1st attempt

simonLeary42 · simonLeary42 · commit 65e5572ebb35 · 2025-07-05T14:53:01.000-04:00
diff --git a/resources/lib/UnityLDAP.php b/resources/lib/UnityLDAP.php
@@ -218,6 +218,13 @@ public function getUnassignedID($uid, $UnitySQL)
         return $next_uid;
     }
 
+    public function getAllUsersUIDs()
+    {
+        // should not use $user_ou->getChildren or $this->search(objectClass=posixAccount, $base_dn)
+        // Unity users might be outside user ou, and not all users in LDAP tree are unity users
+        return $this->userGroup->getAttribute("memberuid");
+    }
+
   //
   // Functions that return user/group objects
   //
@@ -236,14 +243,24 @@ public function getAllUsers($UnitySQL, $UnityMailer, $UnityRedis, $UnityWebhook,
             }
         }
 
-        $users = $this->userGroup->getAttribute("memberuid");
+        $users = $this->getAllUsersUIDs();
         sort($users);
         foreach ($users as $user) {
             $params = array($user, $this, $UnitySQL, $UnityMailer, $UnityRedis, $UnityWebhook);
             array_push($out, new UnityUser(...$params));
         }
+    }
 
-        return $out;
+    public function getAllUsersEntries()
+    {
+        $include_uids = $this->getAllUsersUIDs();
+        $user_entries = $this->search("objectClass=posixAccount", $CONFIG["ldap"]["basedn"], []);
+        foreach ($user_entries as $i => $entry) {
+            if (!in_array($entry["uid"], $include_uids)) {
+                unset($user_entries[$i]);
+            }
+        }
+        return $user_entries;
     }
 
     public function getAllPIGroups($UnitySQL, $UnityMailer, $UnityRedis, $UnityWebhook, $ignorecache = false)
@@ -278,6 +295,32 @@ public function getAllPIGroups($UnitySQL, $UnityMailer, $UnityRedis, $UnityWebho
         return $out;
     }
 
+    public function getAllPIGroupsEntries()
+    {
+        return $this->pi_groupOU->getChildrenArray(true);
+    }
+
+    /** Returns an assosiative array where keys are UIDs and values are lists of PI GIDs */
+    public function getAllUID2PIGIDs()
+    {
+        // initialize output so each UID is a key with an empty array as its value
+        $UID2PIGIDs = array_combine(
+            $this->getAllUsersUIDs(),
+            array_map(
+                fn($x) => [],
+                $this->getAllUsersUIDs()
+            )
+        );
+        // for each PI group, append that GID to the member list for each of its member UIDs
+        foreach ($this->getAllPIGroupsEntries() as $entry) {
+            $gid = $entry["cn"];
+            foreach ($entry["memberUid"] as $uid) {
+                array_push($UID2PIGIDs[$uid], $gid);
+            }
+        }
+        return $UID2PIGIDs;
+    }
+
     public function getAllOrgGroups($UnitySQL, $UnityMailer, $UnityRedis, $UnityWebhook, $ignorecache = false)
     {
         $out = array();
@@ -309,6 +352,11 @@ public function getAllOrgGroups($UnitySQL, $UnityMailer, $UnityRedis, $UnityWebh
         return $out;
     }
 
+    public function getAllOrgGroupsEntries()
+    {
+        return $this->org_groupOU->getChildrenArray(true);
+    }
+
     public function getUserEntry($uid)
     {
         $uid = ldap_escape($uid, LDAP_ESCAPE_DN);
diff --git a/webroot/admin/user-mgmt.php b/webroot/admin/user-mgmt.php
@@ -37,36 +37,33 @@
     </tr>
 
     <?php
-    $users = $LDAP->getAllUsers($SQL, $MAILER, $REDIS, $WEBHOOK);
-
-    usort($users, function ($a, $b) {
-        return strcmp($a->getUID(), $b->getUID());
+    $UID2PIGIDs = $LDAP->getAllUID2PIGIDs();
+    $user_entries = $LDAP->getAllUsersEntries();
+    usort($user_entries, function ($a, $b) {
+        return strcmp($a["uid"], $b["uid"]);
     });
-
-    foreach ($users as $user) {
-        if ($user->hasRequestedAccountDeletion()) {
+    foreach ($user_entries as $entry) {
+        $uid = $entry["uid"];
+        if ($SQL->accDeletionRequestExists($uid)) {
             echo "<tr style='color:grey; font-style: italic'>";
         } else {
             echo "<tr>";
         }
-        echo "<td>" . $user->getFirstname() . " " . $user->getLastname() . "</td>";
-        echo "<td>" . $user->getUID() . "</td>";
-        echo "<td>" . $user->getOrg() . "</td>";
-        echo "<td><a href='mailto:" . $user->getMail() . "'>" . $user->getMail() . "</a></td>";
+        echo "<td>" . $entry["gecos"] . "</td>";
+        echo "<td>" . $uid . "</td>";
+        echo "<td>" . $user["o"] . "</td>";
+        echo "<td><a href='mailto:" . $user["mail"] . "'>" . $user["mail"] . "</a></td>";
         echo "<td>";
-        $cur_user_groups = $user->getGroups();
-        foreach ($cur_user_groups as $cur_group) {
-            echo "<a href='mailto:" . $cur_group->getOwner()->getMail() . "'>" . $cur_group->getPIUID() . "</a>";
-            if ($cur_group !== array_key_last($cur_user_groups)) {
-                echo '<br>';
-            }
+        foreach ($UID2PIGIDS[$uid] as $GID) {
+            echo "<p>$GID</p>";
         }
+        echo "<br>";
         echo "</td>";
         echo "<td>";
         echo "<form class='viewAsUserForm' action='' method='POST'
-        onsubmit='return confirm(\"Are you sure you want to switch to the user " . $user->getUID() . "?\");'>
+        onsubmit='return confirm(\"Are you sure you want to switch to the user '$uid'?\");'>
         <input type='hidden' name='form_type' value='viewAsUser'>
-        <input type='hidden' name='uid' value='" . $user->getUID() . "'>
+        <input type='hidden' name='uid' value='$uid'>
         <input type='submit' name='action' value='Access'>
         </form>";
         echo "</td>";
