mirrors
/
nextcloud
mirror of https://github.com/nextcloud/server.git
Watch 1
Star 0
Fork 0
Code Issues 0 Releases 984 Wiki Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
60561 Commits
363 Branches
Tree: 168c673755
Branches Tags
${ item.name }
Create branch ${ searchTerm }
from '168c673755'
${ noResults }
nextcloud/apps/user_ldap/lib/Jobs/Sync.php

Sync.php 10KB
Raw Blame History

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382 
  1. <?php

  2. /**

  3.  * @copyright Copyright (c) 2017 Arthur Schiwon <blizzz@arthur-schiwon.de>

  4.  *

  5.  * @author Arthur Schiwon <blizzz@arthur-schiwon.de>

  6.  * @author Christoph Wurst <christoph@winzerhof-wurst.at>

  7.  * @author Joas Schilling <coding@schilljs.com>

  8.  *

  9.  * @license GNU AGPL version 3 or any later version

  10.  *

  11.  * This program is free software: you can redistribute it and/or modify

  12.  * it under the terms of the GNU Affero General Public License as

  13.  * published by the Free Software Foundation, either version 3 of the

  14.  * License, or (at your option) any later version.

  15.  *

  16.  * This program is distributed in the hope that it will be useful,

  17.  * but WITHOUT ANY WARRANTY; without even the implied warranty of

  18.  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the

  19.  * GNU Affero General Public License for more details.

  20.  *

  21.  * You should have received a copy of the GNU Affero General Public License

  22.  * along with this program. If not, see <http://www.gnu.org/licenses/>.

  23.  *

  24.  */

  25. namespace OCA\User_LDAP\Jobs;

  26. 

  27. use OC\BackgroundJob\TimedJob;

  28. use OC\ServerNotAvailableException;

  29. use OCA\User_LDAP\AccessFactory;

  30. use OCA\User_LDAP\Configuration;

  31. use OCA\User_LDAP\ConnectionFactory;

  32. use OCA\User_LDAP\Helper;

  33. use OCA\User_LDAP\LDAP;

  34. use OCA\User_LDAP\Mapping\UserMapping;

  35. use OCA\User_LDAP\User\Manager;

  36. use OCP\IAvatarManager;

  37. use OCP\IConfig;

  38. use OCP\IDBConnection;

  39. use OCP\IUserManager;

  40. use OCP\Notification\IManager;

  41. use Psr\Log\LoggerInterface;

  42. 

  43. class Sync extends TimedJob {

  44. 	public const MAX_INTERVAL = 12 * 60 * 60; // 12h

  45. 	public const MIN_INTERVAL = 30 * 60; // 30min

  46. 	/** @var  Helper */

  47. 	protected $ldapHelper;

  48. 	/** @var  LDAP */

  49. 	protected $ldap;

  50. 	/** @var  Manager */

  51. 	protected $userManager;

  52. 	/** @var UserMapping */

  53. 	protected $mapper;

  54. 	/** @var  IConfig */

  55. 	protected $config;

  56. 	/** @var  IAvatarManager */

  57. 	protected $avatarManager;

  58. 	/** @var  IDBConnection */

  59. 	protected $dbc;

  60. 	/** @var  IUserManager */

  61. 	protected $ncUserManager;

  62. 	/** @var  LoggerInterface */

  63. 	protected $logger;

  64. 	/** @var  IManager */

  65. 	protected $notificationManager;

  66. 	/** @var ConnectionFactory */

  67. 	protected $connectionFactory;

  68. 	/** @var AccessFactory */

  69. 	protected $accessFactory;

  70. 

  71. 	public function __construct(Manager  $userManager) {

  72. 		$this->userManager = $userManager;

  73. 		$this->setInterval(

  74. 			\OC::$server->getConfig()->getAppValue(

  75. 				'user_ldap',

  76. 				'background_sync_interval',

  77. 				self::MIN_INTERVAL

  78. 			)

  79. 		);

  80. 	}

  81. 

  82. 	/**

  83. 	 * updates the interval

  84. 	 *

  85. 	 * the idea is to adjust the interval depending on the amount of known users

  86. 	 * and the attempt to update each user one day. At most it would run every

  87. 	 * 30 minutes, and at least every 12 hours.

  88. 	 */

  89. 	public function updateInterval() {

  90. 		$minPagingSize = $this->getMinPagingSize();

  91. 		$mappedUsers = $this->mapper->count();

  92. 

  93. 		$runsPerDay = ($minPagingSize === 0 || $mappedUsers === 0) ? self::MAX_INTERVAL

  94. 			: $mappedUsers / $minPagingSize;

  95. 		$interval = floor(24 * 60 * 60 / $runsPerDay);

  96. 		$interval = min(max($interval, self::MIN_INTERVAL), self::MAX_INTERVAL);

  97. 

  98. 		$this->config->setAppValue('user_ldap', 'background_sync_interval', $interval);

  99. 	}

  100. 

  101. 	/**

  102. 	 * returns the smallest configured paging size

  103. 	 * @return int

  104. 	 */

  105. 	protected function getMinPagingSize() {

  106. 		$configKeys = $this->config->getAppKeys('user_ldap');

  107. 		$configKeys = array_filter($configKeys, function ($key) {

  108. 			return strpos($key, 'ldap_paging_size') !== false;

  109. 		});

  110. 		$minPagingSize = null;

  111. 		foreach ($configKeys as $configKey) {

  112. 			$pagingSize = $this->config->getAppValue('user_ldap', $configKey, $minPagingSize);

  113. 			$minPagingSize = $minPagingSize === null ? $pagingSize : min($minPagingSize, $pagingSize);

  114. 		}

  115. 		return (int)$minPagingSize;

  116. 	}

  117. 

  118. 	/**

  119. 	 * @param array $argument

  120. 	 */

  121. 	public function run($argument) {

  122. 		$this->setArgument($argument);

  123. 

  124. 		$isBackgroundJobModeAjax = $this->config

  125. 				->getAppValue('core', 'backgroundjobs_mode', 'ajax') === 'ajax';

  126. 		if ($isBackgroundJobModeAjax) {

  127. 			return;

  128. 		}

  129. 

  130. 		$cycleData = $this->getCycle();

  131. 		if ($cycleData === null) {

  132. 			$cycleData = $this->determineNextCycle();

  133. 			if ($cycleData === null) {

  134. 				$this->updateInterval();

  135. 				return;

  136. 			}

  137. 		}

  138. 

  139. 		if (!$this->qualifiesToRun($cycleData)) {

  140. 			$this->updateInterval();

  141. 			return;

  142. 		}

  143. 

  144. 		try {

  145. 			$expectMoreResults = $this->runCycle($cycleData);

  146. 			if ($expectMoreResults) {

  147. 				$this->increaseOffset($cycleData);

  148. 			} else {

  149. 				$this->determineNextCycle($cycleData);

  150. 			}

  151. 			$this->updateInterval();

  152. 		} catch (ServerNotAvailableException $e) {

  153. 			$this->determineNextCycle($cycleData);

  154. 		}

  155. 	}

  156. 

  157. 	/**

  158. 	 * @param array $cycleData

  159. 	 * @return bool whether more results are expected from the same configuration

  160. 	 */

  161. 	public function runCycle($cycleData) {

  162. 		$connection = $this->connectionFactory->get($cycleData['prefix']);

  163. 		$access = $this->accessFactory->get($connection);

  164. 		$access->setUserMapper($this->mapper);

  165. 

  166. 		$filter = $access->combineFilterWithAnd([

  167. 			$access->connection->ldapUserFilter,

  168. 			$access->connection->ldapUserDisplayName . '=*',

  169. 			$access->getFilterPartForUserSearch('')

  170. 		]);

  171. 		$results = $access->fetchListOfUsers(

  172. 			$filter,

  173. 			$access->userManager->getAttributes(),

  174. 			$connection->ldapPagingSize,

  175. 			$cycleData['offset'],

  176. 			true

  177. 		);

  178. 

  179. 		if ((int)$connection->ldapPagingSize === 0) {

  180. 			return false;

  181. 		}

  182. 		return count($results) >= (int)$connection->ldapPagingSize;

  183. 	}

  184. 

  185. 	/**

  186. 	 * returns the info about the current cycle that should be run, if any,

  187. 	 * otherwise null

  188. 	 *

  189. 	 * @return array|null

  190. 	 */

  191. 	public function getCycle() {

  192. 		$prefixes = $this->ldapHelper->getServerConfigurationPrefixes(true);

  193. 		if (count($prefixes) === 0) {

  194. 			return null;

  195. 		}

  196. 

  197. 		$cycleData = [

  198. 			'prefix' => $this->config->getAppValue('user_ldap', 'background_sync_prefix', null),

  199. 			'offset' => (int)$this->config->getAppValue('user_ldap', 'background_sync_offset', 0),

  200. 		];

  201. 

  202. 		if (

  203. 			$cycleData['prefix'] !== null

  204. 			&& in_array($cycleData['prefix'], $prefixes)

  205. 		) {

  206. 			return $cycleData;

  207. 		}

  208. 

  209. 		return null;

  210. 	}

  211. 

  212. 	/**

  213. 	 * Save the provided cycle information in the DB

  214. 	 *

  215. 	 * @param array $cycleData

  216. 	 */

  217. 	public function setCycle(array $cycleData) {

  218. 		$this->config->setAppValue('user_ldap', 'background_sync_prefix', $cycleData['prefix']);

  219. 		$this->config->setAppValue('user_ldap', 'background_sync_offset', $cycleData['offset']);

  220. 	}

  221. 

  222. 	/**

  223. 	 * returns data about the next cycle that should run, if any, otherwise

  224. 	 * null. It also always goes for the next LDAP configuration!

  225. 	 *

  226. 	 * @param array|null $cycleData the old cycle

  227. 	 * @return array|null

  228. 	 */

  229. 	public function determineNextCycle(array $cycleData = null) {

  230. 		$prefixes = $this->ldapHelper->getServerConfigurationPrefixes(true);

  231. 		if (count($prefixes) === 0) {

  232. 			return null;

  233. 		}

  234. 

  235. 		// get the next prefix in line and remember it

  236. 		$oldPrefix = $cycleData === null ? null : $cycleData['prefix'];

  237. 		$prefix = $this->getNextPrefix($oldPrefix);

  238. 		if ($prefix === null) {

  239. 			return null;

  240. 		}

  241. 		$cycleData['prefix'] = $prefix;

  242. 		$cycleData['offset'] = 0;

  243. 		$this->setCycle(['prefix' => $prefix, 'offset' => 0]);

  244. 

  245. 		return $cycleData;

  246. 	}

  247. 

  248. 	/**

  249. 	 * Checks whether the provided cycle should be run. Currently only the

  250. 	 * last configuration change goes into account (at least one hour).

  251. 	 *

  252. 	 * @param $cycleData

  253. 	 * @return bool

  254. 	 */

  255. 	public function qualifiesToRun($cycleData) {

  256. 		$lastChange = $this->config->getAppValue('user_ldap', $cycleData['prefix'] . '_lastChange', 0);

  257. 		if ((time() - $lastChange) > 60 * 30) {

  258. 			return true;

  259. 		}

  260. 		return false;

  261. 	}

  262. 

  263. 	/**

  264. 	 * increases the offset of the current cycle for the next run

  265. 	 *

  266. 	 * @param $cycleData

  267. 	 */

  268. 	protected function increaseOffset($cycleData) {

  269. 		$ldapConfig = new Configuration($cycleData['prefix']);

  270. 		$cycleData['offset'] += (int)$ldapConfig->ldapPagingSize;

  271. 		$this->setCycle($cycleData);

  272. 	}

  273. 

  274. 	/**

  275. 	 * determines the next configuration prefix based on the last one (if any)

  276. 	 *

  277. 	 * @param string|null $lastPrefix

  278. 	 * @return string|null

  279. 	 */

  280. 	protected function getNextPrefix($lastPrefix) {

  281. 		$prefixes = $this->ldapHelper->getServerConfigurationPrefixes(true);

  282. 		$noOfPrefixes = count($prefixes);

  283. 		if ($noOfPrefixes === 0) {

  284. 			return null;

  285. 		}

  286. 		$i = $lastPrefix === null ? false : array_search($lastPrefix, $prefixes, true);

  287. 		if ($i === false) {

  288. 			$i = -1;

  289. 		} else {

  290. 			$i++;

  291. 		}

  292. 

  293. 		if (!isset($prefixes[$i])) {

  294. 			$i = 0;

  295. 		}

  296. 		return $prefixes[$i];

  297. 	}

  298. 

  299. 	/**

  300. 	 * "fixes" DI

  301. 	 *

  302. 	 * @param array $argument

  303. 	 */

  304. 	public function setArgument($argument) {

  305. 		if (isset($argument['config'])) {

  306. 			$this->config = $argument['config'];

  307. 		} else {

  308. 			$this->config = \OC::$server->getConfig();

  309. 		}

  310. 

  311. 		if (isset($argument['helper'])) {

  312. 			$this->ldapHelper = $argument['helper'];

  313. 		} else {

  314. 			$this->ldapHelper = new Helper($this->config, \OC::$server->getDatabaseConnection());

  315. 		}

  316. 

  317. 		if (isset($argument['ldapWrapper'])) {

  318. 			$this->ldap = $argument['ldapWrapper'];

  319. 		} else {

  320. 			$this->ldap = new LDAP($this->config->getSystemValueString('ldap_log_file'));

  321. 		}

  322. 

  323. 		if (isset($argument['avatarManager'])) {

  324. 			$this->avatarManager = $argument['avatarManager'];

  325. 		} else {

  326. 			$this->avatarManager = \OC::$server->getAvatarManager();

  327. 		}

  328. 

  329. 		if (isset($argument['dbc'])) {

  330. 			$this->dbc = $argument['dbc'];

  331. 		} else {

  332. 			$this->dbc = \OC::$server->getDatabaseConnection();

  333. 		}

  334. 

  335. 		if (isset($argument['ncUserManager'])) {

  336. 			$this->ncUserManager = $argument['ncUserManager'];

  337. 		} else {

  338. 			$this->ncUserManager = \OC::$server->getUserManager();

  339. 		}

  340. 

  341. 		if (isset($argument['logger'])) {

  342. 			$this->logger = $argument['logger'];

  343. 		} else {

  344. 			$this->logger = \OC::$server->get(LoggerInterface::class);

  345. 		}

  346. 

  347. 		if (isset($argument['notificationManager'])) {

  348. 			$this->notificationManager = $argument['notificationManager'];

  349. 		} else {

  350. 			$this->notificationManager = \OC::$server->getNotificationManager();

  351. 		}

  352. 

  353. 		if (isset($argument['userManager'])) {

  354. 			$this->userManager = $argument['userManager'];

  355. 		}

  356. 

  357. 		if (isset($argument['mapper'])) {

  358. 			$this->mapper = $argument['mapper'];

  359. 		} else {

  360. 			$this->mapper = new UserMapping($this->dbc);

  361. 		}

  362. 

  363. 		if (isset($argument['connectionFactory'])) {

  364. 			$this->connectionFactory = $argument['connectionFactory'];

  365. 		} else {

  366. 			$this->connectionFactory = new ConnectionFactory($this->ldap);

  367. 		}

  368. 

  369. 		if (isset($argument['accessFactory'])) {

  370. 			$this->accessFactory = $argument['accessFactory'];

  371. 		} else {

  372. 			$this->accessFactory = new AccessFactory(

  373. 				$this->ldap,

  374. 				$this->userManager,

  375. 				$this->ldapHelper,

  376. 				$this->config,

  377. 				$this->ncUserManager,

  378. 				$this->logger

  379. 			);

  380. 		}

  381. 	}

  382. }