diff options
| author | Arthur Schiwon <blizzz@owncloud.com> | 2012-04-23 13:04:58 +0200 |
|---|---|---|
| committer | Arthur Schiwon <blizzz@owncloud.com> | 2012-04-23 13:04:58 +0200 |
| commit | 912c87eedaa3ea909d5721d8066fa4455529aa1b (patch) | |
| tree | 020c139440b1f3831a4d4b1a907cfd679904938a | |
| parent | 6ee7dc5f590e26f54d2a986a72bb328ed0b0db8f (diff) | |
| download | nextcloud-server-912c87eedaa3ea909d5721d8066fa4455529aa1b.tar.gz nextcloud-server-912c87eedaa3ea909d5721d8066fa4455529aa1b.zip | |
LDAP: optimize LDAP requests for users and groups. Settings are still to do, though.
| -rw-r--r-- | apps/user_ldap/group_ldap.php | 27 | ||||
| -rw-r--r-- | apps/user_ldap/lib_ldap.php | 37 |
2 files changed, 46 insertions, 18 deletions
diff --git a/apps/user_ldap/group_ldap.php b/apps/user_ldap/group_ldap.php index b1619e06530..fe0789cdeb7 100644 --- a/apps/user_ldap/group_ldap.php +++ b/apps/user_ldap/group_ldap.php @@ -47,14 +47,12 @@ class OC_GROUP_LDAP extends OC_Group_Backend { LDAP_GROUP_MEMBER_ASSOC_ATTR.'='.$uid, $this->ldapGroupDisplayName.'='.$gid )); - $groups = OC_LDAP::search($filter, $this->ldapGroupDisplayName); + $groups = $this->retrieveList($filter, $this->ldapGroupDisplayName); - if(count($groups) == 1) { + if(count($groups) > 0) { return true; - } else if(count($groups) < 1) { - return false; } else { - throw new Exception('Too many groups of the same name!? – this exception should never been thrown :)'); + return false; } } @@ -85,7 +83,7 @@ class OC_GROUP_LDAP extends OC_Group_Backend { $this->ldapGroupDisplayName.'='.$gid )); - return $this->retrieveList($filter, $this->ldapGroupMemberAttr); + return $this->retrieveList($filter, $this->ldapGroupMemberAttr, false); } /** @@ -95,13 +93,7 @@ class OC_GROUP_LDAP extends OC_Group_Backend { * Returns a list with all groups */ public function getGroups() { - $groups = OC_LDAP::search($this->ldapGroupFilter, $this->ldapGroupDisplayName); - - if(count($groups) == 0 ) - return array(); - else { - return array_unique($groups, SORT_LOCALE_STRING); - } + return $this->retrieveList($this->ldapGroupFilter, $this->ldapGroupDisplayName); } /** @@ -113,8 +105,13 @@ class OC_GROUP_LDAP extends OC_Group_Backend { return in_array($gid, $this->getGroups()); } - private function retrieveList($filter, $attr) { - $list = OC_LDAP::search($filter, $attr); + private function retrieveList($filter, $attr, $searchForGroups = true) { + if($searchForGroups) { + $list = OC_LDAP::searchGroups($filter, $attr); + } else { + $list = OC_LDAP::searchUsers($filter, $attr); + } + if(is_array($list)) { return array_unique($list, SORT_LOCALE_STRING); diff --git a/apps/user_ldap/lib_ldap.php b/apps/user_ldap/lib_ldap.php index 1016b955dcb..752ac4f2289 100644 --- a/apps/user_ldap/lib_ldap.php +++ b/apps/user_ldap/lib_ldap.php @@ -38,6 +38,8 @@ class OC_LDAP { static protected $ldapHost; static protected $ldapPort; static protected $ldapBase; + static protected $ldapBaseUsers; + static protected $ldapBaseGroups; static protected $ldapAgentName; static protected $ldapAgentPassword; static protected $ldapTLS; @@ -65,15 +67,40 @@ class OC_LDAP { } /** + * @brief executes an LDAP search, optimized for Users + * @param $filter the LDAP filter for the search + * @param $attr optional, when a certain attribute shall be filtered out + * @returns array with the search result + * + * Executes an LDAP search + */ + static public function searchUsers($filter, $attr = null) { + return self::search($filter, self::$ldapBaseUsers, $attr); + } + + /** + * @brief executes an LDAP search, optimized for Groups + * @param $filter the LDAP filter for the search + * @param $attr optional, when a certain attribute shall be filtered out + * @returns array with the search result + * + * Executes an LDAP search + */ + static public function searchGroups($filter, $attr = null) { + return self::search($filter, self::$ldapBaseGroups, $attr); + } + + /** * @brief executes an LDAP search * @param $filter the LDAP filter for the search + * @param $base the LDAP subtree that shall be searched * @param $attr optional, when a certain attribute shall be filtered out * @returns array with the search result * * Executes an LDAP search */ - static public function search($filter, $attr = null) { - $sr = ldap_search(self::getConnectionResource(), self::$ldapBase, $filter, array($attr)); + static private function search($filter, $base, $attr = null) { + $sr = ldap_search(self::getConnectionResource(), $base, $filter, array($attr)); $findings = ldap_get_entries(self::getConnectionResource(), $sr ); if(!is_null($attr)) { @@ -150,7 +177,9 @@ class OC_LDAP { self::$ldapPort = OC_Appconfig::getValue('user_ldap', 'ldap_port', OC_USER_BACKEND_LDAP_DEFAULT_PORT); self::$ldapAgentName = OC_Appconfig::getValue('user_ldap', 'ldap_dn',''); self::$ldapAgentPassword = OC_Appconfig::getValue('user_ldap', 'ldap_password',''); - self::$ldapBase = OC_Appconfig::getValue('user_ldap', 'ldap_base',''); + self::$ldapBase = OC_Appconfig::getValue('user_ldap', 'ldap_base', ''); + self::$ldapBaseUsers = OC_Appconfig::getValue('user_ldap', 'ldap_base_users',self::$ldapBase); + self::$ldapBaseGroups = OC_Appconfig::getValue('user_ldap', 'ldap_base_groups', self::$ldapBase); self::$ldapTLS = OC_Appconfig::getValue('user_ldap', 'ldap_tls',0); self::$ldapNoCase = OC_Appconfig::getValue('user_ldap', 'ldap_nocase', 0); self::$ldapUserDisplayName = OC_Appconfig::getValue('user_ldap', 'ldap_display_name', OC_USER_BACKEND_LDAP_DEFAULT_DISPLAY_NAME); @@ -163,6 +192,8 @@ class OC_LDAP { || ( empty(self::$ldapAgentName) && empty(self::$ldapAgentPassword)) ) && !empty(self::$ldapBase) + && !empty(self::$ldapBaseUsers) + && !empty(self::$ldapBaseGroups) && !empty(self::$ldapUserDisplayName) ) { |