123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209 |
- <?php
- /**
- * @copyright Copyright (c) 2016, ownCloud, Inc.
- *
- * @author Arthur Schiwon <blizzz@arthur-schiwon.de>
- * @author Bart Visscher <bartv@thisnet.nl>
- * @author Christopher Schäpers <kondou@ts.unde.re>
- * @author Christoph Wurst <christoph@winzerhof-wurst.at>
- * @author Joas Schilling <coding@schilljs.com>
- * @author Jörn Friedrich Dreyer <jfd@butonic.de>
- * @author Lukas Reschke <lukas@statuscode.ch>
- * @author Morris Jobke <hey@morrisjobke.de>
- * @author Robin McCorkell <robin@mccorkell.me.uk>
- * @author Roeland Jago Douma <roeland@famdouma.nl>
- * @author Roger Szabo <roger.szabo@web.de>
- * @author Thomas Müller <thomas.mueller@tmit.eu>
- *
- * @license AGPL-3.0
- *
- * This code is free software: you can redistribute it and/or modify
- * it under the terms of the GNU Affero General Public License, version 3,
- * as published by the Free Software Foundation.
- *
- * This program is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
- * GNU Affero General Public License for more details.
- *
- * You should have received a copy of the GNU Affero General Public License, version 3,
- * along with this program. If not, see <http://www.gnu.org/licenses/>
- *
- */
- namespace OCA\User_LDAP;
- use OCA\User_LDAP\Mapping\GroupMapping;
- use OCA\User_LDAP\Mapping\UserMapping;
- use OCA\User_LDAP\User\Manager;
- use OCP\IConfig;
- use OCP\IUserManager;
- use Psr\Log\LoggerInterface;
- abstract class Proxy {
- private static $accesses = [];
- private $ldap = null;
- /** @var bool */
- private $isSingleBackend;
- /** @var \OCP\ICache|null */
- private $cache;
- /**
- * @param ILDAPWrapper $ldap
- */
- public function __construct(ILDAPWrapper $ldap) {
- $this->ldap = $ldap;
- $memcache = \OC::$server->getMemCacheFactory();
- if ($memcache->isAvailable()) {
- $this->cache = $memcache->createDistributed();
- }
- }
- /**
- * @param string $configPrefix
- */
- private function addAccess(string $configPrefix): void {
- $ocConfig = \OC::$server->get(IConfig::class);
- $userMap = \OC::$server->get(UserMapping::class);
- $groupMap = \OC::$server->get(GroupMapping::class);
- $coreUserManager = \OC::$server->get(IUserManager::class);
- $logger = \OC::$server->get(LoggerInterface::class);
- $helper = \OC::$server->get(Helper::class);
- $userManager = \OC::$server->get(Manager::class);
- $connector = new Connection($this->ldap, $configPrefix);
- $access = new Access($connector, $this->ldap, $userManager, $helper, $ocConfig, $coreUserManager, $logger);
- $access->setUserMapper($userMap);
- $access->setGroupMapper($groupMap);
- self::$accesses[$configPrefix] = $access;
- }
- /**
- * @param string $configPrefix
- * @return mixed
- */
- protected function getAccess($configPrefix) {
- if (!isset(self::$accesses[$configPrefix])) {
- $this->addAccess($configPrefix);
- }
- return self::$accesses[$configPrefix];
- }
- /**
- * @param string $uid
- * @return string
- */
- protected function getUserCacheKey($uid) {
- return 'user-' . $uid . '-lastSeenOn';
- }
- /**
- * @param string $gid
- * @return string
- */
- protected function getGroupCacheKey($gid) {
- return 'group-' . $gid . '-lastSeenOn';
- }
- /**
- * @param string $id
- * @param string $method
- * @param array $parameters
- * @param bool $passOnWhen
- * @return mixed
- */
- abstract protected function callOnLastSeenOn($id, $method, $parameters, $passOnWhen);
- /**
- * @param string $id
- * @param string $method
- * @param array $parameters
- * @return mixed
- */
- abstract protected function walkBackends($id, $method, $parameters);
- /**
- * @param string $id
- * @return Access
- */
- abstract public function getLDAPAccess($id);
- abstract protected function activeBackends(): int;
- protected function isSingleBackend(): bool {
- if ($this->isSingleBackend === null) {
- $this->isSingleBackend = $this->activeBackends() === 1;
- }
- return $this->isSingleBackend;
- }
- /**
- * Takes care of the request to the User backend
- *
- * @param string $id
- * @param string $method string, the method of the user backend that shall be called
- * @param array $parameters an array of parameters to be passed
- * @param bool $passOnWhen
- * @return mixed, the result of the specified method
- */
- protected function handleRequest($id, $method, $parameters, $passOnWhen = false) {
- if (!$this->isSingleBackend()) {
- $result = $this->callOnLastSeenOn($id, $method, $parameters, $passOnWhen);
- }
- if (!isset($result) || $result === $passOnWhen) {
- $result = $this->walkBackends($id, $method, $parameters);
- }
- return $result;
- }
- /**
- * @param string|null $key
- * @return string
- */
- private function getCacheKey($key) {
- $prefix = 'LDAP-Proxy-';
- if ($key === null) {
- return $prefix;
- }
- return $prefix . hash('sha256', $key);
- }
- /**
- * @param string $key
- * @return mixed|null
- */
- public function getFromCache($key) {
- if ($this->cache === null) {
- return null;
- }
- $key = $this->getCacheKey($key);
- $value = $this->cache->get($key);
- if ($value === null) {
- return null;
- }
- return json_decode(base64_decode($value));
- }
- /**
- * @param string $key
- * @param mixed $value
- */
- public function writeToCache($key, $value) {
- if ($this->cache === null) {
- return;
- }
- $key = $this->getCacheKey($key);
- $value = base64_encode(json_encode($value));
- $this->cache->set($key, $value, 2592000);
- }
- public function clearCache() {
- if ($this->cache === null) {
- return;
- }
- $this->cache->clear($this->getCacheKey(null));
- }
- }
|