diff options
| author | Arthur Schiwon <blizzz@owncloud.com> | 2015-06-03 17:37:36 +0200 |
|---|---|---|
| committer | Arthur Schiwon <blizzz@owncloud.com> | 2015-06-03 17:38:27 +0200 |
| commit | 090478a95e1adc904cd8971158c848b9c00374f6 (patch) | |
| tree | 275edc857fab881ca920c4432254ff1bca960e9a /apps/user_ldap/group_ldap.php | |
| parent | 91841bb25d6479784700d800d8b21f945bb86fc8 (diff) | |
| download | nextcloud-server-090478a95e1adc904cd8971158c848b9c00374f6.tar.gz nextcloud-server-090478a95e1adc904cd8971158c848b9c00374f6.zip | |
if possible, getUserGroups should get memberships using memberOf virtual attribute
Diffstat (limited to 'apps/user_ldap/group_ldap.php')
| -rw-r--r-- | apps/user_ldap/group_ldap.php | 31 |
1 files changed, 29 insertions, 2 deletions
diff --git a/apps/user_ldap/group_ldap.php b/apps/user_ldap/group_ldap.php index 4c5c01743aa..0395a4a80e3 100644 --- a/apps/user_ldap/group_ldap.php +++ b/apps/user_ldap/group_ldap.php @@ -251,7 +251,14 @@ class GROUP_LDAP extends BackendUtility implements \OCP\GroupInterface { * @return string|bool */ public function getUserPrimaryGroupIDs($dn) { - return $this->getEntryGroupID($dn, 'primaryGroupID'); + $primaryGroupID = false; + if($this->access->connection->hasPrimaryGroups) { + $primaryGroupID = $this->getEntryGroupID($dn, 'primaryGroupID'); + if($primaryGroupID === false) { + $this->access->connection->hasPrimaryGroups = false; + } + } + return $primaryGroupID; } /** @@ -362,6 +369,27 @@ class GROUP_LDAP extends BackendUtility implements \OCP\GroupInterface { return array(); } + $groups = []; + $primaryGroup = $this->getUserPrimaryGroup($userDN); + + // if possible, read out membership via memberOf. It's far faster than + // performing a search, which still is a fallback later. + if(intval($this->access->connection->hasMemberOfFilterSupport) === 1 + && intval($this->access->connection->useMemberOfToDetectMembership) === 1 + ) { + $groupDNs = $this->access->readAttribute($userDN, 'memberOf'); + if (is_array($groupDNs)) { + foreach ($groupDNs as $dn) { + $groups[] = $this->access->dn2groupname($dn);; + } + } + if($primaryGroup !== false) { + $groups[] = $primaryGroup; + } + $this->access->connection->writeToCache($cacheKey, $groups); + return $groups; + } + //uniqueMember takes DN, memberuid the uid, so we need to distinguish if((strtolower($this->access->connection->ldapGroupMemberAssocAttr) === 'uniquemember') || (strtolower($this->access->connection->ldapGroupMemberAssocAttr) === 'member') @@ -387,7 +415,6 @@ class GROUP_LDAP extends BackendUtility implements \OCP\GroupInterface { $this->cachedGroupsByMember[$uid] = $groups; } - $primaryGroup = $this->getUserPrimaryGroup($userDN); if($primaryGroup !== false) { $groups[] = $primaryGroup; } |