Skip to content

[stable15] fix exception on LDAP mapping during login #13119

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
blizzz merged 4 commits into from
Dec 17, 2018
Merged

[stable15] fix exception on LDAP mapping during login #13119

Changes from 1 commit
Commits
Show all changes
4 commits
Select commit Hold shift + click to select a range
e3fd241
cache users as existing after mapping
blizzz Nov 27, 2018
c6b540a
be careful with mixed return values even if it may look unsuspicious…
blizzz Nov 27, 2018
acc7eee
run LDAP integrations tests with redis which is the recommended setup
blizzz Dec 3, 2018
a7a1be7
LDAP clear cache on config modification also when done via API or CLI
blizzz Dec 16, 2018
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
Next Next commit
cache users as existing after mapping 
during login they might be cached as non-existing and cause an Exception
in the long run

reduces some duplication, too

Signed-off-by: Arthur Schiwon <[email protected]>
  • Loading branch information
@blizzz
blizzz authored and Backportbot committed Dec 17, 2018
commit e3fd241abab7bb419918f8996ea24261edbe1e23
44 changes: 30 additions & 14 deletions apps/user_ldap/lib/Access.php
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -609,33 +609,49 @@ public function dn2ocname($fdn, $ldapName = null, $isUser = true, &$newlyMapped
// outside of core user management will still cache the user as non-existing.
$originalTTL = $this->connection->ldapCacheTTL;
$this->connection->setConfiguration(['ldapCacheTTL' => 0]);
if(($isUser && $intName !== '' && !$this->ncUserManager->userExists($intName))
|| (!$isUser && !\OC::$server->getGroupManager()->groupExists($intName))) {
if($mapper->map($fdn, $intName, $uuid)) {
$this->connection->setConfiguration(['ldapCacheTTL' => $originalTTL]);
if($this->ncUserManager instanceof PublicEmitter && $isUser) {
$this->ncUserManager->emit('\OC\User', 'assignedUserId', [$intName]);
}
$newlyMapped = true;
if( $intName !== ''
&& (($isUser && !$this->ncUserManager->userExists($intName))
|| (!$isUser && !\OC::$server->getGroupManager()->groupExists($intName))
)
) {
$this->connection->setConfiguration(['ldapCacheTTL' => $originalTTL]);
$newlyMapped = $this->mapAndAnnounceIfApplicable($mapper, $fdn, $intName, $uuid, $isUser);
if($newlyMapped) {
return $intName;
}
}
$this->connection->setConfiguration(['ldapCacheTTL' => $originalTTL]);

$this->connection->setConfiguration(['ldapCacheTTL' => $originalTTL]);
$altName = $this->createAltInternalOwnCloudName($intName, $isUser);
if (is_string($altName) && $mapper->map($fdn, $altName, $uuid)) {
if ($this->ncUserManager instanceof PublicEmitter && $isUser) {
$this->ncUserManager->emit('\OC\User', 'assignedUserId', [$altName]);
if (is_string($altName)) {
if($this->mapAndAnnounceIfApplicable($mapper, $fdn, $altName, $uuid, $isUser)) {
$newlyMapped = true;
return $altName;
}
$newlyMapped = true;
return $altName;
}

//if everything else did not help..
\OCP\Util::writeLog('user_ldap', 'Could not create unique name for '.$fdn.'.', ILogger::INFO);
return false;
}

protected function mapAndAnnounceIfApplicable(
AbstractMapping $mapper,
string $fdn,
string $name,
string $uuid,
bool $isUser
) :bool {
if($mapper->map($fdn, $name, $uuid)) {
if ($this->ncUserManager instanceof PublicEmitter && $isUser) {
$this->cacheUserExists($name);
$this->ncUserManager->emit('\OC\User', 'assignedUserId', [$name]);
}
return true;
}
return false;
}

/**
* gives back the user names as they are used ownClod internally
* @param array $ldapUsers as returned by fetchList()
Expand Down