diff options
Diffstat (limited to 'apps/user_ldap/lib/Group_LDAP.php')
| -rw-r--r-- | apps/user_ldap/lib/Group_LDAP.php | 52 |
1 files changed, 24 insertions, 28 deletions
diff --git a/apps/user_ldap/lib/Group_LDAP.php b/apps/user_ldap/lib/Group_LDAP.php index ba75df02111..271cc96afbd 100644 --- a/apps/user_ldap/lib/Group_LDAP.php +++ b/apps/user_ldap/lib/Group_LDAP.php @@ -31,24 +31,19 @@ class Group_LDAP extends ABackend implements GroupInterface, IGroupLDAP, IGetDis protected CappedMemoryCache $cachedGroupsByMember; /** @var CappedMemoryCache<string[]> $cachedNestedGroups array of groups with gid (DN) as key */ protected CappedMemoryCache $cachedNestedGroups; - protected GroupPluginManager $groupPluginManager; protected LoggerInterface $logger; - protected Access $access; /** * @var string $ldapGroupMemberAssocAttr contains the LDAP setting (in lower case) with the same name */ protected string $ldapGroupMemberAssocAttr; - private IConfig $config; - private IUserManager $ncUserManager; public function __construct( - Access $access, - GroupPluginManager $groupPluginManager, - IConfig $config, - IUserManager $ncUserManager + protected Access $access, + protected GroupPluginManager $groupPluginManager, + private IConfig $config, + private IUserManager $ncUserManager, ) { - $this->access = $access; $filter = $this->access->connection->ldapGroupFilter; $gAssoc = $this->access->connection->ldapGroupMemberAssocAttr; if (!empty($filter) && !empty($gAssoc)) { @@ -58,11 +53,8 @@ class Group_LDAP extends ABackend implements GroupInterface, IGroupLDAP, IGetDis $this->cachedGroupMembers = new CappedMemoryCache(); $this->cachedGroupsByMember = new CappedMemoryCache(); $this->cachedNestedGroups = new CappedMemoryCache(); - $this->groupPluginManager = $groupPluginManager; $this->logger = Server::get(LoggerInterface::class); $this->ldapGroupMemberAssocAttr = strtolower((string)$gAssoc); - $this->config = $config; - $this->ncUserManager = $ncUserManager; } /** @@ -454,7 +446,7 @@ class Group_LDAP extends ABackend implements GroupInterface, IGroupLDAP, IGetDis string $groupDN, string $search = '', ?int $limit = -1, - ?int $offset = 0 + ?int $offset = 0, ): array { try { $filter = $this->prepareFilterForUsersHasGidNumber($groupDN, $search); @@ -578,7 +570,7 @@ class Group_LDAP extends ABackend implements GroupInterface, IGroupLDAP, IGetDis string $groupDN, string $search = '', ?int $limit = -1, - ?int $offset = 0 + ?int $offset = 0, ): array { try { $filter = $this->prepareFilterForUsersInPrimaryGroup($groupDN, $search); @@ -603,7 +595,7 @@ class Group_LDAP extends ABackend implements GroupInterface, IGroupLDAP, IGetDis string $groupDN, string $search = '', int $limit = -1, - int $offset = 0 + int $offset = 0, ): int { try { $filter = $this->prepareFilterForUsersInPrimaryGroup($groupDN, $search); @@ -646,6 +638,10 @@ class Group_LDAP extends ABackend implements GroupInterface, IGroupLDAP, IGetDis return false; } + /** + * @param string $uid + * @return list<string> + */ protected function getCachedGroupsForUserId(string $uid): array { $groupStr = $this->config->getUserValue($uid, 'user_ldap', 'cached-group-memberships-' . $this->access->connection->getConfigPrefix(), '[]'); return json_decode($groupStr, true) ?? []; @@ -658,7 +654,7 @@ class Group_LDAP extends ABackend implements GroupInterface, IGroupLDAP, IGetDis * This function includes groups based on dynamic group membership. * * @param string $uid Name of the user - * @return string[] Group names + * @return list<string> Group names * @throws Exception * @throws ServerNotAvailableException */ @@ -1023,9 +1019,9 @@ class Group_LDAP extends ABackend implements GroupInterface, IGroupLDAP, IGetDis return $groupUsers; } $search = $this->access->escapeFilterPart($search, true); - $isMemberUid = - ($this->ldapGroupMemberAssocAttr === 'memberuid' || - $this->ldapGroupMemberAssocAttr === 'zimbramailforwardingaddress'); + $isMemberUid + = ($this->ldapGroupMemberAssocAttr === 'memberuid' + || $this->ldapGroupMemberAssocAttr === 'zimbramailforwardingaddress'); //we need to apply the search filter //alternatives that need to be checked: @@ -1182,7 +1178,7 @@ class Group_LDAP extends ABackend implements GroupInterface, IGroupLDAP, IGetDis continue; } $name = $item[$this->access->connection->ldapGroupDisplayName][0] ?? null; - $gid = $this->access->dn2groupname($dn, $name); + $gid = $this->access->dn2groupname($dn, $name, false); if (!$gid) { continue; } @@ -1203,10 +1199,10 @@ class Group_LDAP extends ABackend implements GroupInterface, IGroupLDAP, IGetDis * compared with GroupInterface::CREATE_GROUP etc. */ public function implementsActions($actions): bool { - return (bool)((GroupInterface::COUNT_USERS | - GroupInterface::DELETE_GROUP | - GroupInterface::IS_ADMIN | - $this->groupPluginManager->getImplementedActions()) & $actions); + return (bool)((GroupInterface::COUNT_USERS + | GroupInterface::DELETE_GROUP + | GroupInterface::IS_ADMIN + | $this->groupPluginManager->getImplementedActions()) & $actions); } /** @@ -1258,7 +1254,7 @@ class Group_LDAP extends ABackend implements GroupInterface, IGroupLDAP, IGetDis if ($ret = $this->groupPluginManager->deleteGroup($gid)) { // Delete group in nextcloud internal db $this->access->getGroupMapper()->unmap($gid); - $this->access->connection->writeToCache("groupExists" . $gid, false); + $this->access->connection->writeToCache('groupExists' . $gid, false); } return $ret; } @@ -1266,17 +1262,17 @@ class Group_LDAP extends ABackend implements GroupInterface, IGroupLDAP, IGetDis // Getting dn, if false the group is not mapped $dn = $this->access->groupname2dn($gid); if (!$dn) { - throw new Exception('Could not delete unknown group '.$gid.' in LDAP backend.'); + throw new Exception('Could not delete unknown group ' . $gid . ' in LDAP backend.'); } if (!$this->groupExists($gid)) { // The group does not exist in the LDAP, remove the mapping $this->access->getGroupMapper()->unmap($gid); - $this->access->connection->writeToCache("groupExists" . $gid, false); + $this->access->connection->writeToCache('groupExists' . $gid, false); return true; } - throw new Exception('Could not delete existing group '.$gid.' in LDAP backend.'); + throw new Exception('Could not delete existing group ' . $gid . ' in LDAP backend.'); } /** |