Skip to content

handle null memberuid, refactor #149

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Open
wants to merge 10 commits into
base: main
Choose a base branch
from
+59 −84
Open

handle null memberuid, refactor #149

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
10 commits
Select commit Hold shift + click to select a range
d387b93
edge case empty admins group
simonLeary42 Apr 7, 2025
da9ec82
handle null memberuid, refactor
simonLeary42 Apr 7, 2025
5660028
undo member func rename
simonLeary42 Apr 7, 2025
fa2b356
fix var name
simonLeary42 Apr 7, 2025
80195a0
delete old reference
simonLeary42 Apr 7, 2025
58dc0c9
preserve func order
simonLeary42 Apr 7, 2025
3a8115f
missing argument
simonLeary42 Apr 7, 2025
04beab3
fix capitalization
simonLeary42 Apr 7, 2025
5681bef
use null coalescing operator
simonLeary42 Apr 8, 2025
5510ec6
use null coalescing operator
simonLeary42 Apr 8, 2025
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
70 changes: 25 additions & 45 deletions resources/lib/UnityGroup.php
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -3,6 +3,7 @@
namespace UnityWebPortal\lib;

use Exception;
use PHPOpenLDAPer\LdapEntry;

/**
* Class that represents a single PI group in the Unity Cluster.
Expand Down Expand Up @@ -64,7 +65,7 @@ public function getPIUID()
*/
public function exists()
{
return $this->getLDAPPiGroup()->exists();
return $this->GetLDAPEntry()->exists();
}

//
Expand Down Expand Up @@ -216,7 +217,7 @@ public function removeGroup($send_mail = true)
$users = $this->getGroupMembers();

// now we delete the ldap entry
$ldapPiGroupEntry = $this->getLDAPPiGroup();
$ldapPiGroupEntry = $this->GetLDAPEntry();
if ($ldapPiGroupEntry->exists()) {
if (!$ldapPiGroupEntry->delete()) {
throw new Exception("Unable to delete PI ldap group");
Expand Down Expand Up @@ -409,49 +410,27 @@ public function getRequests()

public function getGroupMembers($ignorecache = false)
{
if (!$ignorecache) {
$cached_val = $this->REDIS->getCache($this->getPIUID(), "members");
if (!is_null($cached_val)) {
$members = $cached_val;
}
}

$updatecache = false;
if (!isset($members)) {
$pi_group = $this->getLDAPPiGroup();
$members = $pi_group->getAttribute("memberuid");
$updatecache = true;
}

$memberuids = $this->getGroupMemberUIDs($ignorecache);
$out = array();
$cache_arr = array();
$owner_uid = $this->getOwner()->getUID();
foreach ($members as $member) {
$user_obj = new UnityUser(
$member,
$this->LDAP,
$this->SQL,
$this->MAILER,
$this->REDIS,
$this->WEBHOOK
);
array_push($out, $user_obj);
array_push($cache_arr, $user_obj->getUID());
foreach ($memberuids as $uid) {
$user_obj = new UnityUser($uid, $this->LDAP, $this->SQL, $this->MAILER, $this->REDIS, $this->WEBHOOK);
array_push($out, $user_obj);
}

if (!$ignorecache && $updatecache) {
sort($cache_arr);
$this->REDIS->setCache($this->getPIUID(), "members", $cache_arr);
}

return $out;
}

public function getGroupMemberUIDs()
public function getGroupMemberUIDs($ignorecache = false): array
{
$pi_group = $this->getLDAPPiGroup();
$members = $pi_group->getAttribute("memberuid");

if (!$ignorecache) {
$cached_val = $this->REDIS->getCache($this->getPIUID(), "members");
if (!is_null($cached_val)) {
return $cached_val;
}
}
$entry = $this->getLDAPEntry();
$members = $entry->getAttribute("memberuid") ?? [];
sort($members);
$this->REDIS->setCache($this->getPIUID(), "members", $members);
return $members;
}

Expand Down Expand Up @@ -479,7 +458,7 @@ private function init()
$owner = $this->getOwner();

// (1) Create LDAP PI group
$ldapPiGroupEntry = $this->getLDAPPiGroup();
$ldapPiGroupEntry = $this->GetLDAPEntry();

if (!$ldapPiGroupEntry->exists()) {
$nextGID = $this->LDAP->getNextPiGIDNumber($this->SQL);
Expand All @@ -501,7 +480,7 @@ private function init()
private function addUserToGroup($new_user)
{
// Add to LDAP Group
$pi_group = $this->getLDAPPiGroup();
$pi_group = $this->GetLDAPEntry();
$pi_group->appendAttribute("memberuid", $new_user->getUID());

if (!$pi_group->write()) {
Expand All @@ -515,7 +494,7 @@ private function addUserToGroup($new_user)
private function removeUserFromGroup($old_user)
{
// Remove from LDAP Group
$pi_group = $this->getLDAPPiGroup();
$pi_group = $this->GetLDAPEntry();
$pi_group->removeAttributeEntryByValue("memberuid", $old_user->getUID());

if (!$pi_group->write()) {
Expand All @@ -526,9 +505,10 @@ private function removeUserFromGroup($old_user)
$this->REDIS->removeCacheArray($old_user->getUID(), "groups", $this->getPIUID());
}

public function userExists($user)
public function userExists(UnityUser $user, $ignorecache = false): bool
{
return in_array($user->getUID(), $this->getGroupMemberUIDs());
$members = $this->getGroupMemberUIDs($ignorecache);
return in_array($user->getUID(), $members);
}

private function addRequest($uid)
Expand Down Expand Up @@ -557,7 +537,7 @@ public function getOwner()
);
}

public function getLDAPPiGroup()
public function getLDAPEntry(): LdapEntry
{
return $this->LDAP->getPIGroupEntry($this->pi_uid);
}
Expand Down
66 changes: 30 additions & 36 deletions resources/lib/UnityOrg.php
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -3,6 +3,7 @@
namespace UnityWebPortal\lib;

use Exception;
use PHPOpenLDAPer\LdapEntry;

class UnityOrg
{
Expand All @@ -27,15 +28,15 @@ public function __construct($orgid, $LDAP, $SQL, $MAILER, $REDIS, $WEBHOOK)

public function init()
{
$org_group = $this->getLDAPOrgGroup();
$entry = $this->getLDAPEntry();

if (!$org_group->exists()) {
if (!$entry->exists()) {
$nextGID = $this->LDAP->getNextOrgGIDNumber($this->SQL);

$org_group->setAttribute("objectclass", UnityLDAP::POSIX_GROUP_CLASS);
$org_group->setAttribute("gidnumber", strval($nextGID));
$entry->setAttribute("objectclass", UnityLDAP::POSIX_GROUP_CLASS);
$entry->setAttribute("gidnumber", strval($nextGID));

if (!$org_group->write()) {
if (!$entry->write()) {
throw new Exception("Failed to create POSIX group for " . $this->orgid); // this shouldn't execute
}
}
Expand All @@ -45,10 +46,10 @@ public function init()

public function exists()
{
return $this->getLDAPOrgGroup()->exists();
return $this->getLDAPEntry()->exists();
}

public function getLDAPOrgGroup()
public function getLDAPEntry(): LdapEntry
{
return $this->LDAP->getOrgGroupEntry($this->orgid);
}
Expand All @@ -58,51 +59,44 @@ public function getOrgID()
return $this->orgid;
}

public function inOrg($user)
public function userExists(UnityUser $user, $ignorecache = false): bool
{
$org_group = $this->getLDAPOrgGroup();
$members = $org_group->getAttribute("memberuid");
return in_array($user, $members);
$members = $this->getOrgMemberUIDs($ignorecache);
return in_array($user->getUID(), $members);
}

public function getOrgMembers($ignorecache = false)
public function getOrgMemberUIDs($ignorecache = false): array
{
if (!$ignorecache) {
$cached_val = $this->REDIS->getCache($this->getOrgID(), "members");
if (!is_null($cached_val)) {
$members = $cached_val;
return $cached_val;
}
}
$entry = $this->getLDAPEntry();
$members = $entry->getAttribute("memberuid") ?? [];
sort($members);
$this->REDIS->setCache($this->getOrgID(), "members", $members);
return $members;
}

$updatecache = false;
if (!isset($members)) {
$org_group = $this->getLDAPOrgGroup();
$members = $org_group->getAttribute("memberuid");
$updatecache = true;
}

public function getOrgMembers($ignorecache = false)
{
$memberuids = $this->getOrgMemberUIDs($ignorecache);
$out = array();
$cache_arr = array();
foreach ($members as $member) {
$user_obj = new UnityUser($member, $this->LDAP, $this->SQL, $this->MAILER, $this->REDIS, $this->WEBHOOK);
foreach ($memberuids as $uid) {
$user_obj = new UnityUser($uid, $this->LDAP, $this->SQL, $this->MAILER, $this->REDIS, $this->WEBHOOK);
array_push($out, $user_obj);
array_push($cache_arr, $user_obj->getUID());
}

if (!$ignorecache && $updatecache) {
sort($cache_arr);
$this->REDIS->setCache($this->getOrgID(), "members", $cache_arr);
}

return $out;
}

public function addUser($user)
{
$org_group = $this->getLDAPOrgGroup();
$org_group->appendAttribute("memberuid", $user->getUID());
$entry = $this->getLDAPEntry();
$entry->appendAttribute("memberuid", $user->getUID());

if (!$org_group->write()) {
if (!$entry->write()) {
throw new Exception("Unable to write to org group");
}

Expand All @@ -111,10 +105,10 @@ public function addUser($user)

public function removeUser($user)
{
$org_group = $this->getLDAPOrgGroup();
$org_group->removeAttributeEntryByValue("memberuid", $user->getUID());
$entry = $this->getLDAPEntry();
$entry->removeAttributeEntryByValue("memberuid", $user->getUID());

if (!$org_group->write()) {
if (!$entry->write()) {
throw new Exception("Unable to write to org group");
}

Expand Down
7 changes: 4 additions & 3 deletions resources/lib/UnityUser.php
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -105,7 +105,7 @@ public function init($send_mail = true)
$orgEntry->init();
}

if (!$orgEntry->inOrg($this->uid)) {
if (!$orgEntry->userExists($this)) {
$orgEntry->addUser($this);
}

Expand Down Expand Up @@ -139,7 +139,7 @@ public function init($send_mail = true)
*
* @return ldapEntry posix account
*/
public function getLDAPUser()
public function getLDAPUser(): LdapEntry
{
return $this->LDAP->getUserEntry($this->uid);
}
Expand All @@ -149,7 +149,7 @@ public function getLDAPUser()
*
* @return ldapEntry posix group
*/
public function getLDAPGroup()
public function getLDAPGroup(): LdapEntry
{
return $this->LDAP->getGroupEntry($this->uid);
}
Expand Down Expand Up @@ -562,6 +562,7 @@ public function getHomeDir($ignorecache = false)
public function isAdmin()
{
$admins = $this->LDAP->getAdminGroup()->getAttribute("memberuid");
$admins = (is_null($admins) ? [] : $admins);
return in_array($this->uid, $admins);
}

Expand Down
Loading