extern/egroupware_official
1
0
Fork 0
mirror of https://github.com/EGroupware/egroupware.git synced 2024-12-26 16:49:10 +01:00
Code Issues Packages Projects Releases Wiki Activity

more connection retry and making sure to not remove memberships, because different case of user-name

Browse Source
This commit is contained in:
ralf 2024-08-09 15:18:10 +02:00
parent bc582dedfb
commit 68d79bf481
3 changed files with 36 additions and 14 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
api/src/Accounts/Import.php
View File

@ -1128,8 +1128,8 @@ class Import
} }
// removing no longer set members // removing no longer set members
if (($sql_members = $this->accounts_sql->members($sql_group_id)) && if (($sql_members = array_map(self::class.'::strtolower', $this->accounts_sql->members($sql_group_id))) &&
($removed = array_diff($sql_members, $members))) ($removed = array_diff($sql_members, array_map(self::class.'::strtolower', $members))))
{ {
foreach($removed as $sql_account_id => $sql_account_lid) foreach($removed as $sql_account_id => $sql_account_lid)
{ {

45
api/src/Accounts/Ldap.php
View File

@ -483,6 +483,35 @@ class Ldap
return ldap_delete($this->ds, $allValues[0]['dn']); return ldap_delete($this->ds, $allValues[0]['dn']);
} }
/**
* Run ldap_search($this->ds, $context, $filter, $attributes) and retry once, if connection is lost
*
* @param string $context
* @param string $filter
* @param array $attributes
* @return array|false false if not found or error, or array with data from ldap_get_entries
* @throws Api\Exception\AssertionFailed
* @throws Api\Exception\NoPermission
*/
protected function _ldap_search($context, $filter, array $attributes)
{
for($retry=1; $retry >= 0; --$retry)
{
if (!($sri = ldap_search($this->ds, $context, $filter, $attributes)) &&
$retry >= 0 && in_array(ldap_errno($this->ds), [91, -1]))
{
$this->ds = $this->ldap_connection(true);
continue;
}
break;
}
if (!$sri || !($ldap_data = ldap_get_entries($this->ds, $sri)) || !$ldap_data['count'])
{
return false; // entry not found
}
return Api\Translation::convert($ldap_data[0],'utf-8');
}
/** /**
* Reads the data of one group * Reads the data of one group
* *
@ -505,15 +534,11 @@ class Ldap
break; break;
} }
} }
$sri = ldap_search($this->ds, $this->group_context,'(&(objectClass=posixGroup)(gidnumber=' . abs($account_id).'))', if (!($data = $this->_ldap_search($this->group_context,'(&(objectClass=posixGroup)(gidnumber=' . abs($account_id).'))',
array('dn', 'gidnumber', 'cn', 'objectclass', static::MAIL_ATTR, 'memberuid', 'description')); array('dn', 'gidnumber', 'cn', 'objectclass', static::MAIL_ATTR, 'memberuid', 'description'))))
$ldap_data = ldap_get_entries($this->ds, $sri);
if (!$ldap_data['count'])
{ {
return false; // group not found return false; // group not found
} }
$data = Api\Translation::convert($ldap_data[0],'utf-8');
unset($data['objectclass']['count']); unset($data['objectclass']['count']);
$group += array( $group += array(
@ -558,16 +583,12 @@ class Ldap
// add account_filter to filter (user has to be '*', as we otherwise only search uid's) // add account_filter to filter (user has to be '*', as we otherwise only search uid's)
$account_filter = str_replace(array('%user', '%domain'), array('*', $GLOBALS['egw_info']['user']['domain']), $this->account_filter); $account_filter = str_replace(array('%user', '%domain'), array('*', $GLOBALS['egw_info']['user']['domain']), $this->account_filter);
$sri = ldap_search($this->ds, $this->user_context, '(&(objectclass=posixAccount)(uidnumber=' . (int)$account_id.")$account_filter)", if (!($data = $this->_ldap_search($this->user_context, '(&(objectclass=posixAccount)(uidnumber=' . (int)$account_id.")$account_filter)",
array('dn','uidnumber','uid','gidnumber','givenname','sn','cn',static::MAIL_ATTR,'userpassword','telephonenumber', array('dn','uidnumber','uid','gidnumber','givenname','sn','cn',static::MAIL_ATTR,'userpassword','telephonenumber',
'shadowexpire','shadowlastchange','homedirectory','loginshell','createtimestamp','modifytimestamp')); 'shadowexpire','shadowlastchange','homedirectory','loginshell','createtimestamp','modifytimestamp'))))
$ldap_data = ldap_get_entries($this->ds, $sri);
if (!$ldap_data['count'])
{ {
return false; // user not found return false; // user not found
} }
$data = Api\Translation::convert($ldap_data[0],'utf-8');
$utc_diff = date('Z'); $utc_diff = date('Z');
$user = array( $user = array(

1
api/src/Contacts/Ldap.php
View File

@ -1300,6 +1300,7 @@ class Ldap
} }
throw new \Exception(ldap_error($this->ds) ?: 'Unable to retrieve LDAP result', ldap_errno($this->ds)); throw new \Exception(ldap_error($this->ds) ?: 'Unable to retrieve LDAP result', ldap_errno($this->ds));
} }
break;
} }
$this->total += $entries['count']; $this->total += $entries['count'];
//error_log(__METHOD__."('$_ldapContext', '$_filter', ".array2string($_attributes).", $_addressbooktype) result of $entries[count]"); //error_log(__METHOD__."('$_ldapContext', '$_filter', ".array2string($_attributes).", $_addressbooktype) result of $entries[count]");