diff options
| author | alexweirig <alex.weirig@technolink.lu> | 2016-03-17 11:31:28 +0100 |
|---|---|---|
| committer | Vincent Petry <pvince81@owncloud.com> | 2016-06-01 16:27:42 +0200 |
| commit | 6d74ef71b5b990c1685e95500d56c47645c379b8 (patch) | |
| tree | 2121a227a08096d67e2fa8e29d2f3e11fa2fd526 | |
| parent | 96bf7f5513616d0320c96911eedd5d0d7b606ab2 (diff) | |
| download | nextcloud-server-6d74ef71b5b990c1685e95500d56c47645c379b8.tar.gz nextcloud-server-6d74ef71b5b990c1685e95500d56c47645c379b8.zip | |
Fixed dynamic group ldap access
getUserGroups:
Using $userDN instead of $uid to query LDAP
Converting groupDN to group name using API instead of substring
Removing cache processing at the end of the method
| -rw-r--r-- | apps/user_ldap/group_ldap.php | 21 |
1 files changed, 7 insertions, 14 deletions
diff --git a/apps/user_ldap/group_ldap.php b/apps/user_ldap/group_ldap.php index eba39ca50f7..c698723bebc 100644 --- a/apps/user_ldap/group_ldap.php +++ b/apps/user_ldap/group_ldap.php @@ -469,17 +469,18 @@ class GROUP_LDAP extends BackendUtility implements \OCP\GroupInterface { // apply filter via ldap search to see if this user is in this // dynamic group $userMatch = $this->access->readAttribute( - $uid, + $userDN, $this->access->connection->ldapUserDisplayName, $memberUrlFilter ); if ($userMatch !== false) { // match found so this user is in this group - $pos = strpos($dynamicGroup['dn'][0], ','); - if ($pos !== false) { - $membershipGroup = substr($dynamicGroup['dn'][0],3,$pos-3); - $groups[] = $membershipGroup; - } + $groupName = $this->access->dn2groupname($dynamicGroup['dn'][0]); + if(is_string($groupName)) { + // be sure to never return false if the dn could not be + // resolved to a name, for whatever reason. + $groups[] = $groupName; + } } } else { \OCP\Util::writeLog('user_ldap', 'No search filter found on member url '. @@ -529,14 +530,6 @@ class GROUP_LDAP extends BackendUtility implements \OCP\GroupInterface { $uid = $userDN; } - if(isset($this->cachedGroupsByMember[$uid])) { - $groups = $this->cachedGroupsByMember[$uid]; - } else { - $groups = array_values($this->getGroupsByMember($uid)); - $groups = $this->access->ownCloudGroupNames($groups); - $this->cachedGroupsByMember[$uid] = $groups; - } - if($primaryGroup !== false) { $groups[] = $primaryGroup; } |