LDAP: optimize LDAP requests for users and groups. Settings are still to do, though.

diff --git a/apps/user_ldap/group_ldap.php b/apps/user_ldap/group_ldap.php
index b1619e065301fba91b66fd2c4a4dcca8db9c2adb..fe0789cdeb7743fd58d50c8ebd5f96e11c1af2be 100644 (file)
--- a/apps/user_ldap/group_ldap.php
+++ b/apps/user_ldap/group_ldap.php
@@ -47,14 +47,12 @@ class OC_GROUP_LDAP extends OC_Group_Backend {
                        LDAP_GROUP_MEMBER_ASSOC_ATTR.'='.$uid,
                        $this->ldapGroupDisplayName.'='.$gid
                ));
-               $groups = OC_LDAP::search($filter, $this->ldapGroupDisplayName);
+               $groups = $this->retrieveList($filter, $this->ldapGroupDisplayName);
 
-               if(count($groups) == 1) {
+               if(count($groups) > 0) {
                        return true;
-               } else if(count($groups) < 1) {
-                       return false;
                } else {
-                       throw new Exception('Too many groups of the same name!? – this exception should never been thrown :)');
+                       return false;
                }
        }
 
@@ -85,7 +83,7 @@ class OC_GROUP_LDAP extends OC_Group_Backend {
                        $this->ldapGroupDisplayName.'='.$gid
                ));
 
-               return $this->retrieveList($filter, $this->ldapGroupMemberAttr);
+               return $this->retrieveList($filter, $this->ldapGroupMemberAttr, false);
        }
 
        /**
@@ -95,13 +93,7 @@ class OC_GROUP_LDAP extends OC_Group_Backend {
         * Returns a list with all groups
         */
        public function getGroups() {
-               $groups = OC_LDAP::search($this->ldapGroupFilter, $this->ldapGroupDisplayName);
-
-               if(count($groups) == 0 )
-                       return array();
-               else {
-                       return array_unique($groups, SORT_LOCALE_STRING);
-               }
+               return $this->retrieveList($this->ldapGroupFilter, $this->ldapGroupDisplayName);
        }
 
        /**
@@ -113,8 +105,13 @@ class OC_GROUP_LDAP extends OC_Group_Backend {
                return in_array($gid, $this->getGroups());
        }
 
-       private function retrieveList($filter, $attr) {
-               $list = OC_LDAP::search($filter, $attr);
+       private function retrieveList($filter, $attr, $searchForGroups = true) {
+               if($searchForGroups) {
+                       $list = OC_LDAP::searchGroups($filter, $attr);
+               } else {
+                       $list = OC_LDAP::searchUsers($filter, $attr);
+               }
+
 
                if(is_array($list)) {
                        return array_unique($list, SORT_LOCALE_STRING);

diff --git a/apps/user_ldap/lib_ldap.php b/apps/user_ldap/lib_ldap.php
index 1016b955dcbd0bbe1789862ac4408b2e495d2415..752ac4f22896ead44605f084fafd866ce40bf435 100644 (file)
--- a/apps/user_ldap/lib_ldap.php
+++ b/apps/user_ldap/lib_ldap.php
@@ -38,6 +38,8 @@ class OC_LDAP {
        static protected $ldapHost;
        static protected $ldapPort;
        static protected $ldapBase;
+       static protected $ldapBaseUsers;
+       static protected $ldapBaseGroups;
        static protected $ldapAgentName;
        static protected $ldapAgentPassword;
        static protected $ldapTLS;
@@ -64,16 +66,41 @@ class OC_LDAP {
                }
        }
 
+       /**
+        * @brief executes an LDAP search, optimized for Users
+        * @param $filter the LDAP filter for the search
+        * @param $attr optional, when a certain attribute shall be filtered out
+        * @returns array with the search result
+        *
+        * Executes an LDAP search
+        */
+       static public function searchUsers($filter, $attr = null) {
+               return self::search($filter, self::$ldapBaseUsers, $attr);
+       }
+
+       /**
+        * @brief executes an LDAP search, optimized for Groups
+        * @param $filter the LDAP filter for the search
+        * @param $attr optional, when a certain attribute shall be filtered out
+        * @returns array with the search result
+        *
+        * Executes an LDAP search
+        */
+       static public function searchGroups($filter, $attr = null) {
+               return self::search($filter, self::$ldapBaseGroups, $attr);
+       }
+
        /**
         * @brief executes an LDAP search
         * @param $filter the LDAP filter for the search
+        * @param $base the LDAP subtree that shall be searched
         * @param $attr optional, when a certain attribute shall be filtered out
         * @returns array with the search result
         *
         * Executes an LDAP search
         */
-       static public function search($filter, $attr = null) {
-               $sr = ldap_search(self::getConnectionResource(), self::$ldapBase, $filter, array($attr));
+       static private function search($filter, $base, $attr = null) {
+               $sr = ldap_search(self::getConnectionResource(), $base, $filter, array($attr));
                $findings = ldap_get_entries(self::getConnectionResource(), $sr );
 
                if(!is_null($attr)) {
@@ -150,7 +177,9 @@ class OC_LDAP {
                        self::$ldapPort            = OC_Appconfig::getValue('user_ldap', 'ldap_port', OC_USER_BACKEND_LDAP_DEFAULT_PORT);
                        self::$ldapAgentName       = OC_Appconfig::getValue('user_ldap', 'ldap_dn','');
                        self::$ldapAgentPassword   = OC_Appconfig::getValue('user_ldap', 'ldap_password','');
-                       self::$ldapBase            = OC_Appconfig::getValue('user_ldap', 'ldap_base','');
+                       self::$ldapBase            = OC_Appconfig::getValue('user_ldap', 'ldap_base', '');
+                       self::$ldapBaseUsers       = OC_Appconfig::getValue('user_ldap', 'ldap_base_users',self::$ldapBase);
+                       self::$ldapBaseGroups      = OC_Appconfig::getValue('user_ldap', 'ldap_base_groups', self::$ldapBase);
                        self::$ldapTLS             = OC_Appconfig::getValue('user_ldap', 'ldap_tls',0);
                        self::$ldapNoCase          = OC_Appconfig::getValue('user_ldap', 'ldap_nocase', 0);
                        self::$ldapUserDisplayName = OC_Appconfig::getValue('user_ldap', 'ldap_display_name', OC_USER_BACKEND_LDAP_DEFAULT_DISPLAY_NAME);
@@ -163,6 +192,8 @@ class OC_LDAP {
                                        || ( empty(self::$ldapAgentName) &&  empty(self::$ldapAgentPassword))
                                )
                                && !empty(self::$ldapBase)
+                               && !empty(self::$ldapBaseUsers)
+                               && !empty(self::$ldapBaseGroups)
                                && !empty(self::$ldapUserDisplayName)
                        )
                        {