summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorArthur Schiwon <blizzz@owncloud.com>2012-08-29 19:11:32 +0200
committerArthur Schiwon <blizzz@owncloud.com>2012-08-29 19:37:18 +0200
commit741a21292ed73a9b3b9e11633afb00e1725dcf74 (patch)
tree9e8e9b8d5ea0f2a8cc2c4aecb578d7811618adf0
parent8be8f6fff2d3456e2f2bd928d40f2e8347f7128b (diff)
downloadnextcloud-server-741a21292ed73a9b3b9e11633afb00e1725dcf74.tar.gz
nextcloud-server-741a21292ed73a9b3b9e11633afb00e1725dcf74.zip
LDAP: fix potential infinite loop introduced with 4c4aa92eef858a2a96bb5676304acbcaafaa56f2, as side effect optimize groupExists-method.
Diffstat
-rw-r--r--apps/user_ldap/group_ldap.php21
-rw-r--r--apps/user_ldap/lib/access.php14
2 files changed, 20 insertions, 15 deletions
diff --git a/apps/user_ldap/group_ldap.php b/apps/user_ldap/group_ldap.php
index b29ebe30c51..aac3ed78917 100644
--- a/apps/user_ldap/group_ldap.php
+++ b/apps/user_ldap/group_ldap.php
@@ -232,7 +232,26 @@ class GROUP_LDAP extends lib\Access implements \OCP\GroupInterface {
* @return bool
*/
public function groupExists($gid){
- return in_array($gid, $this->getGroups());
+ if($this->connection->isCached('groupExists'.$gid)) {
+ return $this->connection->getFromCache('groupExists'.$gid);
+ }
+
+ //getting dn, if false the group does not exist. If dn, it may be mapped only, requires more checking.
+ $dn = $this->username2dn($gid);
+ if(!$dn) {
+ $this->connection->writeToCache('groupExists'.$gid, false);
+ return false;
+ }
+
+ //if group really still exists, we will be able to read its objectclass
+ $objcs = $this->readAttribute($dn, 'objectclass');
+ if(!$objcs || empty($objcs)) {
+ $this->connection->writeToCache('groupExists'.$gid, false);
+ return false;
+ }
+
+ $this->connection->writeToCache('groupExists'.$gid, true);
+ return true;
}
/**
diff --git a/apps/user_ldap/lib/access.php b/apps/user_ldap/lib/access.php
index 9abbd91c179..089548a69ba 100644
--- a/apps/user_ldap/lib/access.php
+++ b/apps/user_ldap/lib/access.php
@@ -137,20 +137,6 @@ abstract class Access {
$dn = $this->ocname2dn($name, true);
if($dn) {
return $dn;
- } else {
- //fallback: user is not mapped
- $filter = $this->combineFilterWithAnd(array(
- $this->connection->ldapUserFilter,
- $this->connection->ldapUserDisplayName . '=' . $name,
- ));
- $result = $this->searchUsers($filter, 'dn');
- if(isset($result[0]['dn'])) {
- //try mapping, if names equalize return DN
- $uid = $this->dn2username($result[0]['dn']);
- if($uid == $name) {
- return $result[0]['dn'];
- }
- }
}
return false;
generated by cgit v1.2.3 (git 2.39.1) at 2025-01-04 11:45:08 +0000