123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261 |
- <?php
- namespace OCA\User_LDAP\User;
- use OCA\User_LDAP\Access;
- use OCA\User_LDAP\FilesystemHelper;
- use OCP\Cache\CappedMemoryCache;
- use OCP\IAvatarManager;
- use OCP\IConfig;
- use OCP\IDBConnection;
- use OCP\Image;
- use OCP\IUserManager;
- use OCP\Notification\IManager as INotificationManager;
- use OCP\Share\IManager;
- use Psr\Log\LoggerInterface;
- class Manager {
- protected ?Access $access = null;
- protected IConfig $ocConfig;
- protected IDBConnection $db;
- protected IUserManager $userManager;
- protected INotificationManager $notificationManager;
- protected FilesystemHelper $ocFilesystem;
- protected LoggerInterface $logger;
- protected Image $image;
- protected IAvatarManager $avatarManager;
-
- protected CappedMemoryCache $usersByDN;
-
- protected CappedMemoryCache $usersByUid;
- private IManager $shareManager;
- public function __construct(
- IConfig $ocConfig,
- FilesystemHelper $ocFilesystem,
- LoggerInterface $logger,
- IAvatarManager $avatarManager,
- Image $image,
- IUserManager $userManager,
- INotificationManager $notificationManager,
- IManager $shareManager
- ) {
- $this->ocConfig = $ocConfig;
- $this->ocFilesystem = $ocFilesystem;
- $this->logger = $logger;
- $this->avatarManager = $avatarManager;
- $this->image = $image;
- $this->userManager = $userManager;
- $this->notificationManager = $notificationManager;
- $this->usersByDN = new CappedMemoryCache();
- $this->usersByUid = new CappedMemoryCache();
- $this->shareManager = $shareManager;
- }
-
- public function setLdapAccess(Access $access) {
- $this->access = $access;
- }
-
- private function createAndCache($dn, $uid) {
- $this->checkAccess();
- $user = new User($uid, $dn, $this->access, $this->ocConfig,
- $this->ocFilesystem, clone $this->image, $this->logger,
- $this->avatarManager, $this->userManager,
- $this->notificationManager);
- $this->usersByDN[$dn] = $user;
- $this->usersByUid[$uid] = $user;
- return $user;
- }
-
- public function invalidate($uid) {
- if (!isset($this->usersByUid[$uid])) {
- return;
- }
- $dn = $this->usersByUid[$uid]->getDN();
- unset($this->usersByUid[$uid]);
- unset($this->usersByDN[$dn]);
- }
-
- private function checkAccess() {
- if (is_null($this->access)) {
- throw new \Exception('LDAP Access instance must be set first');
- }
- }
-
- public function getAttributes($minimal = false) {
- $baseAttributes = array_merge(Access::UUID_ATTRIBUTES, ['dn', 'uid', 'samaccountname', 'memberof']);
- $attributes = [
- $this->access->getConnection()->ldapExpertUUIDUserAttr,
- $this->access->getConnection()->ldapQuotaAttribute,
- $this->access->getConnection()->ldapEmailAttribute,
- $this->access->getConnection()->ldapUserDisplayName,
- $this->access->getConnection()->ldapUserDisplayName2,
- $this->access->getConnection()->ldapExtStorageHomeAttribute,
- $this->access->getConnection()->ldapAttributePhone,
- $this->access->getConnection()->ldapAttributeWebsite,
- $this->access->getConnection()->ldapAttributeAddress,
- $this->access->getConnection()->ldapAttributeTwitter,
- $this->access->getConnection()->ldapAttributeFediverse,
- $this->access->getConnection()->ldapAttributeOrganisation,
- $this->access->getConnection()->ldapAttributeRole,
- $this->access->getConnection()->ldapAttributeHeadline,
- $this->access->getConnection()->ldapAttributeBiography,
- ];
- $homeRule = (string)$this->access->getConnection()->homeFolderNamingRule;
- if (str_starts_with($homeRule, 'attr:')) {
- $attributes[] = substr($homeRule, strlen('attr:'));
- }
- if (!$minimal) {
-
-
- $attributes = array_merge(
- $attributes,
- $this->access->getConnection()->resolveRule('avatar')
- );
- }
- $attributes = array_reduce($attributes,
- function ($list, $attribute) {
- $attribute = strtolower(trim((string)$attribute));
- if (!empty($attribute) && !in_array($attribute, $list)) {
- $list[] = $attribute;
- }
- return $list;
- },
- $baseAttributes
- );
- return $attributes;
- }
-
- public function isDeletedUser($id) {
- $isDeleted = $this->ocConfig->getUserValue(
- $id, 'user_ldap', 'isDeleted', 0);
- return (int)$isDeleted === 1;
- }
-
- public function getDeletedUser($id) {
- return new OfflineUser(
- $id,
- $this->ocConfig,
- $this->access->getUserMapper(),
- $this->shareManager
- );
- }
-
- protected function createInstancyByUserName($id) {
-
- if ($this->isDeletedUser($id)) {
- return $this->getDeletedUser($id);
- }
- $dn = $this->access->username2dn($id);
- if ($dn !== false) {
- return $this->createAndCache($dn, $id);
- }
- return null;
- }
-
- public function get($id) {
- $this->checkAccess();
- if (isset($this->usersByDN[$id])) {
- return $this->usersByDN[$id];
- } elseif (isset($this->usersByUid[$id])) {
- return $this->usersByUid[$id];
- }
- if ($this->access->stringResemblesDN($id)) {
- $uid = $this->access->dn2username($id);
- if ($uid !== false) {
- return $this->createAndCache($id, $uid);
- }
- }
- return $this->createInstancyByUserName($id);
- }
- }
|