,11 @@ class Wizard extends LDAPUtility {
|
|||
* Checks whether the server supports memberOf in LDAP Filter.
|
||||
* Requires that groups are determined, thus internally called from within
|
||||
* determineGroups()
|
||||
* @param array $groups
|
||||
* @return bool true if it does, false otherwise
|
||||
* @throws \Exception
|
||||
*/
|
||||
private function testMemberOf() {
|
||||
private function testMemberOf($groups) {
|
||||
$cr = $this->getConnection();
|
||||
if(!$cr) {
|
||||
throw new \Exception('Could not connect to LDAP');
|
||||
|
@ -669,12 +675,12 @@ class Wizard extends LDAPUtility {
|
|||
$filterPrefix = '(&(objectclass=*)(memberOf=';
|
||||
$filterSuffix = '))';
|
||||
|
||||
foreach($this->resultCache as $dn => $properties) {
|
||||
if(!isset($properties['cn'])) {
|
||||
foreach($groups as $groupProperties) {
|
||||
if(!isset($groupProperties['cn'])) {
|
||||
//assuming only groups have their cn cached :)
|
||||
continue;
|
||||
}
|
||||
$filter = strtolower($filterPrefix . $dn . $filterSuffix);
|
||||
$filter = strtolower($filterPrefix . $groupProperties['dn'] . $filterSuffix);
|
||||
$rr = $this->ldap->search($cr, $base, $filter, array('dn'));
|
||||
if(!$this->ldap->isResource($rr)) {
|
||||
continue;
|
||||
|
|
Loading…
Reference in New Issue