LupusNobilis
/
sogo
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

fix(core): decompose LDAP nested groups, cache logins 

We now decompose entries with attributes "member" or "uniquemember".

We now properly cache decomposed subgroups.
snyk-upgrade-0ec09bc7ae34af7c5d0348d49696b8f1
Francis Lachapelle 2021-04-19 14:35:41 -04:00
parent f5e4d3a7fd
commit a83b0d822a
1 changed files with 16 additions and 10 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

26
SoObjects/SOGo/LDAPSource.m
View File

@ -2028,12 +2028,12 @@ _makeLDAPChanges (NGLdapConnection *ldapConnection,
- (NSArray *) membersForGroupWithUID: (NSString *) uid - (NSArray *) membersForGroupWithUID: (NSString *) uid
{ {
NSMutableArray *dns, *uids, *logins; NSMutableArray *dns, *uids;
NSString *dn, *login; NSString *dn, *login;
SOGoUserManager *um; SOGoUserManager *um;
NSDictionary *d, *contactInfos; NSDictionary *d, *contactInfos;
SOGoUser *user; SOGoUser *user;
NSArray *o, *users; NSArray *o, *subusers, *logins;
NSAutoreleasePool *pool; NSAutoreleasePool *pool;
int i, c; int i, c;
NGLdapEntry *entry; NGLdapEntry *entry;
@ -2049,7 +2049,6 @@ _makeLDAPChanges (NGLdapConnection *ldapConnection,
members = [NSMutableArray new]; members = [NSMutableArray new];
uids = [NSMutableArray array]; uids = [NSMutableArray array];
dns = [NSMutableArray array]; dns = [NSMutableArray array];
logins = [NSMutableArray array];
// We check if it's a static group // We check if it's a static group
// Fetch "members" - we get DNs // Fetch "members" - we get DNs
@ -2084,8 +2083,16 @@ _makeLDAPChanges (NGLdapConnection *ldapConnection,
user = [SOGoUser userWithLogin: login roles: nil]; user = [SOGoUser userWithLogin: login roles: nil];
if (user) if (user)
{ {
[logins addObject: login]; contactInfos = [self lookupContactEntryWithUIDorEmail: login inDomain: nil];
[members addObject: user]; if ([contactInfos objectForKey: @"isGroup"])
{
subusers = [self membersForGroupWithUID: login];
[members addObjectsFromArray: subusers];
}
else
{
[members addObject: user];
}
} }
[pool release]; [pool release];
} }
@ -2101,23 +2108,22 @@ _makeLDAPChanges (NGLdapConnection *ldapConnection,
contactInfos = [self lookupContactEntryWithUIDorEmail: login inDomain: nil]; contactInfos = [self lookupContactEntryWithUIDorEmail: login inDomain: nil];
if ([contactInfos objectForKey: @"isGroup"]) if ([contactInfos objectForKey: @"isGroup"])
{ {
users = [self membersForGroupWithUID: login]; subusers = [self membersForGroupWithUID: login];
[members addObjectsFromArray: users]; [members addObjectsFromArray: subusers];
} }
else else
{ {
[logins addObject: login];
[members addObject: user]; [members addObject: user];
} }
} }
[pool release]; [pool release];
} }
// We are done fetching members, let's cache the members of the group // We are done fetching members, let's cache the members of the group
// (ie., their UIDs) in memcached to speed up -groupWithUIDHasMemberWithUID. // (ie., their UIDs) in memcached to speed up -groupWithUIDHasMemberWithUID.
logins = [members resultsOfSelector: @selector (loginInDomain)];
[[SOGoCache sharedCache] setValue: [logins componentsJoinedByString: @","] [[SOGoCache sharedCache] setValue: [logins componentsJoinedByString: @","]
forKey: [NSString stringWithFormat: @"%@+%@", uid, _domain]]; forKey: [NSString stringWithFormat: @"%@+%@", uid, _domain]];
} }
else else
{ {