diff options
| author | blizzz <blizzz@owncloud.com> | 2016-05-17 23:09:36 +0200 |
|---|---|---|
| committer | Thomas Müller <DeepDiver1975@users.noreply.github.com> | 2016-05-17 23:09:36 +0200 |
| commit | 8ce8a05dabc749c25438623a662c45ea5d1ec770 (patch) | |
| tree | 1dbd51326cbaaa4b7352c429aa8fa5443ac7aa1c | |
| parent | d5506b605fb774b5935365a6dea1ef57e9c61475 (diff) | |
| download | nextcloud-server-8ce8a05dabc749c25438623a662c45ea5d1ec770.tar.gz nextcloud-server-8ce8a05dabc749c25438623a662c45ea5d1ec770.zip | |
Fixed dynamic group ldap access (#23450)
* Fixed dynamic group ldap access
getUserGroups:
Using $userDN instead of $uid to query LDAP
Converting groupDN to group name using API instead of substring
Removing cache processing at the end of the method
* Fixing group handling
added back the cache processing and fixed
* fixed possible indention problem
spaces -> tab conversion
* formatting, white-space changes only
| -rw-r--r-- | apps/user_ldap/group_ldap.php | 20 |
1 files changed, 11 insertions, 9 deletions
diff --git a/apps/user_ldap/group_ldap.php b/apps/user_ldap/group_ldap.php index ff8197fb43a..617bdc3e6ed 100644 --- a/apps/user_ldap/group_ldap.php +++ b/apps/user_ldap/group_ldap.php @@ -469,16 +469,17 @@ class GROUP_LDAP extends BackendUtility implements \OCP\GroupInterface { // apply filter via ldap search to see if this user is in this // dynamic group $userMatch = $this->access->readAttribute( - $uid, + $userDN, $this->access->connection->ldapUserDisplayName, $memberUrlFilter ); if ($userMatch !== false) { // match found so this user is in this group - $pos = strpos($dynamicGroup['dn'][0], ','); - if ($pos !== false) { - $membershipGroup = substr($dynamicGroup['dn'][0],3,$pos-3); - $groups[] = $membershipGroup; + $groupName = $this->access->dn2groupname($dynamicGroup['dn'][0]); + if(is_string($groupName)) { + // be sure to never return false if the dn could not be + // resolved to a name, for whatever reason. + $groups[] = $groupName; } } } else { @@ -530,11 +531,12 @@ class GROUP_LDAP extends BackendUtility implements \OCP\GroupInterface { } if(isset($this->cachedGroupsByMember[$uid])) { - $groups = $this->cachedGroupsByMember[$uid]; + $groups[] = $this->cachedGroupsByMember[$uid]; } else { - $groups = array_values($this->getGroupsByMember($uid)); - $groups = $this->access->ownCloudGroupNames($groups); - $this->cachedGroupsByMember[$uid] = $groups; + $groupsByMember = array_values($this->getGroupsByMember($uid)); + $groupsByMember = $this->access->ownCloudGroupNames($groupsByMember); + $this->cachedGroupsByMember[$uid] = $groupsByMember; + $groups = array_merge($groups, $groupsByMember); } if($primaryGroup !== false) { |