Proxy.php 5.4 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210
  1. <?php
  2. /**
  3. * @copyright Copyright (c) 2016, ownCloud, Inc.
  4. *
  5. * @author Arthur Schiwon <blizzz@arthur-schiwon.de>
  6. * @author Bart Visscher <bartv@thisnet.nl>
  7. * @author Christopher Schäpers <kondou@ts.unde.re>
  8. * @author Christoph Wurst <christoph@winzerhof-wurst.at>
  9. * @author Joas Schilling <coding@schilljs.com>
  10. * @author Jörn Friedrich Dreyer <jfd@butonic.de>
  11. * @author Lukas Reschke <lukas@statuscode.ch>
  12. * @author Morris Jobke <hey@morrisjobke.de>
  13. * @author Robin McCorkell <robin@mccorkell.me.uk>
  14. * @author Roeland Jago Douma <roeland@famdouma.nl>
  15. * @author Roger Szabo <roger.szabo@web.de>
  16. * @author Thomas Müller <thomas.mueller@tmit.eu>
  17. *
  18. * @license AGPL-3.0
  19. *
  20. * This code is free software: you can redistribute it and/or modify
  21. * it under the terms of the GNU Affero General Public License, version 3,
  22. * as published by the Free Software Foundation.
  23. *
  24. * This program is distributed in the hope that it will be useful,
  25. * but WITHOUT ANY WARRANTY; without even the implied warranty of
  26. * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
  27. * GNU Affero General Public License for more details.
  28. *
  29. * You should have received a copy of the GNU Affero General Public License, version 3,
  30. * along with this program. If not, see <http://www.gnu.org/licenses/>
  31. *
  32. */
  33. namespace OCA\User_LDAP;
  34. use OCA\User_LDAP\Mapping\GroupMapping;
  35. use OCA\User_LDAP\Mapping\UserMapping;
  36. use OCA\User_LDAP\User\Manager;
  37. use OCP\IConfig;
  38. use OCP\IUserManager;
  39. use OCP\Server;
  40. use Psr\Log\LoggerInterface;
  41. abstract class Proxy {
  42. private static $accesses = [];
  43. private $ldap = null;
  44. /** @var bool */
  45. private $isSingleBackend;
  46. /** @var \OCP\ICache|null */
  47. private $cache;
  48. /**
  49. * @param ILDAPWrapper $ldap
  50. */
  51. public function __construct(ILDAPWrapper $ldap) {
  52. $this->ldap = $ldap;
  53. $memcache = \OC::$server->getMemCacheFactory();
  54. if ($memcache->isAvailable()) {
  55. $this->cache = $memcache->createDistributed();
  56. }
  57. }
  58. /**
  59. * @param string $configPrefix
  60. */
  61. private function addAccess(string $configPrefix): void {
  62. $ocConfig = Server::get(IConfig::class);
  63. $userMap = Server::get(UserMapping::class);
  64. $groupMap = Server::get(GroupMapping::class);
  65. $coreUserManager = Server::get(IUserManager::class);
  66. $logger = Server::get(LoggerInterface::class);
  67. $helper = Server::get(Helper::class);
  68. $userManager = Server::get(Manager::class);
  69. $connector = new Connection($this->ldap, $configPrefix);
  70. $access = new Access($connector, $this->ldap, $userManager, $helper, $ocConfig, $coreUserManager, $logger);
  71. $access->setUserMapper($userMap);
  72. $access->setGroupMapper($groupMap);
  73. self::$accesses[$configPrefix] = $access;
  74. }
  75. /**
  76. * @param string $configPrefix
  77. * @return mixed
  78. */
  79. protected function getAccess($configPrefix) {
  80. if (!isset(self::$accesses[$configPrefix])) {
  81. $this->addAccess($configPrefix);
  82. }
  83. return self::$accesses[$configPrefix];
  84. }
  85. /**
  86. * @param string $uid
  87. * @return string
  88. */
  89. protected function getUserCacheKey($uid) {
  90. return 'user-' . $uid . '-lastSeenOn';
  91. }
  92. /**
  93. * @param string $gid
  94. * @return string
  95. */
  96. protected function getGroupCacheKey($gid) {
  97. return 'group-' . $gid . '-lastSeenOn';
  98. }
  99. /**
  100. * @param string $id
  101. * @param string $method
  102. * @param array $parameters
  103. * @param bool $passOnWhen
  104. * @return mixed
  105. */
  106. abstract protected function callOnLastSeenOn($id, $method, $parameters, $passOnWhen);
  107. /**
  108. * @param string $id
  109. * @param string $method
  110. * @param array $parameters
  111. * @return mixed
  112. */
  113. abstract protected function walkBackends($id, $method, $parameters);
  114. /**
  115. * @param string $id
  116. * @return Access
  117. */
  118. abstract public function getLDAPAccess($id);
  119. abstract protected function activeBackends(): int;
  120. protected function isSingleBackend(): bool {
  121. if ($this->isSingleBackend === null) {
  122. $this->isSingleBackend = $this->activeBackends() === 1;
  123. }
  124. return $this->isSingleBackend;
  125. }
  126. /**
  127. * Takes care of the request to the User backend
  128. *
  129. * @param string $id
  130. * @param string $method string, the method of the user backend that shall be called
  131. * @param array $parameters an array of parameters to be passed
  132. * @param bool $passOnWhen
  133. * @return mixed, the result of the specified method
  134. */
  135. protected function handleRequest($id, $method, $parameters, $passOnWhen = false) {
  136. if (!$this->isSingleBackend()) {
  137. $result = $this->callOnLastSeenOn($id, $method, $parameters, $passOnWhen);
  138. }
  139. if (!isset($result) || $result === $passOnWhen) {
  140. $result = $this->walkBackends($id, $method, $parameters);
  141. }
  142. return $result;
  143. }
  144. /**
  145. * @param string|null $key
  146. * @return string
  147. */
  148. private function getCacheKey($key) {
  149. $prefix = 'LDAP-Proxy-';
  150. if ($key === null) {
  151. return $prefix;
  152. }
  153. return $prefix . hash('sha256', $key);
  154. }
  155. /**
  156. * @param string $key
  157. * @return mixed|null
  158. */
  159. public function getFromCache($key) {
  160. if ($this->cache === null) {
  161. return null;
  162. }
  163. $key = $this->getCacheKey($key);
  164. $value = $this->cache->get($key);
  165. if ($value === null) {
  166. return null;
  167. }
  168. return json_decode(base64_decode($value));
  169. }
  170. /**
  171. * @param string $key
  172. * @param mixed $value
  173. */
  174. public function writeToCache($key, $value) {
  175. if ($this->cache === null) {
  176. return;
  177. }
  178. $key = $this->getCacheKey($key);
  179. $value = base64_encode(json_encode($value));
  180. $this->cache->set($key, $value, 2592000);
  181. }
  182. public function clearCache() {
  183. if ($this->cache === null) {
  184. return;
  185. }
  186. $this->cache->clear($this->getCacheKey(null));
  187. }
  188. }