diff options
| author | Vincent Petry <pvince81@owncloud.com> | 2014-10-09 10:19:58 +0200 |
|---|---|---|
| committer | Vincent Petry <pvince81@owncloud.com> | 2014-10-09 10:19:58 +0200 |
| commit | 3791de64edb5d64a0b3cc29994f0a3fa06e82a04 (patch) | |
| tree | 013fddae7b5966116ad6c6c97249838bd5725bc1 | |
| parent | b11cf6f83880565046fbd4fbc02607734f3c5bf7 (diff) | |
| parent | 3b3ad0bc4f745c8cdef5354a8661529f831bcd67 (diff) | |
| download | nextcloud-server-3791de64edb5d64a0b3cc29994f0a3fa06e82a04.tar.gz nextcloud-server-3791de64edb5d64a0b3cc29994f0a3fa06e82a04.zip | |
Merge pull request #11161 from owncloud/fix-ldap-ingroup-for-9225
fix retrieval of group members and cache group members
| -rw-r--r-- | apps/user_ldap/group_ldap.php | 27 |
1 files changed, 25 insertions, 2 deletions
diff --git a/apps/user_ldap/group_ldap.php b/apps/user_ldap/group_ldap.php index 0d3a70575ba..b8ca041bce3 100644 --- a/apps/user_ldap/group_ldap.php +++ b/apps/user_ldap/group_ldap.php @@ -29,6 +29,11 @@ use OCA\user_ldap\lib\BackendUtility; class GROUP_LDAP extends BackendUtility implements \OCP\GroupInterface { protected $enabled = false; + /** + * @var string[] $cachedGroupMembers array of users with gid as key + */ + protected $cachedGroupMembers = array(); + public function __construct(Access $access) { parent::__construct($access); $filter = $this->access->connection->ldapGroupFilter; @@ -56,6 +61,21 @@ class GROUP_LDAP extends BackendUtility implements \OCP\GroupInterface { } $userDN = $this->access->username2dn($uid); + + if(isset($this->cachedGroupMembers[$gid])) { + $isInGroup = in_array($userDN, $this->cachedGroupMembers[$gid]); + return $isInGroup; + } + + $cacheKeyMembers = 'inGroup-members:'.$gid; + if($this->access->connection->isCached($cacheKeyMembers)) { + $members = $this->access->connection->getFromCache($cacheKeyMembers); + $this->cachedGroupMembers[$gid] = $members; + $isInGroup = in_array($userDN, $members); + $this->access->connection->writeToCache($cacheKey, $isInGroup); + return $isInGroup; + } + $groupDN = $this->access->groupname2dn($gid); // just in case if(!$groupDN || !$userDN) { @@ -70,8 +90,9 @@ class GROUP_LDAP extends BackendUtility implements \OCP\GroupInterface { } //usually, LDAP attributes are said to be case insensitive. But there are exceptions of course. - $members = array_keys($this->_groupMembers($groupDN)); - if(!$members) { + $members = $this->_groupMembers($groupDN); + $members = array_keys($members); // uids are returned as keys + if(!is_array($members) || count($members) === 0) { $this->access->connection->writeToCache($cacheKey, false); return false; } @@ -93,6 +114,8 @@ class GROUP_LDAP extends BackendUtility implements \OCP\GroupInterface { $isInGroup = in_array($userDN, $members); $this->access->connection->writeToCache($cacheKey, $isInGroup); + $this->access->connection->writeToCache($cacheKeyMembers, $members); + $this->cachedGroupMembers[$gid] = $members; return $isInGroup; } |