diff --git a/resources/lib/UnityGroup.php b/resources/lib/UnityGroup.php index d1616225..d3a892d3 100644 --- a/resources/lib/UnityGroup.php +++ b/resources/lib/UnityGroup.php @@ -3,6 +3,7 @@ namespace UnityWebPortal\lib; use Exception; +use PHPOpenLDAPer\LdapEntry; /** * Class that represents a single PI group in the Unity Cluster. @@ -64,7 +65,7 @@ public function getPIUID() */ public function exists() { - return $this->getLDAPPiGroup()->exists(); + return $this->GetLDAPEntry()->exists(); } // @@ -216,7 +217,7 @@ public function removeGroup($send_mail = true) $users = $this->getGroupMembers(); // now we delete the ldap entry - $ldapPiGroupEntry = $this->getLDAPPiGroup(); + $ldapPiGroupEntry = $this->GetLDAPEntry(); if ($ldapPiGroupEntry->exists()) { if (!$ldapPiGroupEntry->delete()) { throw new Exception("Unable to delete PI ldap group"); @@ -409,49 +410,27 @@ public function getRequests() public function getGroupMembers($ignorecache = false) { - if (!$ignorecache) { - $cached_val = $this->REDIS->getCache($this->getPIUID(), "members"); - if (!is_null($cached_val)) { - $members = $cached_val; - } - } - - $updatecache = false; - if (!isset($members)) { - $pi_group = $this->getLDAPPiGroup(); - $members = $pi_group->getAttribute("memberuid"); - $updatecache = true; - } - + $memberuids = $this->getGroupMemberUIDs($ignorecache); $out = array(); - $cache_arr = array(); - $owner_uid = $this->getOwner()->getUID(); - foreach ($members as $member) { - $user_obj = new UnityUser( - $member, - $this->LDAP, - $this->SQL, - $this->MAILER, - $this->REDIS, - $this->WEBHOOK - ); - array_push($out, $user_obj); - array_push($cache_arr, $user_obj->getUID()); + foreach ($memberuids as $uid) { + $user_obj = new UnityUser($uid, $this->LDAP, $this->SQL, $this->MAILER, $this->REDIS, $this->WEBHOOK); + array_push($out, $user_obj); } - - if (!$ignorecache && $updatecache) { - sort($cache_arr); - $this->REDIS->setCache($this->getPIUID(), "members", $cache_arr); - } - return $out; } - public function getGroupMemberUIDs() + public function getGroupMemberUIDs($ignorecache = false): array { - $pi_group = $this->getLDAPPiGroup(); - $members = $pi_group->getAttribute("memberuid"); - + if (!$ignorecache) { + $cached_val = $this->REDIS->getCache($this->getPIUID(), "members"); + if (!is_null($cached_val)) { + return $cached_val; + } + } + $entry = $this->getLDAPEntry(); + $members = $entry->getAttribute("memberuid") ?? []; + sort($members); + $this->REDIS->setCache($this->getPIUID(), "members", $members); return $members; } @@ -479,7 +458,7 @@ private function init() $owner = $this->getOwner(); // (1) Create LDAP PI group - $ldapPiGroupEntry = $this->getLDAPPiGroup(); + $ldapPiGroupEntry = $this->GetLDAPEntry(); if (!$ldapPiGroupEntry->exists()) { $nextGID = $this->LDAP->getNextPiGIDNumber($this->SQL); @@ -501,7 +480,7 @@ private function init() private function addUserToGroup($new_user) { // Add to LDAP Group - $pi_group = $this->getLDAPPiGroup(); + $pi_group = $this->GetLDAPEntry(); $pi_group->appendAttribute("memberuid", $new_user->getUID()); if (!$pi_group->write()) { @@ -515,7 +494,7 @@ private function addUserToGroup($new_user) private function removeUserFromGroup($old_user) { // Remove from LDAP Group - $pi_group = $this->getLDAPPiGroup(); + $pi_group = $this->GetLDAPEntry(); $pi_group->removeAttributeEntryByValue("memberuid", $old_user->getUID()); if (!$pi_group->write()) { @@ -526,9 +505,10 @@ private function removeUserFromGroup($old_user) $this->REDIS->removeCacheArray($old_user->getUID(), "groups", $this->getPIUID()); } - public function userExists($user) + public function userExists(UnityUser $user, $ignorecache = false): bool { - return in_array($user->getUID(), $this->getGroupMemberUIDs()); + $members = $this->getGroupMemberUIDs($ignorecache); + return in_array($user->getUID(), $members); } private function addRequest($uid) @@ -557,7 +537,7 @@ public function getOwner() ); } - public function getLDAPPiGroup() + public function getLDAPEntry(): LdapEntry { return $this->LDAP->getPIGroupEntry($this->pi_uid); } diff --git a/resources/lib/UnityOrg.php b/resources/lib/UnityOrg.php index 03f85818..5bc0fe0e 100644 --- a/resources/lib/UnityOrg.php +++ b/resources/lib/UnityOrg.php @@ -3,6 +3,7 @@ namespace UnityWebPortal\lib; use Exception; +use PHPOpenLDAPer\LdapEntry; class UnityOrg { @@ -27,15 +28,15 @@ public function __construct($orgid, $LDAP, $SQL, $MAILER, $REDIS, $WEBHOOK) public function init() { - $org_group = $this->getLDAPOrgGroup(); + $entry = $this->getLDAPEntry(); - if (!$org_group->exists()) { + if (!$entry->exists()) { $nextGID = $this->LDAP->getNextOrgGIDNumber($this->SQL); - $org_group->setAttribute("objectclass", UnityLDAP::POSIX_GROUP_CLASS); - $org_group->setAttribute("gidnumber", strval($nextGID)); + $entry->setAttribute("objectclass", UnityLDAP::POSIX_GROUP_CLASS); + $entry->setAttribute("gidnumber", strval($nextGID)); - if (!$org_group->write()) { + if (!$entry->write()) { throw new Exception("Failed to create POSIX group for " . $this->orgid); // this shouldn't execute } } @@ -45,10 +46,10 @@ public function init() public function exists() { - return $this->getLDAPOrgGroup()->exists(); + return $this->getLDAPEntry()->exists(); } - public function getLDAPOrgGroup() + public function getLDAPEntry(): LdapEntry { return $this->LDAP->getOrgGroupEntry($this->orgid); } @@ -58,51 +59,44 @@ public function getOrgID() return $this->orgid; } - public function inOrg($user) + public function userExists(UnityUser $user, $ignorecache = false): bool { - $org_group = $this->getLDAPOrgGroup(); - $members = $org_group->getAttribute("memberuid"); - return in_array($user, $members); + $members = $this->getOrgMemberUIDs($ignorecache); + return in_array($user->getUID(), $members); } - public function getOrgMembers($ignorecache = false) + public function getOrgMemberUIDs($ignorecache = false): array { if (!$ignorecache) { $cached_val = $this->REDIS->getCache($this->getOrgID(), "members"); if (!is_null($cached_val)) { - $members = $cached_val; + return $cached_val; } } + $entry = $this->getLDAPEntry(); + $members = $entry->getAttribute("memberuid") ?? []; + sort($members); + $this->REDIS->setCache($this->getOrgID(), "members", $members); + return $members; + } - $updatecache = false; - if (!isset($members)) { - $org_group = $this->getLDAPOrgGroup(); - $members = $org_group->getAttribute("memberuid"); - $updatecache = true; - } - + public function getOrgMembers($ignorecache = false) + { + $memberuids = $this->getOrgMemberUIDs($ignorecache); $out = array(); - $cache_arr = array(); - foreach ($members as $member) { - $user_obj = new UnityUser($member, $this->LDAP, $this->SQL, $this->MAILER, $this->REDIS, $this->WEBHOOK); + foreach ($memberuids as $uid) { + $user_obj = new UnityUser($uid, $this->LDAP, $this->SQL, $this->MAILER, $this->REDIS, $this->WEBHOOK); array_push($out, $user_obj); - array_push($cache_arr, $user_obj->getUID()); - } - - if (!$ignorecache && $updatecache) { - sort($cache_arr); - $this->REDIS->setCache($this->getOrgID(), "members", $cache_arr); } - return $out; } public function addUser($user) { - $org_group = $this->getLDAPOrgGroup(); - $org_group->appendAttribute("memberuid", $user->getUID()); + $entry = $this->getLDAPEntry(); + $entry->appendAttribute("memberuid", $user->getUID()); - if (!$org_group->write()) { + if (!$entry->write()) { throw new Exception("Unable to write to org group"); } @@ -111,10 +105,10 @@ public function addUser($user) public function removeUser($user) { - $org_group = $this->getLDAPOrgGroup(); - $org_group->removeAttributeEntryByValue("memberuid", $user->getUID()); + $entry = $this->getLDAPEntry(); + $entry->removeAttributeEntryByValue("memberuid", $user->getUID()); - if (!$org_group->write()) { + if (!$entry->write()) { throw new Exception("Unable to write to org group"); } diff --git a/resources/lib/UnityUser.php b/resources/lib/UnityUser.php index 4f88eac6..9d3a114c 100644 --- a/resources/lib/UnityUser.php +++ b/resources/lib/UnityUser.php @@ -105,7 +105,7 @@ public function init($send_mail = true) $orgEntry->init(); } - if (!$orgEntry->inOrg($this->uid)) { + if (!$orgEntry->userExists($this)) { $orgEntry->addUser($this); } @@ -139,7 +139,7 @@ public function init($send_mail = true) * * @return ldapEntry posix account */ - public function getLDAPUser() + public function getLDAPUser(): LdapEntry { return $this->LDAP->getUserEntry($this->uid); } @@ -149,7 +149,7 @@ public function getLDAPUser() * * @return ldapEntry posix group */ - public function getLDAPGroup() + public function getLDAPGroup(): LdapEntry { return $this->LDAP->getGroupEntry($this->uid); } @@ -562,6 +562,7 @@ public function getHomeDir($ignorecache = false) public function isAdmin() { $admins = $this->LDAP->getAdminGroup()->getAttribute("memberuid"); + $admins = (is_null($admins) ? [] : $admins); return in_array($this->uid, $admins); }