aboutsummaryrefslogtreecommitdiffstats
path: root/apps
diff options
context:
space:
mode:
Diffstat (limited to 'apps')
-rw-r--r--apps/user_ldap/group_ldap.php53
-rw-r--r--apps/user_ldap/lib/connection.php59
-rw-r--r--apps/user_ldap/settings.php12
-rw-r--r--apps/user_ldap/templates/settings.php1
-rw-r--r--apps/user_ldap/user_ldap.php18
5 files changed, 109 insertions, 34 deletions
diff --git a/apps/user_ldap/group_ldap.php b/apps/user_ldap/group_ldap.php
index b9f4bdf1990..aff25593ef7 100644
--- a/apps/user_ldap/group_ldap.php
+++ b/apps/user_ldap/group_ldap.php
@@ -26,11 +26,6 @@ namespace OCA\user_ldap;
class GROUP_LDAP extends lib\Access implements \OCP\GroupInterface {
protected $enabled = false;
- protected $_group_user = array();
- protected $_user_groups = array();
- protected $_group_users = array();
- protected $_groups = array();
-
public function setConnector(lib\Connection &$connection) {
parent::setConnector($connection);
if(empty($this->connection->ldapGroupFilter) || empty($this->connection->ldapGroupMemberAssocAttr)) {
@@ -51,18 +46,20 @@ class GROUP_LDAP extends lib\Access implements \OCP\GroupInterface {
if(!$this->enabled) {
return false;
}
- if(isset($this->_group_user[$gid][$uid])) {
- return $this->_group_user[$gid][$uid];
+ if($this->connection->isCached('inGroup'.$uid.':'.$gid)) {
+ return $this->connection->getFromCache('inGroup'.$uid.':'.$gid);
}
$dn_user = $this->username2dn($uid);
$dn_group = $this->groupname2dn($gid);
// just in case
if(!$dn_group || !$dn_user) {
+ $this->connection->writeToCache('inGroup'.$uid.':'.$gid, false);
return false;
}
//usually, LDAP attributes are said to be case insensitive. But there are exceptions of course.
$members = $this->readAttribute($dn_group, $this->connection->ldapGroupMemberAssocAttr);
if(!$members) {
+ $this->connection->writeToCache('inGroup'.$uid.':'.$gid, false);
return false;
}
@@ -81,8 +78,10 @@ class GROUP_LDAP extends lib\Access implements \OCP\GroupInterface {
$members = $dns;
}
- $this->_group_user[$gid][$uid] = in_array($dn_user, $members);
- return $this->_group_user[$gid][$uid];
+ $isInGroup = in_array($dn_user, $members);
+ $this->connection->writeToCache('inGroup'.$uid.':'.$gid, $isInGroup);
+
+ return $isInGroup;
}
/**
@@ -97,12 +96,12 @@ class GROUP_LDAP extends lib\Access implements \OCP\GroupInterface {
if(!$this->enabled) {
return array();
}
- if(isset($this->_user_groups[$uid])) {
- return $this->_user_groups[$uid];
+ if($this->connection->isCached('getUserGroups'.$uid)) {
+ return $this->connection->getFromCache('getUserGroups'.$uid);
}
$userDN = $this->username2dn($uid);
if(!$userDN) {
- $this->_user_groups[$uid] = array();
+ $this->connection->writeToCache('getUserGroups'.$uid, array());
return array();
}
@@ -124,9 +123,10 @@ class GROUP_LDAP extends lib\Access implements \OCP\GroupInterface {
$this->connection->ldapGroupMemberAssocAttr.'='.$uid
));
$groups = $this->fetchListOfGroups($filter, array($this->connection->ldapGroupDisplayName,'dn'));
- $this->_user_groups[$uid] = array_unique($this->ownCloudGroupNames($groups), SORT_LOCALE_STRING);
+ $groups = array_unique($this->ownCloudGroupNames($groups), SORT_LOCALE_STRING);
+ $this->connection->writeToCache('getUserGroups'.$uid, $groups);
- return $this->_user_groups[$uid];
+ return $groups;
}
/**
@@ -137,19 +137,19 @@ class GROUP_LDAP extends lib\Access implements \OCP\GroupInterface {
if(!$this->enabled) {
return array();
}
- if(isset($this->_group_users[$gid])) {
- return $this->_group_users[$gid];
+ if($this->connection->isCached('usersInGroup'.$gid)) {
+ return $this->connection->getFromCache('usersInGroup'.$gid);
}
$groupDN = $this->groupname2dn($gid);
if(!$groupDN) {
- $this->_group_users[$gid] = array();
+ $this->connection->writeToCache('usersInGroup'.$gid, array());
return array();
}
$members = $this->readAttribute($groupDN, $this->connection->ldapGroupMemberAssocAttr);
if(!$members) {
- $this->_group_users[$gid] = array();
+ $this->connection->writeToCache('usersInGroup'.$gid, array());
return array();
}
@@ -173,8 +173,10 @@ class GROUP_LDAP extends lib\Access implements \OCP\GroupInterface {
if(!$isMemberUid) {
$result = array_intersect($result, \OCP\User::getUsers());
}
- $this->_group_users[$gid] = array_unique($result, SORT_LOCALE_STRING);
- return $this->_group_users[$gid];
+ $groupUsers = array_unique($result, SORT_LOCALE_STRING);
+ $this->connection->writeToCache('usersInGroup'.$gid, $groupUsers);
+
+ return $groupUsers;
}
/**
@@ -187,11 +189,14 @@ class GROUP_LDAP extends lib\Access implements \OCP\GroupInterface {
if(!$this->enabled) {
return array();
}
- if(empty($this->_groups)) {
- $ldap_groups = $this->fetchListOfGroups($this->connection->ldapGroupFilter, array($this->connection->ldapGroupDisplayName, 'dn'));
- $this->_groups = $this->ownCloudGroupNames($ldap_groups);
+ if($this->connection->isCached('getGroups')) {
+ return $this->connection->getFromCache('getGroups');
}
- return $this->_groups;
+ $ldap_groups = $this->fetchListOfGroups($this->connection->ldapGroupFilter, array($this->connection->ldapGroupDisplayName, 'dn'));
+ $ldap_groups = $this->ownCloudGroupNames($ldap_groups);
+ $this->connection->writeToCache('getGroups', $ldap_groups);
+
+ return $ldap_groups;
}
/**
diff --git a/apps/user_ldap/lib/connection.php b/apps/user_ldap/lib/connection.php
index 96ffea4b64b..cd9c83ff333 100644
--- a/apps/user_ldap/lib/connection.php
+++ b/apps/user_ldap/lib/connection.php
@@ -28,7 +28,10 @@ class Connection {
private $configID;
private $configured = false;
- //cached settings
+ //cache handler
+ protected $cache;
+
+ //settings
protected $config = array(
'ldapHost' => null,
'ldapPort' => null,
@@ -48,10 +51,12 @@ class Connection {
'ldapQuotaAttribute' => null,
'ldapQuotaDefault' => null,
'ldapEmailAttribute' => null,
+ 'ldapCacheTTL' => null,
);
public function __construct($configID = 'user_ldap') {
$this->configID = $configID;
+ $this->cache = \OC_Cache::getGlobalCache();
}
public function __destruct() {
@@ -92,6 +97,57 @@ class Connection {
return $this->ldapConnectionRes;
}
+ private function getCacheKey($key) {
+ $prefix = 'LDAP-'.$this->configID.'-';
+ if(is_null($key)) {
+ return $prefix;
+ }
+ return $prefix.md5($key);
+ }
+
+ public function getFromCache($key) {
+ if(!$this->configured) {
+ $this->readConfiguration();
+ }
+ if(!$this->config['ldapCacheTTL']) {
+ return null;
+ }
+ if(!$this->isCached($key)) {
+ return null;
+
+ }
+ $key = $this->getCacheKey($key);
+
+ return unserialize(base64_decode($this->cache->get($key)));
+ }
+
+ public function isCached($key) {
+ if(!$this->configured) {
+ $this->readConfiguration();
+ }
+ if(!$this->config['ldapCacheTTL']) {
+ return false;
+ }
+ $key = $this->getCacheKey($key);
+ return $this->cache->hasKey($key);
+ }
+
+ public function writeToCache($key, $value) {
+ if(!$this->configured) {
+ $this->readConfiguration();
+ }
+ if(!$this->config['ldapCacheTTL']) {
+ return null;
+ }
+ $key = $this->getCacheKey($key);
+ $value = base64_encode(serialize($value));
+ $this->cache->set($key, $value, $this->config['ldapCacheTTL']);
+ }
+
+ public function clearCache() {
+ $this->cache->clear($this->getCacheKey(null));
+ }
+
/**
* Caches the general LDAP configuration.
*/
@@ -118,6 +174,7 @@ class Connection {
$this->config['ldapEmailAttribute'] = \OCP\Config::getAppValue($this->configID, 'ldap_email_attr', '');
$this->config['ldapGroupMemberAssocAttr'] = \OCP\Config::getAppValue($this->configID, 'ldap_group_member_assoc_attribute', 'uniqueMember');
$this->config['ldapIgnoreNamingRules'] = \OCP\Config::getSystemValue('ldapIgnoreNamingRules', false);
+ $this->config['ldapCacheTTL'] = \OCP\Config::getAppValue($this->configID, 'ldap_cache_ttl', 10*60);
$this->configured = $this->validateConfiguration();
}
diff --git a/apps/user_ldap/settings.php b/apps/user_ldap/settings.php
index 42084855e85..135c735e703 100644
--- a/apps/user_ldap/settings.php
+++ b/apps/user_ldap/settings.php
@@ -20,7 +20,7 @@
* License along with this library. If not, see <http://www.gnu.org/licenses/>.
*
*/
-$params = array('ldap_host', 'ldap_port', 'ldap_dn', 'ldap_agent_password', 'ldap_base', 'ldap_base_users', 'ldap_base_groups', 'ldap_userlist_filter', 'ldap_login_filter', 'ldap_group_filter', 'ldap_display_name', 'ldap_group_display_name', 'ldap_tls', 'ldap_nocase', 'ldap_quota_def', 'ldap_quota_attr', 'ldap_email_attr', 'ldap_group_member_assoc_attribute');
+$params = array('ldap_host', 'ldap_port', 'ldap_dn', 'ldap_agent_password', 'ldap_base', 'ldap_base_users', 'ldap_base_groups', 'ldap_userlist_filter', 'ldap_login_filter', 'ldap_group_filter', 'ldap_display_name', 'ldap_group_display_name', 'ldap_tls', 'ldap_nocase', 'ldap_quota_def', 'ldap_quota_attr', 'ldap_email_attr', 'ldap_group_member_assoc_attribute', 'ldap_cache_ttl');
OCP\Util::addscript('user_ldap', 'settings');
@@ -29,18 +29,23 @@ if ($_POST) {
if(isset($_POST[$param])){
if('ldap_agent_password' == $param) {
OCP\Config::setAppValue('user_ldap', $param, base64_encode($_POST[$param]));
+ } elseif('ldap_cache_ttl' == $param) {
+ if(OCP\Config::getAppValue('user_ldap', $param,'') != $_POST[$param]) {
+ $ldap = new \OCA\user_ldap\lib\Connection('user_ldap');
+ $ldap->clearCache();
+ OCP\Config::setAppValue('user_ldap', $param, $_POST[$param]);
+ }
} else {
OCP\Config::setAppValue('user_ldap', $param, $_POST[$param]);
}
}
elseif('ldap_tls' == $param) {
// unchecked checkboxes are not included in the post paramters
- OCP\Config::setAppValue('user_ldap', $param, 0);
+ OCP\Config::setAppValue('user_ldap', $param, 0);
}
elseif('ldap_nocase' == $param) {
OCP\Config::setAppValue('user_ldap', $param, 0);
}
-
}
}
@@ -57,5 +62,6 @@ $tmpl->assign( 'ldap_display_name', OCP\Config::getAppValue('user_ldap', 'ldap_d
$tmpl->assign( 'ldap_group_display_name', OCP\Config::getAppValue('user_ldap', 'ldap_group_display_name', 'cn'));
$tmpl->assign( 'ldap_group_member_assoc_attribute', OCP\Config::getAppValue('user_ldap', 'ldap_group_member_assoc_attribute', 'uniqueMember'));
$tmpl->assign( 'ldap_agent_password', base64_decode(OCP\Config::getAppValue('user_ldap', 'ldap_agent_password')));
+$tmpl->assign( 'ldap_cache_ttl', OCP\Config::getAppValue('user_ldap', 'ldap_cache_ttl', '600'));
return $tmpl->fetchPage();
diff --git a/apps/user_ldap/templates/settings.php b/apps/user_ldap/templates/settings.php
index 31f453b5a5a..cc61598a263 100644
--- a/apps/user_ldap/templates/settings.php
+++ b/apps/user_ldap/templates/settings.php
@@ -26,6 +26,7 @@
<p><label for="ldap_quota_attr">Quota Attribute</label><input type="text" id="ldap_quota_attr" name="ldap_quota_attr" value="<?php echo $_['ldap_quota_attr']; ?>" />
<label for="ldap_quota_def">Quota Default</label><input type="text" id="ldap_quota_def" name="ldap_quota_def" value="<?php if (isset($_['ldap_quota_def'])) echo $_['ldap_quota_def']; ?>" />bytes</p>
<p><label for="ldap_email_attr">Email Attribute</label><input type="text" id="ldap_email_attr" name="ldap_email_attr" value="<?php echo $_['ldap_email_attr']; ?>" /></p>
+ <p><label for="ldap_cache_ttl">Cache Time-To-Live</label><input type="text" id="ldap_cache_ttl" name="ldap_cache_ttl" value="<?php echo $_['ldap_cache_ttl']; ?>" /><small><?php echo $l->t('in seconds');?></small></p>
</fieldset>
<input type="submit" value="Save" /> <a href="http://owncloud.org/support/ldap-backend/" target="_blank"><img src="<?php echo OCP\Util::imagePath('','actions/info.png'); ?>" style="height:1.75ex" /> <?php echo $l->t('Help');?></a>
</div>
diff --git a/apps/user_ldap/user_ldap.php b/apps/user_ldap/user_ldap.php
index 61f84047f1e..57b2ef489ba 100644
--- a/apps/user_ldap/user_ldap.php
+++ b/apps/user_ldap/user_ldap.php
@@ -27,9 +27,6 @@ namespace OCA\user_ldap;
class USER_LDAP extends lib\Access implements \OCP\UserInterface {
- // cache getUsers()
- protected $_users = null;
-
private function updateQuota($dn) {
$quota = null;
if(!empty($this->connection->ldapQuotaDefault)) {
@@ -97,11 +94,13 @@ class USER_LDAP extends lib\Access implements \OCP\UserInterface {
* Get a list of all users.
*/
public function getUsers(){
- if(is_null($this->_users)) {
+ $ldap_users = $this->connection->getFromCache('getUsers');
+ if(is_null($ldap_users)) {
$ldap_users = $this->fetchListOfUsers($this->connection->ldapUserFilter, array($this->connection->ldapUserDisplayName, 'dn'));
- $this->_users = $this->ownCloudUserNames($ldap_users);
+ $ldap_users = $this->ownCloudUserNames($ldap_users);
+ $this->connection->writeToCache('getUsers', $ldap_users);
}
- return $this->_users;
+ return $ldap_users;
}
/**
@@ -110,18 +109,25 @@ class USER_LDAP extends lib\Access implements \OCP\UserInterface {
* @return boolean
*/
public function userExists($uid){
+ if($this->connection->isCached('userExists'.$uid)) {
+ return $this->connection->getFromCache('userExists'.$uid);
+ }
+
//getting dn, if false the user does not exist. If dn, he may be mapped only, requires more checking.
$dn = $this->username2dn($uid);
if(!$dn) {
+ $this->connection->writeToCache('userExists'.$uid, false);
return false;
}
//if user really still exists, we will be able to read his cn
$cn = $this->readAttribute($dn, 'cn');
if(!$cn || empty($cn)) {
+ $this->connection->writeToCache('userExists'.$uid, false);
return false;
}
+ $this->connection->writeToCache('userExists'.$uid, true);
return true;
}
generated by cgit v1.2.3 (git 2.39.1) at 2025-02-01 09:52:58 +0000