summaryrefslogtreecommitdiffstats
path: root/apps/user_ldap/lib
diff options
context:
space:
mode:
authorRoland Tapken <roland@bitarbeiter.net>2018-02-07 16:08:25 +0100
committerArthur Schiwon <blizzz@arthur-schiwon.de>2019-03-05 11:07:40 +0100
commite7c506cff100b588e1943bd7dbaef2ef687a1bfb (patch)
treea3c3bf6393678adac6185d619280d0ef6662a5a1 /apps/user_ldap/lib
parentafb182650e02ee0dd9ff18e8669d9077cdddef73 (diff)
downloadnextcloud-server-e7c506cff100b588e1943bd7dbaef2ef687a1bfb.tar.gz
nextcloud-server-e7c506cff100b588e1943bd7dbaef2ef687a1bfb.zip
Reduce queries to LDAP by caching nested groups
Nested groups are now cached in a CappedMemoryCache object to reduce queries to the LDAP backend. Signed-off-by: Roland Tapken <roland@bitarbeiter.net>
Diffstat (limited to 'apps/user_ldap/lib')
-rw-r--r--apps/user_ldap/lib/Group_LDAP.php24
1 files changed, 18 insertions, 6 deletions
diff --git a/apps/user_ldap/lib/Group_LDAP.php b/apps/user_ldap/lib/Group_LDAP.php
index 427245d4a06..2e3bc0b4a5c 100644
--- a/apps/user_ldap/lib/Group_LDAP.php
+++ b/apps/user_ldap/lib/Group_LDAP.php
@@ -58,6 +58,11 @@ class Group_LDAP extends BackendUtility implements \OCP\GroupInterface, IGroupLD
*/
protected $cachedGroupsByMember;
+ /**
+ * @var string[] $cachedNestedGroups array of groups with gid (DN) as key
+ */
+ protected $cachedNestedGroups;
+
/** @var GroupPluginManager */
protected $groupPluginManager;
@@ -71,6 +76,7 @@ class Group_LDAP extends BackendUtility implements \OCP\GroupInterface, IGroupLD
$this->cachedGroupMembers = new CappedMemoryCache();
$this->cachedGroupsByMember = new CappedMemoryCache();
+ $this->cachedNestedGroups = new CappedMemoryCache();
$this->groupPluginManager = $groupPluginManager;
}
@@ -257,8 +263,8 @@ class Group_LDAP extends BackendUtility implements \OCP\GroupInterface, IGroupLD
if (!is_array($groups)) {
return array();
}
- $nestedGroups = $this->access->connection->ldapNestedGroups;
- if ((int)$nestedGroups === 1) {
+ $nestedGroups = (int) $this->access->connection->ldapNestedGroups;
+ if ($nestedGroups === 1) {
$seen = array();
while ($group = array_pop($groups)) {
if ($group === $DN || array_key_exists($group, $seen)) {
@@ -268,11 +274,17 @@ class Group_LDAP extends BackendUtility implements \OCP\GroupInterface, IGroupLD
$seen[$group] = 1;
// Resolve nested groups
- $nestedGroups = $this->access->readAttribute($group, 'memberOf');
- if (is_array($nestedGroups)) {
- foreach ($nestedGroups as $nestedGroup) {
- array_push($groups, $nestedGroup);
+ if (isset($cachedNestedGroups[$group])) {
+ $nestedGroups = $cachedNestedGroups[$group];
+ } else {
+ $nestedGroups = $this->access->readAttribute($group, 'memberOf');
+ if (!is_array($nestedGroups)) {
+ $nestedGroups = [];
}
+ $cachedNestedGroups[$group] = $nestedGroups;
+ }
+ foreach ($nestedGroups as $nestedGroup) {
+ array_push($groups, $nestedGroup);
}
}
// Get unique group DN's from those we have visited in the loop