nextcloud · CarlSchwan · Dec 10, 2021 · Dec 10, 2021 · Dec 10, 2021 · nickvergessen
diff --git a/apps/user_ldap/lib/Access.php b/apps/user_ldap/lib/Access.php
@@ -528,7 +528,7 @@ public function dn2username($fdn, $ldapName = null) {
 	 */
 	public function dn2ocname($fdn, $ldapName = null, $isUser = true, &$newlyMapped = null, array $record = null) {
 		static $intermediates = [];
-		if (isset($intermediates[$isUser ? 'user-' : 'group-' . $fdn])) {
+		if (isset($intermediates[($isUser ? 'user-' : 'group-') . $fdn])) {
 			return false; // is a known intermediate
 		}
 
@@ -567,7 +567,7 @@ public function dn2ocname($fdn, $ldapName = null, $isUser = true, &$newlyMapped
 			$ldapName = $this->readAttribute($fdn, $nameAttribute, $filter);
 			if (!isset($ldapName[0]) || empty($ldapName[0])) {
 				$this->logger->debug('No or empty name for ' . $fdn . ' with filter ' . $filter . '.', ['app' => 'user_ldap']);
-				$intermediates[$isUser ? 'user-' : 'group-' . $fdn] = true;
+				$intermediates[($isUser ? 'user-' : 'group-') . $fdn] = true;
 				return false;
 			}
 			$ldapName = $ldapName[0];

diff --git a/apps/user_ldap/lib/Group_LDAP.php b/apps/user_ldap/lib/Group_LDAP.php
@@ -88,7 +88,7 @@ public function __construct(Access $access, GroupPluginManager $groupPluginManag
 	}
 
 	/**
-	 * is user in group?
+	 * Check if user is in group
 	 *
 	 * @param string $uid uid of the user
 	 * @param string $gid gid of the group
@@ -240,18 +240,21 @@ public function getDynamicGroupMembers(string $dnGroup): array {
 	}
 
 	/**
+	 * Get group members from dn.
+	 * @psalm-param array<string, int|array|string> $seen List of DN that have already been processed.
 	 * @throws ServerNotAvailableException
 	 */
 	private function _groupMembers(string $dnGroup, ?array &$seen = null): array {
 		if ($seen === null) {
 			$seen = [];
-			// the root entry has to be marked as processed to avoind infinit loops,
-			// but not included in the results laters on
+			// the root entry has to be marked as processed to avoid infinite loops,
+			// but not included in the results later on
 			$excludeFromResult = $dnGroup;
 		}
 		// cache only base groups, otherwise groups get additional unwarranted members
 		$shouldCacheResult = count($seen) === 0;
 
+		/** @psalm-var array<string, string[]|bool> $rawMemberReads */
 		static $rawMemberReads = []; // runtime cache for intermediate ldap read results
 		$allMembers = [];
 
@@ -331,6 +334,7 @@ private function _groupMembers(string $dnGroup, ?array &$seen = null): array {
 	}
 
 	/**
+	 * @return string[]
 	 * @throws ServerNotAvailableException
 	 */
 	private function _getGroupDNsFromMemberOf(string $dn): array {
@@ -357,7 +361,8 @@ private function _getGroupDNsFromMemberOf(string $dn): array {
 	}
 
 	/**
-	 * @param list<array{dn: list<string>}|string> $list
+	 * @psalm-param list<array{dn: list<string>}|string> $list
+	 * @psalm-param array<string, int|array|string> $seen List of DN that have already been processed.
 	 * @param Closure(string) $fetcher
 	 */
 	private function processListFromWalkingNestedGroups(array &$list, array &$seen, string $dn, Closure $fetcher): void {
@@ -372,7 +377,7 @@ private function processListFromWalkingNestedGroups(array &$list, array &$seen,
 			$fetched = $this->access->connection->getFromCache($cacheKey);
 			if ($fetched === null) {
 				$fetched = $fetcher($recordDN);
-				$fetched = $this->access->connection->writeToCache($cacheKey, $fetched);
+				$this->access->connection->writeToCache($cacheKey, $fetched);
 			}
 			$list = array_merge($list, $fetched);
 			if (!isset($seen[$recordDN]) || is_bool($seen[$recordDN]) && is_array($record)) {
@@ -382,7 +387,8 @@ private function processListFromWalkingNestedGroups(array &$list, array &$seen,
 	}
 
 	/**
-	 * @param list<array{dn: list<string>}|string> $list
+	 * @psalm-param list<array{dn: list<string>}|string> $list
+	 * @psalm-param array<string, int|array|string> $seen List of DN that have already been processed.
 	 * @param Closure(string) $fetcher
 	 */
 	private function walkNestedGroupsReturnDNs(string $dn, Closure $fetcher, array $list, array &$seen = []): array {
@@ -397,7 +403,9 @@ private function walkNestedGroupsReturnDNs(string $dn, Closure $fetcher, array $
 	}
 
 	/**
-	 * @param list<array{dn: list<string>}> $list
+	 * @psalm-param list<array{dn: list<string>}> $list
+	 * @psalm-param array<string, int|array|string> $seen List of DN that have already been processed.
+	 * @return array[] An array of records
 	 * @param Closure(string) $fetcher
 	 */
 	private function walkNestedGroupsReturnRecords(string $dn, Closure $fetcher, array $list, array &$seen = []): array {
@@ -419,9 +427,9 @@ private function walkNestedGroupsReturnRecords(string $dn, Closure $fetcher, arr
 	}
 
 	/**
-	 * translates a gidNumber into an ownCloud internal name
+	 * Translates a gidNumber into the Nextcloud internal name.
 	 *
-	 * @return string|bool
+	 * @return string|false The nextcloud internal name.
 	 * @throws Exception
 	 * @throws ServerNotAvailableException
 	 */
@@ -442,10 +450,11 @@ public function gidNumber2Name(string $gid, string $dn) {
 	}
 
 	/**
+	 * @return ?string The name of the group
 	 * @throws ServerNotAvailableException
 	 * @throws Exception
 	 */
-	private function getNameOfGroup(string $filter, string $cacheKey) {
+	private function getNameOfGroup(string $filter, string $cacheKey): ?string {
 		$result = $this->access->searchGroups($filter, ['dn'], 1);
 		if (empty($result)) {
 			$this->access->connection->writeToCache($cacheKey, false);
@@ -464,9 +473,7 @@ private function getNameOfGroup(string $filter, string $cacheKey) {
 	}
 
 	/**
-	 * returns the entry's gidNumber
-	 *
-	 * @return string|bool
+	 * @return string|bool The entry's gidNumber
 	 * @throws ServerNotAvailableException
 	 */
 	private function getEntryGidNumber(string $dn, string $attribute) {
@@ -478,17 +485,15 @@ private function getEntryGidNumber(string $dn, string $attribute) {
 	}
 
 	/**
-	 * @return string|bool
+	 * @return string|bool The group's gidNumber
 	 * @throws ServerNotAvailableException
 	 */
 	public function getGroupGidNumber(string $dn) {
 		return $this->getEntryGidNumber($dn, 'gidNumber');
 	}
 
 	/**
-	 * returns the user's gidNumber
-	 *
-	 * @return string|bool
+	 * @return string|bool The user's gidNumber
 	 * @throws ServerNotAvailableException
 	 */
 	public function getUserGidNumber(string $dn) {
@@ -523,8 +528,7 @@ private function prepareFilterForUsersHasGidNumber(string $groupDN, string $sear
 	}
 
 	/**
-	 * returns a list of users that have the given group as gid number
-	 *
+	 * @return array A list of users that have the given group as gid number
 	 * @throws ServerNotAvailableException
 	 */
 	public function getUsersInGidNumber(
@@ -551,7 +555,7 @@ public function getUsersInGidNumber(
 
 	/**
 	 * @throws ServerNotAvailableException
-	 * @return bool
+	 * @return false|string
 	 */
 	public function getUserGroupByGid(string $dn) {
 		$groupID = $this->getUserGidNumber($dn);
@@ -566,9 +570,9 @@ public function getUserGroupByGid(string $dn) {
 	}
 
 	/**
-	 * translates a primary group ID into an Nextcloud internal name
+	 * Translates a primary group ID into an Nextcloud internal name
 	 *
-	 * @return string|bool
+	 * @return string|false
 	 * @throws Exception
 	 * @throws ServerNotAvailableException
 	 */
@@ -593,9 +597,7 @@ public function primaryGroupID2Name(string $gid, string $dn) {
 	}
 
 	/**
-	 * returns the entry's primary group ID
-	 *
-	 * @return string|bool
+	 * @return string|false The entry's group Id
 	 * @throws ServerNotAvailableException
 	 */
 	private function getEntryGroupID(string $dn, string $attribute) {
@@ -607,15 +609,15 @@ private function getEntryGroupID(string $dn, string $attribute) {
 	}
 
 	/**
-	 * @return string|bool
+	 * @return string|false The entry's primary group Id
 	 * @throws ServerNotAvailableException
 	 */
 	public function getGroupPrimaryGroupID(string $dn) {
 		return $this->getEntryGroupID($dn, 'primaryGroupToken');
 	}
 
 	/**
-	 * @return string|bool
+	 * @return string|false
 	 * @throws ServerNotAvailableException
 	 */
 	public function getUserPrimaryGroupIDs(string $dn) {
@@ -695,7 +697,7 @@ public function countUsersInPrimaryGroup(
 	}
 
 	/**
-	 * @return string|bool
+	 * @return string|false
 	 * @throws ServerNotAvailableException
 	 */
 	public function getUserPrimaryGroup(string $dn) {
@@ -949,7 +951,7 @@ public function usersInGroup($gid, $search = '', $limit = -1, $offset = 0) {
 
 		$groupDN = $this->access->groupname2dn($gid);
 		if (!$groupDN) {
-			// group couldn't be found, return empty resultset
+			// group couldn't be found, return empty result-set
 			$this->access->connection->writeToCache($cacheKey, []);
 			return [];
 		}

diff --git a/apps/user_ldap/lib/Wizard.php b/apps/user_ldap/lib/Wizard.php
@@ -886,7 +886,7 @@ private function testMemberOf() {
 			throw new \Exception('Could not connect to LDAP');
 		}
 		$result = $this->access->countUsers('memberOf=*', ['memberOf'], 1);
-		if (is_int($result) &&  $result > 0) {
+		if (is_int($result) && $result > 0) {
 			return true;
 		}
 		return false;