/**
* Runs an read operation against LDAP
*
- * @param resource $cr the LDAP connection
+ * @param resource|\LDAP\Connection $cr the LDAP connection
* @param string $dn
* @param string $attribute
* @param string $filter
* @throws \Exception
*/
public function batchApplyUserAttributes(array $ldapRecords) {
- $displayNameAttribute = strtolower($this->connection->ldapUserDisplayName);
+ $displayNameAttribute = strtolower((string)$this->connection->ldapUserDisplayName);
foreach ($ldapRecords as $userRecord) {
if (!isset($userRecord[$displayNameAttribute])) {
// displayName is obligatory
/**
* processes an LDAP paged search operation
*
- * @param resource $sr the array containing the LDAP search resources
+ * @param resource|\LDAP\Result|resource[]|\LDAP\Result[] $sr the array containing the LDAP search resources
* @param int $foundItems number of results in the single search operation
* @param int $limit maximum results to be counted
* @param bool $pagedSearchOK whether a paged search has been executed
}
/**
- * @param resource $sr
+ * @param resource|\LDAP\Result|resource[]|\LDAP\Result[] $sr
* @return int
* @throws ServerNotAvailableException
*/
* @property string ldapMatchingRuleInChainState
*/
class Connection extends LDAPUtility {
+ /**
+ * @var resource|\LDAP\Connection|null
+ */
private $ldapConnectionRes = null;
private $configPrefix;
private $configID;
}
/**
- * Returns the LDAP handler
+ * @return resource|\LDAP\Connection The LDAP resource
*/
public function getConnectionResource() {
if (!$this->ldapConnectionRes) {
}
}
- if ((stripos($this->configuration->ldapHost, 'ldaps://') === 0)
+ if ((stripos((string)$this->configuration->ldapHost, 'ldaps://') === 0)
&& $this->configuration->ldapTLS) {
$this->configuration->ldapTLS = false;
$this->logger->info(
$configurationOK = false;
}
- if (mb_strpos($this->configuration->ldapLoginFilter, '%uid', 0, 'UTF-8')
+ if (mb_strpos((string)$this->configuration->ldapLoginFilter, '%uid', 0, 'UTF-8')
=== false) {
$this->logger->warning(
$errorStr.'login filter does not contain %uid place holder.',
$this->cachedNestedGroups = new CappedMemoryCache();
$this->groupPluginManager = $groupPluginManager;
$this->logger = OC::$server->get(LoggerInterface::class);
- $this->ldapGroupMemberAssocAttr = strtolower($gAssoc);
+ $this->ldapGroupMemberAssocAttr = strtolower((string)$gAssoc);
}
/**
* @throws ServerNotAvailableException
*/
public function getDynamicGroupMembers(string $dnGroup): array {
- $dynamicGroupMemberURL = strtolower($this->access->connection->ldapDynamicGroupMemberURL);
+ $dynamicGroupMemberURL = strtolower((string)$this->access->connection->ldapDynamicGroupMemberURL);
if (empty($dynamicGroupMemberURL)) {
return [];
* of the current access.
*
* @param string $gid
- * @return resource of the LDAP connection
+ * @return resource|\LDAP\Connection The LDAP connection
* @throws ServerNotAvailableException
*/
public function getNewLDAPConnection($gid) {
* The connection needs to be closed manually.
*
* @param string $gid
- * @return resource of the LDAP connection
+ * @return resource|\LDAP\Connection The LDAP connection
*/
public function getNewLDAPConnection($gid) {
return $this->handleRequest($gid, 'getNewLDAPConnection', [$gid]);
/**
* Return a new LDAP connection for the specified group.
* @param string $gid
- * @return resource of the LDAP connection
+ * @return resource|\LDAP\Connection The LDAP connection
*/
public function getNewLDAPConnection($gid);
}
/**
* Bind to LDAP directory
- * @param resource $link LDAP link resource
+ * @param resource|\LDAP\Connection $link LDAP link resource
* @param string $dn an RDN to log in with
* @param string $password the password
* @return bool true on success, false otherwise
/**
* Send LDAP pagination control
- * @param resource $link LDAP link resource
+ * @param resource|\LDAP\Connection $link LDAP link resource
* @param int $pageSize number of results per page
* @param bool $isCritical Indicates whether the pagination is critical of not.
* @param string $cookie structure sent by LDAP server
/**
* Retrieve the LDAP pagination cookie
- * @param resource $link LDAP link resource
- * @param resource $result LDAP result resource
+ * @param resource|\LDAP\Connection $link LDAP link resource
+ * @param resource|\LDAP\Result $result LDAP result resource
* @param string $cookie structure sent by LDAP server
* @return bool true on success, false otherwise
*
/**
* Count the number of entries in a search
- * @param resource $link LDAP link resource
- * @param resource $result LDAP result resource
+ * @param resource|\LDAP\Connection $link LDAP link resource
+ * @param resource|\LDAP\Result $result LDAP result resource
* @return int|false number of results on success, false otherwise
*/
public function countEntries($link, $result);
/**
* Return the LDAP error number of the last LDAP command
- * @param resource $link LDAP link resource
+ * @param resource|\LDAP\Connection $link LDAP link resource
* @return int error code
*/
public function errno($link);
/**
* Return the LDAP error message of the last LDAP command
- * @param resource $link LDAP link resource
+ * @param resource|\LDAP\Connection $link LDAP link resource
* @return string error message
*/
public function error($link);
/**
* Return first result id
- * @param resource $link LDAP link resource
- * @param resource $result LDAP result resource
- * @return Resource an LDAP search result resource
+ * @param resource|\LDAP\Connection $link LDAP link resource
+ * @param resource|\LDAP\Result $result LDAP result resource
+ * @return resource|\LDAP\ResultEntry an LDAP entry resource
* */
public function firstEntry($link, $result);
/**
* Get attributes from a search result entry
- * @param resource $link LDAP link resource
- * @param resource $result LDAP result resource
+ * @param resource|\LDAP\Connection $link LDAP link resource
+ * @param resource|\LDAP\ResultEntry $result LDAP result resource
* @return array containing the results, false on error
* */
public function getAttributes($link, $result);
/**
* Get the DN of a result entry
- * @param resource $link LDAP link resource
- * @param resource $result LDAP result resource
+ * @param resource|\LDAP\Connection $link LDAP link resource
+ * @param resource|\LDAP\ResultEntry $result LDAP result resource
* @return string containing the DN, false on error
*/
public function getDN($link, $result);
/**
* Get all result entries
- * @param resource $link LDAP link resource
- * @param resource $result LDAP result resource
+ * @param resource|\LDAP\Connection $link LDAP link resource
+ * @param resource|\LDAP\Result $result LDAP result resource
* @return array containing the results, false on error
*/
public function getEntries($link, $result);
/**
* Return next result id
- * @param resource $link LDAP link resource
- * @param resource $result LDAP entry result resource
- * @return resource an LDAP search result resource
+ * @param resource|\LDAP\Connection $link LDAP link resource
+ * @param resource|\LDAP\ResultEntry $result LDAP result resource
+ * @return resource|\LDAP\ResultEntry an LDAP entry resource
* */
public function nextEntry($link, $result);
/**
* Read an entry
- * @param resource $link LDAP link resource
+ * @param resource|\LDAP\Connection $link LDAP link resource
* @param array $baseDN The DN of the entry to read from
* @param string $filter An LDAP filter
* @param array $attr array of the attributes to read
- * @return resource an LDAP search result resource
+ * @return resource|\LDAP\Result an LDAP search result resource
*/
public function read($link, $baseDN, $filter, $attr);
/**
* Search LDAP tree
- * @param resource $link LDAP link resource
+ * @param resource|\LDAP\Connection $link LDAP link resource
* @param string $baseDN The DN of the entry to read from
* @param string $filter An LDAP filter
* @param array $attr array of the attributes to read
* @param int $attrsOnly optional, 1 if only attribute types shall be returned
* @param int $limit optional, limits the result entries
- * @return resource|false an LDAP search result resource, false on error
+ * @return resource|\LDAP\Result|false an LDAP search result resource, false on error
*/
public function search($link, $baseDN, $filter, $attr, $attrsOnly = 0, $limit = 0);
/**
* Replace the value of a userPassword by $password
- * @param resource $link LDAP link resource
+ * @param resource|\LDAP\Connection $link LDAP link resource
* @param string $userDN the DN of the user whose password is to be replaced
* @param string $password the new value for the userPassword
* @return bool true on success, false otherwise
/**
* Sets the value of the specified option to be $value
- * @param resource $link LDAP link resource
+ * @param resource|\LDAP\Connection $link LDAP link resource
* @param string $option a defined LDAP Server option
* @param int $value the new value for the option
* @return bool true on success, false otherwise
/**
* establish Start TLS
- * @param resource $link LDAP link resource
+ * @param resource|\LDAP\Connection $link LDAP link resource
* @return bool true on success, false otherwise
*/
public function startTls($link);
/**
* Unbind from LDAP directory
- * @param resource $link LDAP link resource
+ * @param resource|\LDAP\Connection $link LDAP link resource
* @return bool true on success, false otherwise
*/
public function unbind($link);
/**
* Checks whether the submitted parameter is a resource
- * @param resource $resource the resource variable to check
- * @return bool true if it is a resource, false otherwise
+ * @param mixed $resource the resource variable to check
+ * @return bool true if it is a resource or LDAP object, false otherwise
*/
public function isResource($resource);
}
/**
* Return a new LDAP connection for the specified user.
* @param string $uid
- * @return resource of the LDAP connection
+ * @return resource|\LDAP\Connection of the LDAP connection
*/
public function getNewLDAPConnection($uid);
}
/**
- * @param resource $link
- * @param string $dn
- * @param string $password
- * @return bool|mixed
+ * {@inheritDoc}
*/
public function bind($link, $dn, $password) {
return $this->invokeLDAPMethod('bind', $link, $dn, $password);
}
/**
- * @param string $host
- * @param string $port
- * @return mixed
+ * {@inheritDoc}
*/
public function connect($host, $port) {
if (strpos($host, '://') === false) {
return $this->invokeLDAPMethod('connect', $host);
}
+ /**
+ * {@inheritDoc}
+ */
public function controlPagedResultResponse($link, $result, &$cookie): bool {
$this->preFunctionCall(
$this->pagedResultsAdapter->getResponseCallFunc(),
}
/**
- * @param LDAP $link
- * @param int $pageSize
- * @param bool $isCritical
- * @return mixed|true
+ * {@inheritDoc}
*/
public function controlPagedResult($link, $pageSize, $isCritical) {
$fn = $this->pagedResultsAdapter->getRequestCallFunc();
}
/**
- * @param LDAP $link
- * @param LDAP $result
- * @return mixed
+ * {@inheritDoc}
*/
public function countEntries($link, $result) {
return $this->invokeLDAPMethod('count_entries', $link, $result);
}
/**
- * @param LDAP $link
- * @return integer
+ * {@inheritDoc}
*/
public function errno($link) {
return $this->invokeLDAPMethod('errno', $link);
}
/**
- * @param LDAP $link
- * @return string
+ * {@inheritDoc}
*/
public function error($link) {
return $this->invokeLDAPMethod('error', $link);
}
/**
- * @param LDAP $link
- * @param LDAP $result
- * @return mixed
+ * {@inheritDoc}
*/
public function firstEntry($link, $result) {
return $this->invokeLDAPMethod('first_entry', $link, $result);
}
/**
- * @param LDAP $link
- * @param LDAP $result
- * @return array|mixed
+ * {@inheritDoc}
*/
public function getAttributes($link, $result) {
return $this->invokeLDAPMethod('get_attributes', $link, $result);
}
/**
- * @param LDAP $link
- * @param LDAP $result
- * @return mixed|string
+ * {@inheritDoc}
*/
public function getDN($link, $result) {
return $this->invokeLDAPMethod('get_dn', $link, $result);
}
/**
- * @param LDAP $link
- * @param LDAP $result
- * @return array|mixed
+ * {@inheritDoc}
*/
public function getEntries($link, $result) {
return $this->invokeLDAPMethod('get_entries', $link, $result);
}
/**
- * @param LDAP $link
- * @param resource $result
- * @return mixed
+ * {@inheritDoc}
*/
public function nextEntry($link, $result) {
return $this->invokeLDAPMethod('next_entry', $link, $result);
}
/**
- * @param LDAP $link
- * @param string $baseDN
- * @param string $filter
- * @param array $attr
- * @return mixed
+ * {@inheritDoc}
*/
public function read($link, $baseDN, $filter, $attr) {
$this->pagedResultsAdapter->setReadArgs($link, $baseDN, $filter, $attr);
}
/**
- * @param LDAP $link
- * @param string[] $baseDN
- * @param string $filter
- * @param array $attr
- * @param int $attrsOnly
- * @param int $limit
- * @return mixed
- * @throws \Exception
+ * {@inheritDoc}
*/
public function search($link, $baseDN, $filter, $attr, $attrsOnly = 0, $limit = 0) {
$oldHandler = set_error_handler(function ($no, $message, $file, $line) use (&$oldHandler) {
}
/**
- * @param LDAP $link
- * @param string $userDN
- * @param string $password
- * @return bool
+ * {@inheritDoc}
*/
public function modReplace($link, $userDN, $password) {
return $this->invokeLDAPMethod('mod_replace', $link, $userDN, ['userPassword' => $password]);
}
/**
- * @param LDAP $link
- * @param string $userDN
- * @param string $oldPassword
- * @param string $password
- * @return bool
+ * {@inheritDoc}
*/
public function exopPasswd($link, $userDN, $oldPassword, $password) {
return $this->invokeLDAPMethod('exop_passwd', $link, $userDN, $oldPassword, $password);
}
/**
- * @param LDAP $link
- * @param string $option
- * @param int $value
- * @return bool|mixed
+ * {@inheritDoc}
*/
public function setOption($link, $option, $value) {
return $this->invokeLDAPMethod('set_option', $link, $option, $value);
}
/**
- * @param LDAP $link
- * @return mixed|true
+ * {@inheritDoc}
*/
public function startTls($link) {
return $this->invokeLDAPMethod('start_tls', $link);
}
/**
- * @param resource $link
- * @return bool|mixed
+ * {@inheritDoc}
*/
public function unbind($link) {
return $this->invokeLDAPMethod('unbind', $link);
}
/**
- * Checks whether the submitted parameter is a resource
- * @param Resource $resource the resource variable to check
- * @return bool true if it is a resource, false otherwise
+ * {@inheritDoc}
*/
public function isResource($resource) {
- return is_resource($resource);
+ return is_resource($resource) || is_object($resource);
}
/**
/**
* Analyzes the returned LDAP error and acts accordingly if not 0
*
- * @param resource $resource the LDAP Connection resource
+ * @param resource|\LDAP\Connection $resource the LDAP Connection resource
* @throws ConstraintViolationException
* @throws ServerNotAvailableException
* @throws \Exception
* Return a new LDAP connection resource for the specified user.
* The connection must be closed manually.
* @param string $uid user id
- * @return resource of the LDAP connection
+ * @return resource|\LDAP\Connection The LDAP connection
* @throws \Exception if user id was not found in LDAP
*/
public function getLDAPConnection($uid) {
* Return a new LDAP connection resource for the specified user.
* The connection must be closed manually.
* @param string $gid group id
- * @return resource of the LDAP connection
+ * @return resource|\LDAP\Connection The LDAP connection
* @throws \Exception if group id was not found in LDAP
*/
public function getGroupLDAPConnection($gid) {
/**
* the adapter should do it's LDAP function call and return success state
*
- * @param resource $link LDAP resource
+ * @param resource|\LDAP\Connection $link LDAP resource
* @return bool
*/
public function responseCall($link): bool;
/**
* Returns the current paged results cookie
*
- * @param resource $link LDAP resource
+ * @param resource|\LDAP\Connection $link LDAP resource
* @return string
*/
public function getCookie($link): string;
trait TLinkId {
public function getLinkId($link) {
- if (is_resource($link)) {
+ if (is_object($link)) {
+ return spl_object_id($link);
+ } elseif (is_resource($link)) {
return (int)$link;
- } elseif (is_array($link) && isset($link[0]) && is_resource($link[0])) {
- return (int)$link[0];
+ } elseif (is_array($link) && isset($link[0])) {
+ if (is_object($link[0])) {
+ return spl_object_id($link[0]);
+ } elseif (is_resource($link[0])) {
+ return (int)$link[0];
+ }
}
throw new \RuntimeException('No resource provided');
}
$this->access->getConnection()->ldapExtStorageHomeAttribute,
];
- $homeRule = $this->access->getConnection()->homeFolderNamingRule;
+ $homeRule = (string)$this->access->getConnection()->homeFolderNamingRule;
if (strpos($homeRule, 'attr:') === 0) {
$attributes[] = substr($homeRule, strlen('attr:'));
}
* bytes), '1234 MB' (quota in MB - check the \OC_Helper::computerFileSize method for more info)
*
* fetches the quota from LDAP and stores it as Nextcloud user value
- * @param string $valueFromLDAP the quota attribute's value can be passed,
+ * @param ?string $valueFromLDAP the quota attribute's value can be passed,
* to save the readAttribute request
- * @return null
+ * @return void
*/
public function updateQuota($valueFromLDAP = null) {
if ($this->wasRefreshed('quota')) {
} elseif (is_array($aQuota) && isset($aQuota[0])) {
$this->logger->debug('no suitable LDAP quota found for user ' . $this->uid . ': [' . $aQuota[0] . ']', ['app' => 'user_ldap']);
}
- } elseif ($this->verifyQuotaValue($valueFromLDAP)) {
+ } elseif (!is_null($valueFromLDAP) && $this->verifyQuotaValue($valueFromLDAP)) {
$quota = $valueFromLDAP;
} else {
$this->logger->debug('no suitable LDAP quota found for user ' . $this->uid . ': [' . $valueFromLDAP . ']', ['app' => 'user_ldap']);
}
}
- private function verifyQuotaValue($quotaValue) {
+ private function verifyQuotaValue(string $quotaValue) {
return $quotaValue === 'none' || $quotaValue === 'default' || \OC_Helper::computerFileSize($quotaValue) !== false;
}
* The cloned connection needs to be closed manually.
* of the current access.
* @param string $uid
- * @return resource of the LDAP connection
+ * @return resource|\LDAP\Connection The LDAP connection
*/
public function getNewLDAPConnection($uid) {
$connection = clone $this->access->getConnection();
* The connection needs to be closed manually.
*
* @param string $uid
- * @return resource of the LDAP connection
+ * @return resource|\LDAP\Connection The LDAP connection
*/
public function getNewLDAPConnection($uid) {
return $this->handleRequest($uid, 'getNewLDAPConnection', [$uid]);
return false;
}
$er = $this->ldap->firstEntry($cr, $rr);
- while (is_resource($er)) {
+ while ($this->ldap->isResource($er)) {
$this->ldap->getDN($cr, $er);
$attrs = $this->ldap->getAttributes($cr, $er);
$result = [];
['app' => 'user_ldap']
);
$cr = $this->ldap->connect($host, $port);
- if (!is_resource($cr)) {
+ if (!$this->ldap->isResource($cr)) {
throw new \Exception(self::$l->t('Invalid Host'));
}
/**
* appends a list of values fr
- * @param resource $result the return value from ldap_get_attributes
+ * @param array $result the return value from ldap_get_attributes
* @param string $attribute the attribute values to look for
* @param array &$known new values will be appended here
* @return int, state on of the class constants LRESULT_PROCESSED_OK,
->expects($this->any())
->method('isResource')
->willReturnCallback(function ($resource) {
- return is_resource($resource);
+ return is_resource($resource) || is_object($resource);
});
$this->ldap
->expects($this->any())
* tests whether a curl operation ran successfully. If not, an exception
* is thrown
*
- * @param resource $ch
+ * @param resource|\CurlHandle $ch
* @param mixed $result
* @throws \Exception
*/
/**
* initializes a curl handler towards the toxiproxy LDAP proxy service
- * @return resource
+ * @return resource|\CurlHandle
*/
private function getCurl() {
$ch = curl_init();