Merge pull request #25276 from nextcloud/backport/25128/stable20

[stable20] extend ILDAPProvider to allow reading arbitrairy ldap attributes for users
This commit is contained in:
Morris Jobke 2021-01-22 16:15:21 +01:00 committed by GitHub
commit f7d13f1613
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
2 changed files with 59 additions and 18 deletions

View File

@ -306,4 +306,35 @@ class LDAPProvider implements ILDAPProvider, IDeletionFlagSupport {
} }
return $this->groupBackend->getLDAPAccess($gid)->getConnection()->getConfiguration()['ldap_group_member_assoc_attribute']; return $this->groupBackend->getLDAPAccess($gid)->getConnection()->getConfiguration()['ldap_group_member_assoc_attribute'];
} }
/**
* Get an LDAP attribute for a nextcloud user
* @param string $uid the nextcloud user id to get the attribute for
* @param string $attribute the name of the attribute to read
* @return string|null
* @throws \Exception if user id was not found in LDAP
*/
public function getUserAttribute(string $uid, string $attribute): ?string {
if (!$this->userBackend->userExists($uid)) {
throw new \Exception('User id not found in LDAP');
}
$access = $this->userBackend->getLDAPAccess($uid);
$connection = $access->getConnection();
$key = $uid . "::" . $attribute;
$cached = $connection->getFromCache($key);
if ($cached !== null) {
return $cached;
}
$value = $access->readAttribute($access->username2dn($uid), $attribute);
if (is_array($value) && count($value) > 0) {
$value = current($value);
} else {
return null;
}
$connection->writeToCache($key, $value);
return $value;
}
} }

View File

@ -157,4 +157,14 @@ interface ILDAPProvider {
* @since 13.0.0 * @since 13.0.0
*/ */
public function getLDAPGroupMemberAssoc($gid); public function getLDAPGroupMemberAssoc($gid);
/**
* Get an LDAP attribute for a nextcloud user
* @param string $uid the nextcloud user id to get the attribute for
* @param string $attribute the name of the attribute to read
* @return string|null
* @throws \Exception if user id was not found in LDAP
* @since 21.0.0
*/
public function getUserAttribute(string $uid, string $attribute): ?string;
} }