diff options
author | Arthur Schiwon <blizzz@owncloud.com> | 2012-08-29 19:11:32 +0200 |
---|---|---|
committer | Arthur Schiwon <blizzz@owncloud.com> | 2012-08-29 19:37:18 +0200 |
commit | 741a21292ed73a9b3b9e11633afb00e1725dcf74 (patch) | |
tree | 9e8e9b8d5ea0f2a8cc2c4aecb578d7811618adf0 /apps | |
parent | 8be8f6fff2d3456e2f2bd928d40f2e8347f7128b (diff) | |
download | nextcloud-server-741a21292ed73a9b3b9e11633afb00e1725dcf74.tar.gz nextcloud-server-741a21292ed73a9b3b9e11633afb00e1725dcf74.zip |
LDAP: fix potential infinite loop introduced with 4c4aa92eef858a2a96bb5676304acbcaafaa56f2, as side effect optimize groupExists-method.
Diffstat (limited to 'apps')
-rw-r--r-- | apps/user_ldap/group_ldap.php | 21 | ||||
-rw-r--r-- | apps/user_ldap/lib/access.php | 14 |
2 files changed, 20 insertions, 15 deletions
diff --git a/apps/user_ldap/group_ldap.php b/apps/user_ldap/group_ldap.php index b29ebe30c51..aac3ed78917 100644 --- a/apps/user_ldap/group_ldap.php +++ b/apps/user_ldap/group_ldap.php @@ -232,7 +232,26 @@ class GROUP_LDAP extends lib\Access implements \OCP\GroupInterface { * @return bool */ public function groupExists($gid){ - return in_array($gid, $this->getGroups()); + if($this->connection->isCached('groupExists'.$gid)) { + return $this->connection->getFromCache('groupExists'.$gid); + } + + //getting dn, if false the group does not exist. If dn, it may be mapped only, requires more checking. + $dn = $this->username2dn($gid); + if(!$dn) { + $this->connection->writeToCache('groupExists'.$gid, false); + return false; + } + + //if group really still exists, we will be able to read its objectclass + $objcs = $this->readAttribute($dn, 'objectclass'); + if(!$objcs || empty($objcs)) { + $this->connection->writeToCache('groupExists'.$gid, false); + return false; + } + + $this->connection->writeToCache('groupExists'.$gid, true); + return true; } /** diff --git a/apps/user_ldap/lib/access.php b/apps/user_ldap/lib/access.php index 9abbd91c179..089548a69ba 100644 --- a/apps/user_ldap/lib/access.php +++ b/apps/user_ldap/lib/access.php @@ -137,20 +137,6 @@ abstract class Access { $dn = $this->ocname2dn($name, true); if($dn) { return $dn; - } else { - //fallback: user is not mapped - $filter = $this->combineFilterWithAnd(array( - $this->connection->ldapUserFilter, - $this->connection->ldapUserDisplayName . '=' . $name, - )); - $result = $this->searchUsers($filter, 'dn'); - if(isset($result[0]['dn'])) { - //try mapping, if names equalize return DN - $uid = $this->dn2username($result[0]['dn']); - if($uid == $name) { - return $result[0]['dn']; - } - } } return false; |