upstream/nextcloud
1
0
Fork 0
mirror of https://github.com/nextcloud/server.git synced 2026-06-11 01:30:50 -04:00
Code Issues Projects Releases Packages Wiki Activity Actions 79

fix(ldap): store last known user groups

Browse source 
- for LDAP user life cycle management

Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
This commit is contained in:
Arthur Schiwon 2023-09-15 18:49:30 +02:00
parent 58ee21f578
commit 467e29ec03
2 changed files with 27 additions and 2 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

4
apps/user_ldap/lib/Connection.php
View file

@ -288,6 +288,10 @@ class Connection extends LDAPUtility {
return json_decode(base64_decode($this->cache->get($key) ?? ''), true);
}
public function getConfigPrefix(): string {
return $this->configPrefix;
}
/**
* @param string $key
* @param mixed $value

25
apps/user_ldap/lib/Group_LDAP.php
View file

@ -45,12 +45,16 @@
namespace OCA\User_LDAP;
use Exception;
use OCA\User_LDAP\User\OfflineUser;
use OCP\Cache\CappedMemoryCache;
use OCP\GroupInterface;
use OCP\Group\Backend\IDeleteGroupBackend;
use OCP\Group\Backend\IGetDisplayNameBackend;
use OC\ServerNotAvailableException;
use OCP\IConfig;
use OCP\Server;
use Psr\Log\LoggerInterface;
use function json_decode;
class Group_LDAP extends BackendUtility implements GroupInterface, IGroupLDAP, IGetDisplayNameBackend, IDeleteGroupBackend {
protected bool $enabled = false;
@ -81,7 +85,7 @@ class Group_LDAP extends BackendUtility implements GroupInterface, IGroupLDAP, I
$this->cachedGroupsByMember = new CappedMemoryCache();
$this->cachedNestedGroups = new CappedMemoryCache();
$this->groupPluginManager = $groupPluginManager;
$this->logger = \OCP\Server::get(LoggerInterface::class);
$this->logger = Server::get(LoggerInterface::class);
$this->ldapGroupMemberAssocAttr = strtolower((string)$gAssoc);
}
@ -661,15 +665,28 @@ class Group_LDAP extends BackendUtility implements GroupInterface, IGroupLDAP, I
* @throws Exception
* @throws ServerNotAvailableException
*/
public function getUserGroups($uid) {
public function getUserGroups($uid): array {
if (!$this->enabled) {
return [];
}
$ncUid = $uid;
$cacheKey = 'getUserGroups' . $uid;
$userGroups = $this->access->connection->getFromCache($cacheKey);
if (!is_null($userGroups)) {
return $userGroups;
}
$user = $this->access->userManager->get($uid);
if ($user instanceof OfflineUser) {
// We load known group memberships from configuration for remnants,
// because LDAP server does not contain them anymore
/** @var IConfig $config */
$config = Server::get(IConfig::class);
$groupStr = $config->getUserValue($uid, 'user_ldap', 'cached-group-memberships-' . $this->access->connection->getConfigPrefix(), '[]');
return json_decode($groupStr) ?? [];
}
$userDN = $this->access->username2dn($uid);
if (!$userDN) {
$this->access->connection->writeToCache($cacheKey, []);
@ -783,6 +800,10 @@ class Group_LDAP extends BackendUtility implements GroupInterface, IGroupLDAP, I
$groups = array_unique($groups, SORT_LOCALE_STRING);
$this->access->connection->writeToCache($cacheKey, $groups);
/** @var IConfig $config */
$config = Server::get(IConfig::class);
$groupStr = \json_encode($groups);
$config->setUserValue($ncUid, 'user_ldap', 'cached-group-memberships-' . $this->access->connection->getConfigPrefix(), $groupStr);
return $groups;
}