Removed tight coupling of group membership expansion and LDAPSource.

Any implementation of SOGoSource may now support group expansion by implementing the protocol MembershipAwareSource.
pull/263/head
Johannes Kanefendt 2019-11-26 15:29:02 +01:00
parent 856b0654ab
commit 2e98929900
15 changed files with 255 additions and 569 deletions

View File

@ -59,6 +59,7 @@
#import <SOGo/SOGoWebDAVValue.h>
#import <SOGo/WORequest+SOGo.h>
#import <SOGo/WOResponse+SOGo.h>
#import <SOGo/SOGoSource.h>
#import "iCalCalendar+SOGo.h"
#import "iCalRepeatableEntityObject+SOGo.h"
@ -70,7 +71,6 @@
#import "SOGoTaskObject.h"
#import "SOGoWebAppointmentFolder.h"
#define defaultColor @"#AAAAAA"
@interface SOGoGCSFolder (SOGoPrivate)
@ -437,19 +437,22 @@ static Class iCalEventK = nil;
if (rc)
{
#warning Duplicated code from SOGoGCSFolder subscribeUserOrGroup
dict = [[SOGoUserManager sharedUserManager] contactInfosForUserWithUIDorEmail: theIdentifier];
if ([[dict objectForKey: @"isGroup"] boolValue])
if (dict && [[dict objectForKey: @"isGroup"] boolValue])
{
SOGoGroup *aGroup;
id <SOGoSource> source;
aGroup = [SOGoGroup groupWithIdentifier: theIdentifier
inDomain: [[context activeUser] domain]];
allUsers = [NSMutableArray arrayWithArray: [aGroup members]];
source = [[SOGoUserManager sharedUserManager] sourceWithID: [dict objectForKey: @"SOGoSource"]];
if ([source conformsToProtocol:@protocol(MembershipAwareSource)])
{
allUsers = [NSMutableArray arrayWithArray: [(id<MembershipAwareSource>)(source) membersForGroupWithUID: [dict objectForKey: @"c_uid"]]];
// We remove the active user from the group (if present) in order to
// not subscribe him to their own resource!
[allUsers removeObject: [context activeUser]];
// We remove the active user from the group (if present) in order to
// not subscribe him to their own resource!
[allUsers removeObject: [context activeUser]];
}
}
else
{

View File

@ -47,7 +47,7 @@
#import <SOGo/NSObject+DAV.h>
#import <SOGo/NSString+Utilities.h>
#import <SOGo/SOGoDateFormatter.h>
#import <SOGo/SOGoGroup.h>
#import <SOGo/SOGoUserManager.h>
#import <SOGo/SOGoUser.h>
#import <SOGo/SOGoUserSettings.h>
#import <SOGo/SOGoDomainDefaults.h>
@ -1670,10 +1670,13 @@ inRecurrenceExceptionsForEvent: (iCalEvent *) theEvent
if ([event isAttendee: [[delegate email] rfc822Email]])
ex = [NSException exceptionWithHTTPStatus: 409
reason: @"delegate is a participant"];
else if ([SOGoGroup groupWithEmail: [[delegate email] rfc822Email]
inDomain: [ownerUser domain]])
ex = [NSException exceptionWithHTTPStatus: 409
reason: @"delegate is a group"];
else {
NSDictionary *dict;
dict = [[SOGoUserManager sharedUserManager] contactInfosForUserWithUIDorEmail: [[delegate email] rfc822Email]];
if (dict && [[dict objectForKey: @"isGroup"] boolValue])
ex = [NSException exceptionWithHTTPStatus: 409
reason: @"delegate is a group"];
}
}
if (ex == nil)
{

View File

@ -46,7 +46,7 @@
#import <SOGo/NSString+Utilities.h>
#import <SOGo/SOGoBuild.h>
#import <SOGo/SOGoMailer.h>
#import <SOGo/SOGoGroup.h>
#import <SOGo/SOGoSource.h>
#import <SOGo/SOGoPermissions.h>
#import <SOGo/SOGoUser.h>
#import <SOGo/SOGoUserSettings.h>
@ -525,7 +525,7 @@
iCalPerson *currentAttendee;
NSEnumerator *enumerator;
NSAutoreleasePool *pool;
SOGoGroup *group;
NSDictionary *dict;
BOOL eventWasModified;
unsigned int i, j;
@ -549,37 +549,42 @@
pool = [[NSAutoreleasePool alloc] init];
}
group = [SOGoGroup groupWithEmail: [currentAttendee rfc822Email]
inDomain: domain];
if (group)
{
dict = [[SOGoUserManager sharedUserManager] contactInfosForUserWithUIDorEmail: [currentAttendee rfc822Email]];
if (dict && [[dict objectForKey: @"isGroup"] boolValue])
{
iCalPerson *person;
NSArray *members;
SOGoUser *user;
id <SOGoSource> source;
// We did decompose a group...
[allAttendees removeObject: currentAttendee];
members = [group members];
for (i = 0; i < [members count]; i++)
{
user = [members objectAtIndex: i];
eventWasModified = YES;
source = [[SOGoUserManager sharedUserManager] sourceWithID: [dict objectForKey: @"SOGoSource"]];
if ([source conformsToProtocol:@protocol(MembershipAwareSource)])
{
members = [(id<MembershipAwareSource>)(source) membersForGroupWithUID: [dict objectForKey: @"c_uid"]];
for (i = 0; i < [members count]; i++)
{
user = [members objectAtIndex: i];
eventWasModified = YES;
// If the organizer is part of the group, we skip it from
// the addition to the attendees' list
if ([user hasEmail: organizerEmail])
continue;
person = [self iCalPersonWithUID: [user login]];
[person setTag: @"ATTENDEE"];
[person setParticipationStatus: [currentAttendee participationStatus]];
[person setRsvp: [currentAttendee rsvp]];
[person setRole: [currentAttendee role]];
if (![allAttendees containsObject: person])
[allAttendees addObject: person];
}
// If the organizer is part of the group, we skip it from
// the addition to the attendees' list
if ([user hasEmail: organizerEmail])
continue;
person = [self iCalPersonWithUID: [user login]];
[person setTag: @"ATTENDEE"];
[person setParticipationStatus: [currentAttendee participationStatus]];
[person setRsvp: [currentAttendee rsvp]];
[person setRole: [currentAttendee role]];
if (![allAttendees containsObject: person])
[allAttendees addObject: person];
}
}
}
j++;

View File

@ -58,7 +58,6 @@
#import <SOGo/NSObject+DAV.h>
#import <SOGo/SOGoPermissions.h>
#import <SOGo/SOGoSystemDefaults.h>
#import <SOGo/SOGoGroup.h>
#import <SOGo/SOGoUser.h>
#import <SOGo/SOGoUserFolder.h>
#import <SOGo/SOGoUserManager.h>
@ -1425,15 +1424,15 @@ _compareFetchResultsByMODSEQ (id entry1, id entry2, void *data)
- (NSString *) _sogoACLUIDToIMAPUID: (NSString *) uid
{
SOGoGroup *group;
NSDictionary *dict;
SOGoUser *user;
if ([uid isEqualToString: defaultUserID])
return uid;
group = [SOGoGroup groupWithIdentifier: uid
inDomain: [[context activeUser] domain]];
if (group)
dict = [[SOGoUserManager sharedUserManager] contactInfosForUserWithUIDorEmail: uid];
if (dict && [[dict objectForKey: @"isGroup"] boolValue])
return [[[[context activeUser] domainDefaults] imapAclGroupIdPrefix]
stringByAppendingString: uid];

View File

@ -75,7 +75,6 @@ SOGo_HEADER_FILES = \
SOGoWebDAVAclManager.h \
SOGoWebDAVValue.h \
SOGoMailer.h \
SOGoGroup.h \
SOGoUser.h \
\
CardElement+SOGo.h \
@ -155,7 +154,6 @@ SOGo_OBJC_FILES = \
SOGoWebDAVAclManager.m \
SOGoWebDAVValue.m \
SOGoMailer.m \
SOGoGroup.m \
SOGoUser.m \
\
CardElement+SOGo.m \

View File

@ -30,7 +30,7 @@
@class NSMutableDictionary;
@class NSString;
@interface LDAPSource : NSObject <SOGoDNSource>
@interface LDAPSource : NSObject <SOGoDNSource, MembershipAwareSource>
{
int _queryLimit;
int _queryTimeout;

View File

@ -34,6 +34,7 @@
#import "NSString+Crypto.h"
#import "SOGoCache.h"
#import "SOGoSystemDefaults.h"
#import "SOGoUserManager.h"
#import "LDAPSource.h"
@ -1990,4 +1991,138 @@ _makeLDAPChanges (NGLdapConnection *ldapConnection,
}
}
#define CHECK_CLASS(o) ({ \
if ([o isKindOfClass: [NSString class]]) \
o = [NSArray arrayWithObject: o]; \
})
- (NSArray *) membersForGroupWithUID: (NSString *) uid
{
NSMutableArray *dns, *uids, *logins;
NSString *dn, *login;
SOGoUserManager *um;
NSDictionary *d;
SOGoUser *user;
NSArray *o;
NSAutoreleasePool *pool;
int i, c;
NGLdapEntry *entry;
NSMutableArray *members = nil;
if ([uid hasPrefix: @"@"])
uid = [uid substringFromIndex: 1];
entry = [self lookupGroupEntryByUID: uid inDomain: nil];
if (entry)
{
members = [NSMutableArray new];
uids = [NSMutableArray array];
dns = [NSMutableArray array];
logins = [NSMutableArray array];
// We check if it's a static group
// Fetch "members" - we get DNs
d = [entry asDictionary];
o = [d objectForKey: @"member"];
CHECK_CLASS(o);
if (o) [dns addObjectsFromArray: o];
// Fetch "uniqueMembers" - we get DNs
o = [d objectForKey: @"uniquemember"];
CHECK_CLASS(o);
if (o) [dns addObjectsFromArray: o];
// Fetch "memberUid" - we get UID (like login names)
o = [d objectForKey: @"memberuid"];
CHECK_CLASS(o);
if (o) [uids addObjectsFromArray: o];
c = [dns count] + [uids count];
// We deal with a static group, let's add the members
if (c)
{
um = [SOGoUserManager sharedUserManager];
// We add members for whom we have their associated DN
for (i = 0; i < [dns count]; i++)
{
pool = [NSAutoreleasePool new];
dn = [dns objectAtIndex: i];
login = [um getLoginForDN: [dn lowercaseString]];
user = [SOGoUser userWithLogin: login roles: nil];
if (user)
{
[logins addObject: login];
[members addObject: user];
}
[pool release];
}
// We add members for whom we have their associated login name
for (i = 0; i < [uids count]; i++)
{
pool = [NSAutoreleasePool new];
login = [uids objectAtIndex: i];
user = [SOGoUser userWithLogin: login roles: nil];
if (user)
{
[logins addObject: [user loginInDomain]];
[members addObject: user];
}
[pool release];
}
// We are done fetching members, let's cache the members of the group
// (ie., their UIDs) in memcached to speed up -hasMemberWithUID.
[[SOGoCache sharedCache] setValue: [logins componentsJoinedByString: @","]
forKey: [NSString stringWithFormat: @"%@+%@", uid, _domain]];
}
else
{
// We deal with a dynamic group, let's search all users for whom
// memberOf is equal to our group's DN.
// We also need to look for labelelURI?
}
}
return members;
}
//
//
//
- (BOOL) groupWithUIDHasMemberWithUID: (NSString *) uid
memberUid: (NSString *) memberUid
{
BOOL rc;
NSString *key, *value;;
NSArray *a;
rc = NO;
if ([uid hasPrefix: @"@"])
uid = [uid substringFromIndex: 1];
key = [NSString stringWithFormat: @"%@+%@", uid, _domain];
value = [[SOGoCache sharedCache] valueForKey: key];
// If the value isn't in memcached, that probably means -members was never called.
// We call it only once here.
if (!value)
{
[self membersForGroupWithUID: uid];
value = [[SOGoCache sharedCache] valueForKey: key];
}
a = [value componentsSeparatedByString: @","];
rc = [a containsObject: memberUid];
return rc;
}
@end

View File

@ -31,7 +31,6 @@
@class NGImap4Connection;
@class SOGoGroup;
@class SOGoObject;
@class SOGoUser;
@class SOGoUserDefaults;
@ -67,13 +66,6 @@
withName: (NSString *) userName;
- (id) userNamed: (NSString *) name;
- (void) registerGroup: (SOGoGroup *) group
withName: (NSString *) groupName
inDomain: (NSString *) domainName;
- (id) groupNamed: (NSString *) groupName
inDomain: (NSString *) domainName;
- (void) registerIMAP4Connection: (NGImap4Connection *) connection
forKey: (NSString *) key;
- (NGImap4Connection *) imap4ConnectionForKey: (NSString *) key;

View File

@ -260,22 +260,6 @@ static memcached_st *handle = NULL;
return [users objectForKey: name];
}
- (void) registerGroup: (SOGoGroup *) group
withName: (NSString *) groupName
inDomain: (NSString *) domainName
{
if (group)
[groups setObject: group forKey: [NSString stringWithFormat: @"%@+%@", groupName, domainName]];
}
- (id) groupNamed: (NSString *) groupName
inDomain: (NSString *) domainName
{
return [groups objectForKey: [NSString stringWithFormat: @"%@+%@", groupName, domainName]];
}
- (void) registerIMAP4Connection: (NGImap4Connection *) connection
forKey: (NSString *) key
{

View File

@ -49,7 +49,7 @@
#import "SOGoCache.h"
#import "SOGoContentObject.h"
#import "SOGoDomainDefaults.h"
#import "SOGoGroup.h"
#import "SOGoSource.h"
#import "SOGoParentFolder.h"
#import "SOGoPermissions.h"
#import "SOGoUser.h"
@ -933,17 +933,19 @@ static NSArray *childRecordFields = nil;
dict = [[SOGoUserManager sharedUserManager] contactInfosForUserWithUIDorEmail: theIdentifier];
if ([[dict objectForKey: @"isGroup"] boolValue])
if (dict && [[dict objectForKey: @"isGroup"] boolValue])
{
SOGoGroup *aGroup;
id <SOGoSource> source;
aGroup = [SOGoGroup groupWithIdentifier: theIdentifier
inDomain: [[context activeUser] domain]];
allUsers = [NSMutableArray arrayWithArray: [aGroup members]];
source = [[SOGoUserManager sharedUserManager] sourceWithID: [dict objectForKey: @"SOGoSource"]];
if ([source conformsToProtocol:@protocol(MembershipAwareSource)])
{
allUsers = [NSMutableArray arrayWithArray: [(id<MembershipAwareSource>)(source) membersForGroupWithUID: [dict objectForKey: @"c_uid"]]];
// We remove the active user from the group (if present) in order to
// not subscribe him to their own resource!
[allUsers removeObject: [context activeUser]];
// We remove the active user from the group (if present) in order to
// not subscribe him to their own resource!
[allUsers removeObject: [context activeUser]];
}
}
else
{
@ -1622,13 +1624,10 @@ static NSArray *childRecordFields = nil;
{
int count, max;
NSDictionary *record;
NSString *currentUID, *domain;
SOGoGroup *group;
NSString *currentUID;
NSMutableArray *acls;
acls = [NSMutableArray array];
#warning should it be the domain of the ownerUser instead?
domain = [[context activeUser] domain];
max = [records count];
for (count = 0; count < max; count++)
@ -1637,17 +1636,14 @@ static NSArray *childRecordFields = nil;
currentUID = [record valueForKey: @"c_uid"];
if ([currentUID hasPrefix: @"@"])
{
group = [[SOGoCache sharedCache] groupNamed: currentUID inDomain: domain];
if (!group)
{
group = [SOGoGroup groupWithIdentifier: currentUID
inDomain: domain];
[[SOGoCache sharedCache] registerGroup: group withName: currentUID inDomain: domain];
}
if (group && [group hasMemberWithUID: uid])
[acls addObject: [record valueForKey: @"c_role"]];
NSString *dict = [[SOGoUserManager sharedUserManager] contactInfosForUserWithUIDorEmail: currentUID];
if (dict)
{
id <SOGoSource> source = [[SOGoUserManager sharedUserManager] sourceWithID: [dict objectForKey: @"SOGoSource"]];
if ([source conformsToProtocol:@protocol(MembershipAwareSource)] &&
[(id<MembershipAwareSource>)(source) groupWithUIDHasMemberWithUID: currentUID memberUid: uid])
[acls addObject: [record valueForKey: @"c_role"]];
}
}
}
@ -1754,39 +1750,45 @@ static NSArray *childRecordFields = nil;
forObjectAtPath: (NSArray *) objectPathArray
{
EOQualifier *qualifier;
NSString *uid, *uids, *qs, *objectPath, *domain;
NSString *uid, *uids, *qs, *objectPath;
NSMutableArray *usersAndGroups, *groupsMembers;
NSMutableDictionary *aclsForObject;
SOGoGroup *group;
unsigned int i;
if ([users count] > 0)
{
domain = [[context activeUser] domain];
usersAndGroups = [NSMutableArray arrayWithArray: users];
groupsMembers = [NSMutableArray array];
for (i = 0; i < [usersAndGroups count]; i++)
{
NSDictionary *dict;
uid = [usersAndGroups objectAtIndex: i];
group = [SOGoGroup groupWithIdentifier: uid inDomain: domain];
if (group)
dict = [[SOGoUserManager sharedUserManager] contactInfosForUserWithUIDorEmail: uid];
if (dict && [[dict objectForKey: @"isGroup"] boolValue])
{
NSArray *members;
SOGoUser *user;
unsigned int j;
// Fetch members to remove them from the cache along the group
members = [group members];
for (j = 0; j < [members count]; j++)
id <SOGoSource> source;
source = [[SOGoUserManager sharedUserManager] sourceWithID: [dict objectForKey: @"SOGoSource"]];
if ([source conformsToProtocol:@protocol(MembershipAwareSource)])
{
user = [members objectAtIndex: j];
[groupsMembers addObject: [user login]];
}
NSArray *members;
SOGoUser *user;
unsigned int j;
if (![uid hasPrefix: @"@"])
// Prefix the UID with the character "@" when dealing with a group
[usersAndGroups replaceObjectAtIndex: i
withObject: [NSString stringWithFormat: @"@%@", uid]];
// Fetch members to remove them from the cache along the group
members = [(id<MembershipAwareSource>)(source) membersForGroupWithUID: uid];
for (j = 0; j < [members count]; j++)
{
user = [members objectAtIndex: j];
[groupsMembers addObject: [user login]];
}
if (![uid hasPrefix: @"@"])
// Prefix the UID with the character "@" when dealing with a group
[usersAndGroups replaceObjectAtIndex: i
withObject: [NSString stringWithFormat: @"@%@", uid]];
}
}
}
objectPath = [objectPathArray componentsJoinedByString: @"/"];
@ -1846,9 +1848,8 @@ static NSArray *childRecordFields = nil;
forUser: (NSString *) uid
forObjectAtPath: (NSArray *) objectPathArray
{
NSString *objectPath, *aUID, *domain;
NSString *objectPath, *aUID;
NSMutableArray *newRoles;
SOGoGroup *group;
objectPath = [objectPathArray componentsJoinedByString: @"/"];
@ -1858,10 +1859,9 @@ static NSArray *childRecordFields = nil;
aUID = uid;
if (![uid hasPrefix: @"@"])
{
// Prefix the UID with the character "@" when dealing with a group
domain = [[context activeUser] domain];
group = [SOGoGroup groupWithIdentifier: uid inDomain: domain];
if (group)
NSDictionary *dict;
dict = [[SOGoUserManager sharedUserManager] contactInfosForUserWithUIDorEmail: uid];
if ([[dict objectForKey: @"isGroup"] boolValue])
{
aUID = [NSString stringWithFormat: @"@%@", uid];
// Remove all roles when defining ACLs for a group

View File

@ -1,60 +0,0 @@
/* SOGoGroup.h - this file is part of SOGo
*
* Copyright (C) 2009-2012 Inverse inc.
*
* Author: Ludovic Marcotte <lmarcotte@inverse.ca>
*
* This file is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2, or (at your option)
* any later version.
*
* This file is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program; see the file COPYING. If not, write to
* the Free Software Foundation, Inc., 59 Temple Place - Suite 330,
* Boston, MA 02111-1307, USA.
*/
#ifndef __SOGOGROUP_H__
#define __SOGOGROUP_H__
#import <Foundation/NSObject.h>
@class LDAPSource;
@class NSArray;
@class NSMutableArray;
@class NSString;
@class NGLdapEntry;
@protocol SOGoSource;
@interface SOGoGroup : NSObject
{
@private
NSString *_identifier;
NSString *_domain;
NGLdapEntry *_entry;
NSObject <SOGoSource> *_source;
NSMutableArray *_members;
}
+ (id) groupWithIdentifier: (NSString *) theID
inDomain: (NSString *) domain;
+ (id) groupWithEmail: (NSString *) theEmail
inDomain: (NSString *) domain;
+ (id) groupWithValue: (NSString *) theValue
andSourceSelector: (SEL) theSelector
inDomain: (NSString *) domain;
- (NSArray *) members;
- (BOOL) hasMemberWithUID: (NSString *) memberUID;
@end
#endif // __SOGOGROUP_H__

View File

@ -1,370 +0,0 @@
/* SOGoGroup.m - this file is part of SOGo
*
* Copyright (C) 2009-2014 Inverse inc.
*
* This file is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2, or (at your option)
* any later version.
*
* This file is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program; see the file COPYING. If not, write to
* the Free Software Foundation, Inc., 59 Temple Place - Suite 330,
* Boston, MA 02111-1307, USA.
*/
/*
Here are some group samples:
[ POSIX group ]
dn: cn=it-staff,ou=Group,dc=zzz,dc=xxx,dc=yyy
objectClass: posixGroup
objectClass: top
cn: it-staff
userPassword: {crypt}x
gidNumber: 8000
memberUid: lsa
memberUid: mrm
memberUid: ij
memberUid: no
memberUid: ld
memberUid: db
memberUid: rgl
memberUid: ja
memberUid: hbt
memberUid: hossein
dn: cn=inverse,ou=groups,dc=inverse,dc=ca
objectClass: groupOfUniqueNames
objectClass: top
objectClass: extensibleObject
uniqueMember: uid=flachapelle,ou=users,dc=inverse,dc=ca
uniqueMember: uid=lmarcotte,ou=users,dc=inverse,dc=ca
uniqueMember: uid=wsourdeau,ou=users,dc=inverse,dc=ca
cn: inverse
mail: inverse@inverse.ca
*/
#include "SOGoGroup.h"
#include "SOGoCache.h"
#include "SOGoSource.h"
#include "SOGoSystemDefaults.h"
#include "SOGoUserManager.h"
#include "SOGoUser.h"
#import <NGLdap/NGLdapEntry.h>
#define CHECK_CLASS(o) ({ \
if ([o isKindOfClass: [NSString class]]) \
o = [NSArray arrayWithObject: o]; \
})
@implementation SOGoGroup
- (id) initWithIdentifier: (NSString *) theID
domain: (NSString *) theDomain
source: (NSObject <SOGoSource> *) theSource
entry: (NGLdapEntry *) theEntry
{
self = [super init];
if (self)
{
ASSIGN(_identifier, theID);
ASSIGN(_domain, theDomain);
ASSIGN(_source, theSource);
ASSIGN(_entry, theEntry);
_members = nil;
}
return self;
}
- (void) dealloc
{
RELEASE(_identifier);
RELEASE(_domain);
RELEASE(_source);
RELEASE(_entry);
RELEASE(_members);
[super dealloc];
}
+ (id) groupWithIdentifier: (NSString *) theID
inDomain: (NSString *) domain
{
NSRange r;
NSString *uid, *inDomain;
SOGoSystemDefaults *sd;
uid = [theID hasPrefix: @"@"] ? [theID substringFromIndex: 1] : theID;
inDomain = domain;
sd = [SOGoSystemDefaults sharedSystemDefaults];
if ([sd enableDomainBasedUID])
{
/* Split domain from uid */
r = [uid rangeOfString: @"@" options: NSBackwardsSearch];
if (r.location != NSNotFound)
{
if (!domain)
inDomain = [uid substringFromIndex: r.location + 1];
uid = [uid substringToIndex: r.location];
}
}
return [SOGoGroup groupWithValue: uid
andSourceSelector: @selector (lookupGroupEntryByUID:inDomain:)
inDomain: inDomain];
}
+ (id) groupWithEmail: (NSString *) theEmail
inDomain: (NSString *) domain
{
return [SOGoGroup groupWithValue: theEmail
andSourceSelector: @selector (lookupGroupEntryByEmail:inDomain:)
inDomain: domain];
}
//
// Returns nil if theValue doesn't match to a group
// (so its objectClass isn't a group)
//
+ (id) groupWithValue: (NSString *) theValue
andSourceSelector: (SEL) theSelector
inDomain: (NSString *) domain
{
NSArray *allSources;
NGLdapEntry *entry;
NSObject <SOGoSource, SOGoDNSource> *source;
id o;
NSEnumerator *gclasses;
NSString *gclass;
int i;
// Don't bother looking in all sources if the
// supplied value is nil.
if (!theValue)
return nil;
allSources = [[SOGoUserManager sharedUserManager]
sourceIDsInDomain: domain];
entry = nil;
o = nil;
for (i = 0; i < [allSources count]; i++)
{
source = (NSObject <SOGoSource, SOGoDNSource> *) [[SOGoUserManager sharedUserManager] sourceWithID: [allSources objectAtIndex: i]];
// Our different sources might not all implements groups support
if ([source respondsToSelector: theSelector])
entry = [source performSelector: theSelector
withObject: theValue
withObject: domain];
if (entry)
break;
entry = nil;
}
if (entry)
{
NSArray *classes;
// We check to see if it's a group
classes = [[entry asDictionary] objectForKey: @"objectclass"];
if (classes)
{
/* LDAP records returned as dictionaries may contain NSString or
NSArray values, depending on whether the amount of values
assigned to a key is 1 or more. Since this can occur with
"objectclass" too, we need to check whether "classes" is actually
an NSString instance... */
if ([classes isKindOfClass: [NSString class]])
classes = [NSArray arrayWithObject:
[(NSString *) classes lowercaseString]];
else
{
int i, c;
classes = [NSMutableArray arrayWithArray: classes];
c = [classes count];
for (i = 0; i < c; i++)
[(id)classes replaceObjectAtIndex: i
withObject: [[classes objectAtIndex: i] lowercaseString]];
}
}
gclasses = [[source groupObjectClasses] objectEnumerator];
while ((gclass = [gclasses nextObject]))
if ([classes containsObject: gclass])
{
// Found a group, let's return it.
o = [[self alloc] initWithIdentifier: theValue
domain: domain
source: source
entry: entry];
AUTORELEASE(o);
}
}
return o;
}
//
// This method actually try to obtain all members
// from either dynamic of static groups.
//
- (NSArray *) members
{
NSMutableArray *dns, *uids, *logins;
NSString *dn, *login;
SOGoUserManager *um;
NSDictionary *d;
SOGoUser *user;
NSArray *o;
NSAutoreleasePool *pool;
int i, c;
if (!_members)
{
_members = [NSMutableArray new];
uids = [NSMutableArray array];
dns = [NSMutableArray array];
logins = [NSMutableArray array];
// We check if it's a static group
// Fetch "members" - we get DNs
d = [_entry asDictionary];
o = [d objectForKey: @"member"];
CHECK_CLASS(o);
if (o) [dns addObjectsFromArray: o];
// Fetch "uniqueMembers" - we get DNs
o = [d objectForKey: @"uniquemember"];
CHECK_CLASS(o);
if (o) [dns addObjectsFromArray: o];
// Fetch "memberUid" - we get UID (like login names)
o = [d objectForKey: @"memberuid"];
CHECK_CLASS(o);
if (o) [uids addObjectsFromArray: o];
c = [dns count] + [uids count];
// We deal with a static group, let's add the members
if (c)
{
um = [SOGoUserManager sharedUserManager];
// We add members for whom we have their associated DN
for (i = 0; i < [dns count]; i++)
{
pool = [NSAutoreleasePool new];
dn = [dns objectAtIndex: i];
login = [um getLoginForDN: [dn lowercaseString]];
user = [SOGoUser userWithLogin: login roles: nil];
if (user)
{
[logins addObject: login];
[_members addObject: user];
}
[pool release];
}
// We add members for whom we have their associated login name
for (i = 0; i < [uids count]; i++)
{
pool = [NSAutoreleasePool new];
login = [uids objectAtIndex: i];
user = [SOGoUser userWithLogin: login roles: nil];
if (user)
{
[logins addObject: [user loginInDomain]];
[_members addObject: user];
}
[pool release];
}
// We are done fetching members, let's cache the members of the group
// (ie., their UIDs) in memcached to speed up -hasMemberWithUID.
[[SOGoCache sharedCache] setValue: [logins componentsJoinedByString: @","]
forKey: [NSString stringWithFormat: @"%@+%@", _identifier, _domain]];
}
else
{
// We deal with a dynamic group, let's search all users for whom
// memberOf is equal to our group's DN.
// We also need to look for labelelURI?
}
}
return _members;
}
//
//
//
- (BOOL) hasMemberWithUID: (NSString *) memberUID
{
BOOL rc;
rc = NO;
// If _members is initialized, we use it as it's very accurate.
// Otherwise, we fallback on memcached in order to avoid
// decomposing the group all the time just to see if a user
// is a member of it.
if (_members)
{
NSString *currentUID;
int count, max;
max = [_members count];
for (count = 0; !rc && count < max; count++)
{
currentUID = [[_members objectAtIndex: count] login];
rc = [memberUID isEqualToString: currentUID];
}
}
else
{
NSString *key, *value;;
NSArray *a;
key = [NSString stringWithFormat: @"%@+%@", _identifier, _domain];
value = [[SOGoCache sharedCache] valueForKey: key];
// If the value isn't in memcached, that probably means -members was never called.
// We call it only once here.
if (!value)
{
[self members];
value = [[SOGoCache sharedCache] valueForKey: key];
}
a = [value componentsSeparatedByString: @","];
rc = [a containsObject: memberUID];
}
return rc;
}
@end

View File

@ -118,4 +118,10 @@
- (void) updateBaseDNFromLogin: (NSString *) theLogin;
@end
@protocol MembershipAwareSource <SOGoSource>
- (NSArray *) membersForGroupWithUID: (NSString *) uid;
- (BOOL) groupWithUIDHasMemberWithUID: (NSString *) uid
memberUid: (NSString *) memberUid;
@end
#endif /* SOGOSOURCE_H */

View File

@ -27,7 +27,6 @@
#import <SOGo/NSDictionary+Utilities.h>
#import <SOGo/NSString+Utilities.h>
#import <SOGo/SOGoDomainDefaults.h>
#import <SOGo/SOGoGroup.h>
#import <SOGo/SOGoUser.h>
#import <SOGo/SOGoUserManager.h>
@ -120,10 +119,10 @@
- (BOOL) _initRights
{
BOOL response;
NSString *newUID, *domain;
NSString *newUID;
SOGoUserManager *um;
SOGoObject *clientObject;
SOGoGroup *group;
NSDictionary *dict;
response = NO;
@ -140,9 +139,8 @@
{
if (![newUID hasPrefix: @"@"])
{
domain = [[context activeUser] domain];
group = [SOGoGroup groupWithIdentifier: newUID inDomain: domain];
if (group)
dict = [[SOGoUserManager sharedUserManager] contactInfosForUserWithUIDorEmail: newUID];
if (dict && [[dict objectForKey: @"isGroup"] boolValue])
newUID = [NSString stringWithFormat: @"@%@", newUID];
}
ASSIGN (uid, newUID);
@ -158,10 +156,9 @@
- (BOOL) _initRightsForUserID:(NSString *) newUID
{
BOOL response;
NSString *domain;
SOGoUserManager *um;
SOGoObject *clientObject;
SOGoGroup *group;
NSDictionary *dict;
response = NO;
@ -174,11 +171,11 @@
if ([newUID isEqualToString: defaultUserID] || [newUID isEqualToString: @"anonymous"]
|| [[um getEmailForUID: newUID] length] > 0)
{
#warning Duplicated code from _initRights
if (![newUID hasPrefix: @"@"])
{
domain = [[context activeUser] domain];
group = [SOGoGroup groupWithIdentifier: newUID inDomain: domain];
if (group)
dict = [[SOGoUserManager sharedUserManager] contactInfosForUserWithUIDorEmail: newUID];
if (dict && [[dict objectForKey: @"isGroup"] boolValue])
newUID = [NSString stringWithFormat: @"@%@", newUID];
}
ASSIGN (uid, newUID);

View File

@ -31,8 +31,6 @@
#import <SOGo/NSArray+Utilities.h>
#import <SOGo/NSCalendarDate+SOGo.h>
#import <SOGo/NSDictionary+Utilities.h>
#import <SOGo/LDAPSource.h>
#import <SOGo/SOGoGroup.h>
#import <SOGo/SOGoSource.h>
#import <SOGo/SOGoUser.h>
#import <SOGo/SOGoUserDefaults.h>
@ -409,13 +407,9 @@
if ([[dict objectForKey: @"isGroup"] boolValue])
{
if ([source isKindOfClass: [LDAPSource class]] && [(LDAPSource *) source groupExpansionEnabled])
if ([source conformsToProtocol:@protocol(MembershipAwareSource)])
{
SOGoGroup *aGroup;
aGroup = [SOGoGroup groupWithIdentifier: [contact nameInContainer]
inDomain: [[context activeUser] domain]];
allUsers = [aGroup members]; // array of SOGoUser objects
allUsers = [(id<MembershipAwareSource>)(source) membersForGroupWithUID: [dict objectForKey: @"c_uid"]];
max = [allUsers count];
allUsersData = [NSMutableArray arrayWithCapacity: max];
for (i = 0; i < max; i++)