summaryrefslogtreecommitdiffstats
path: root/apps/user_ldap
diff options
context:
space:
mode:
authorblizzz <blizzz@arthur-schiwon.de>2021-01-14 11:36:42 +0100
committerGitHub <noreply@github.com>2021-01-14 11:36:42 +0100
commitf9ab7575e70aeb5a08cba8fca9661dd6e4704cc9 (patch)
tree7c6cd135c3b6801108a3f518f085cb4ca4f4ef4b /apps/user_ldap
parent121e2d832b198b01bf25d5f9c3a1b9acdf5cb1a8 (diff)
parent21ca5d4514eed69e40c26ddba0e3671923594e4e (diff)
downloadnextcloud-server-f9ab7575e70aeb5a08cba8fca9661dd6e4704cc9.tar.gz
nextcloud-server-f9ab7575e70aeb5a08cba8fca9661dd6e4704cc9.zip
Merge pull request #25036 from nextcloud/fix/noid/limitied-allowed-items-db-in_2
respect DB restrictions on number of arguments in statements and queries
Diffstat (limited to 'apps/user_ldap')
-rw-r--r--apps/user_ldap/lib/Mapping/AbstractMapping.php53
-rw-r--r--apps/user_ldap/tests/Mapping/AbstractMappingTest.php19
2 files changed, 66 insertions, 6 deletions
diff --git a/apps/user_ldap/lib/Mapping/AbstractMapping.php b/apps/user_ldap/lib/Mapping/AbstractMapping.php
index f9f2b125d0e..dcff88de008 100644
--- a/apps/user_ldap/lib/Mapping/AbstractMapping.php
+++ b/apps/user_ldap/lib/Mapping/AbstractMapping.php
@@ -30,6 +30,7 @@ namespace OCA\User_LDAP\Mapping;
use Doctrine\DBAL\Exception;
use OC\DB\QueryBuilder\QueryBuilder;
use OCP\DB\IPreparedStatement;
+use OCP\DB\QueryBuilder\IQueryBuilder;
/**
* Class AbstractMapping
@@ -199,19 +200,59 @@ abstract class AbstractMapping {
return $this->cache[$fdn];
}
- public function getListOfIdsByDn(array $fdns): array {
+ protected function prepareListOfIdsQuery(array $dnList): IQueryBuilder {
$qb = $this->dbc->getQueryBuilder();
$qb->select('owncloud_name', 'ldap_dn')
->from($this->getTableName(false))
- ->where($qb->expr()->in('ldap_dn', $qb->createNamedParameter($fdns, QueryBuilder::PARAM_STR_ARRAY)));
- $stmt = $qb->execute();
+ ->where($qb->expr()->in('ldap_dn', $qb->createNamedParameter($dnList, QueryBuilder::PARAM_STR_ARRAY)));
+ return $qb;
+ }
- $results = $stmt->fetchAll(\Doctrine\DBAL\FetchMode::ASSOCIATIVE);
- foreach ($results as $key => $entry) {
- unset($results[$key]);
+ protected function collectResultsFromListOfIdsQuery(IQueryBuilder $qb, array &$results): void {
+ $stmt = $qb->execute();
+ while ($entry = $stmt->fetch(\Doctrine\DBAL\FetchMode::ASSOCIATIVE)) {
$results[$entry['ldap_dn']] = $entry['owncloud_name'];
$this->cache[$entry['ldap_dn']] = $entry['owncloud_name'];
}
+ $stmt->closeCursor();
+ }
+
+ public function getListOfIdsByDn(array $fdns): array {
+ $totalDBParamLimit = 65000;
+ $sliceSize = 1000;
+ $maxSlices = $totalDBParamLimit / $sliceSize;
+ $results = [];
+
+ $slice = 1;
+ $fdnsSlice = count($fdns) > $sliceSize ? array_slice($fdns, 0, $sliceSize) : $fdns;
+ $qb = $this->prepareListOfIdsQuery($fdnsSlice);
+
+ while (isset($fdnsSlice[999])) {
+ // Oracle does not allow more than 1000 values in the IN list,
+ // but allows slicing
+ $slice++;
+ $fdnsSlice = array_slice($fdns, $sliceSize * ($slice - 1), $sliceSize);
+
+ /** @see https://github.com/vimeo/psalm/issues/4995 */
+ /** @psalm-suppress TypeDoesNotContainType */
+ if (!isset($qb)) {
+ $qb = $this->prepareListOfIdsQuery($fdnsSlice);
+ continue;
+ }
+
+ if (!empty($fdnsSlice)) {
+ $qb->orWhere($qb->expr()->in('ldap_dn', $qb->createNamedParameter($fdnsSlice, QueryBuilder::PARAM_STR_ARRAY)));
+ }
+
+ if ($slice % $maxSlices === 0) {
+ $this->collectResultsFromListOfIdsQuery($qb, $results);
+ unset($qb);
+ }
+ }
+
+ if (isset($qb)) {
+ $this->collectResultsFromListOfIdsQuery($qb, $results);
+ }
return $results;
}
diff --git a/apps/user_ldap/tests/Mapping/AbstractMappingTest.php b/apps/user_ldap/tests/Mapping/AbstractMappingTest.php
index 079c2e21b10..35259345f25 100644
--- a/apps/user_ldap/tests/Mapping/AbstractMappingTest.php
+++ b/apps/user_ldap/tests/Mapping/AbstractMappingTest.php
@@ -281,4 +281,23 @@ abstract class AbstractMappingTest extends \Test\TestCase {
$results = $mapper->getList(1, 1);
$this->assertSame(1, count($results));
}
+
+ public function testGetListOfIdsByDn() {
+ /** @var AbstractMapping $mapper */
+ list($mapper,) = $this->initTest();
+
+ $listOfDNs = [];
+ for ($i = 0; $i < 66640; $i++) {
+ // Postgres has a limit of 65535 values in a single IN list
+ $name = 'as_' . $i;
+ $dn = 'uid=' . $name . ',dc=example,dc=org';
+ $listOfDNs[] = $dn;
+ if ($i % 20 === 0) {
+ $mapper->map($dn, $name, 'fake-uuid-' . $i);
+ }
+ }
+
+ $result = $mapper->getListOfIdsByDn($listOfDNs);
+ $this->assertSame(66640 / 20, count($result));
+ }
}