nextcloud /
server
| Total Complexity | 119 |
| Total Lines | 645 |
| Duplicated Lines | 0 % |
| Changes | 3 | ||
| Bugs | 0 | Features | 0 |
Complex classes like Connection often do a lot of different things. To break such a class down, we need to identify a cohesive component within that class. A common approach to find such a component is to look for fields/methods that share the same prefixes, or suffixes.
Once you have determined the fields that belong together, you can apply the Extract Class refactoring. If the component makes sense as a sub-class, Extract Subclass is also a candidate, and is often faster.
While breaking up the class, it is a good idea to analyze how other classes use Connection, and based on these observations, apply Extract Interface, too.
| 1 | <?php |
||
| 76 | class Connection extends LDAPUtility { |
||
| 77 | /** |
||
| 78 | * @var resource|\LDAP\Connection|null |
||
|
|
|||
| 79 | */ |
||
| 80 | private $ldapConnectionRes = null; |
||
| 81 | |||
| 82 | /** |
||
| 83 | * @var string |
||
| 84 | */ |
||
| 85 | private $configPrefix; |
||
| 86 | |||
| 87 | /** |
||
| 88 | * @var ?string |
||
| 89 | */ |
||
| 90 | private $configID; |
||
| 91 | |||
| 92 | /** |
||
| 93 | * @var bool |
||
| 94 | */ |
||
| 95 | private $configured = false; |
||
| 96 | |||
| 97 | /** |
||
| 98 | * @var bool whether connection should be kept on __destruct |
||
| 99 | */ |
||
| 100 | private $dontDestruct = false; |
||
| 101 | |||
| 102 | /** |
||
| 103 | * @var bool runtime flag that indicates whether supported primary groups are available |
||
| 104 | */ |
||
| 105 | public $hasPrimaryGroups = true; |
||
| 106 | |||
| 107 | /** |
||
| 108 | * @var bool runtime flag that indicates whether supported POSIX gidNumber are available |
||
| 109 | */ |
||
| 110 | public $hasGidNumber = true; |
||
| 111 | |||
| 112 | /** |
||
| 113 | * @var \OCP\ICache|null |
||
| 114 | */ |
||
| 115 | protected $cache = null; |
||
| 116 | |||
| 117 | /** @var Configuration settings handler **/ |
||
| 118 | protected $configuration; |
||
| 119 | |||
| 120 | /** |
||
| 121 | * @var bool |
||
| 122 | */ |
||
| 123 | protected $doNotValidate = false; |
||
| 124 | |||
| 125 | /** |
||
| 126 | * @var bool |
||
| 127 | */ |
||
| 128 | protected $ignoreValidation = false; |
||
| 129 | |||
| 130 | /** |
||
| 131 | * @var array{sum?: string, result?: bool} |
||
| 132 | */ |
||
| 133 | protected $bindResult = []; |
||
| 134 | |||
| 135 | /** @var LoggerInterface */ |
||
| 136 | protected $logger; |
||
| 137 | |||
| 138 | /** |
||
| 139 | * Constructor |
||
| 140 | * @param string $configPrefix a string with the prefix for the configkey column (appconfig table) |
||
| 141 | * @param string|null $configID a string with the value for the appid column (appconfig table) or null for on-the-fly connections |
||
| 142 | */ |
||
| 143 | public function __construct(ILDAPWrapper $ldap, string $configPrefix = '', ?string $configID = 'user_ldap') { |
||
| 144 | parent::__construct($ldap); |
||
| 145 | $this->configPrefix = $configPrefix; |
||
| 146 | $this->configID = $configID; |
||
| 147 | $this->configuration = new Configuration($configPrefix, !is_null($configID)); |
||
| 148 | $memcache = \OC::$server->getMemCacheFactory(); |
||
| 149 | if ($memcache->isAvailable()) { |
||
| 150 | $this->cache = $memcache->createDistributed(); |
||
| 151 | } |
||
| 152 | $helper = new Helper(\OC::$server->getConfig(), \OC::$server->getDatabaseConnection()); |
||
| 153 | $this->doNotValidate = !in_array($this->configPrefix, |
||
| 154 | $helper->getServerConfigurationPrefixes()); |
||
| 155 | $this->logger = \OC::$server->get(LoggerInterface::class); |
||
| 156 | } |
||
| 157 | |||
| 158 | public function __destruct() { |
||
| 159 | if (!$this->dontDestruct && $this->ldap->isResource($this->ldapConnectionRes)) { |
||
| 160 | @$this->ldap->unbind($this->ldapConnectionRes); |
||
| 161 | $this->bindResult = []; |
||
| 162 | } |
||
| 163 | } |
||
| 164 | |||
| 165 | /** |
||
| 166 | * defines behaviour when the instance is cloned |
||
| 167 | */ |
||
| 168 | public function __clone() { |
||
| 169 | $this->configuration = new Configuration($this->configPrefix, |
||
| 170 | !is_null($this->configID)); |
||
| 171 | if (count($this->bindResult) !== 0 && $this->bindResult['result'] === true) { |
||
| 172 | $this->bindResult = []; |
||
| 173 | } |
||
| 174 | $this->ldapConnectionRes = null; |
||
| 175 | $this->dontDestruct = true; |
||
| 176 | } |
||
| 177 | |||
| 178 | public function __get(string $name) { |
||
| 179 | if (!$this->configured) { |
||
| 180 | $this->readConfiguration(); |
||
| 181 | } |
||
| 182 | |||
| 183 | return $this->configuration->$name; |
||
| 184 | } |
||
| 185 | |||
| 186 | /** |
||
| 187 | * @param string $name |
||
| 188 | * @param mixed $value |
||
| 189 | */ |
||
| 190 | public function __set($name, $value) { |
||
| 191 | $this->doNotValidate = false; |
||
| 192 | $before = $this->configuration->$name; |
||
| 193 | $this->configuration->$name = $value; |
||
| 194 | $after = $this->configuration->$name; |
||
| 195 | if ($before !== $after) { |
||
| 196 | if ($this->configID !== '' && $this->configID !== null) { |
||
| 197 | $this->configuration->saveConfiguration(); |
||
| 198 | } |
||
| 199 | $this->validateConfiguration(); |
||
| 200 | } |
||
| 201 | } |
||
| 202 | |||
| 203 | /** |
||
| 204 | * @param string $rule |
||
| 205 | * @return array |
||
| 206 | * @throws \RuntimeException |
||
| 207 | */ |
||
| 208 | public function resolveRule($rule) { |
||
| 209 | return $this->configuration->resolveRule($rule); |
||
| 210 | } |
||
| 211 | |||
| 212 | /** |
||
| 213 | * sets whether the result of the configuration validation shall |
||
| 214 | * be ignored when establishing the connection. Used by the Wizard |
||
| 215 | * in early configuration state. |
||
| 216 | * @param bool $state |
||
| 217 | */ |
||
| 218 | public function setIgnoreValidation($state) { |
||
| 219 | $this->ignoreValidation = (bool)$state; |
||
| 220 | } |
||
| 221 | |||
| 222 | /** |
||
| 223 | * initializes the LDAP backend |
||
| 224 | * @param bool $force read the config settings no matter what |
||
| 225 | */ |
||
| 226 | public function init($force = false) { |
||
| 229 | } |
||
| 230 | |||
| 231 | /** |
||
| 232 | * @return resource|\LDAP\Connection The LDAP resource |
||
| 233 | */ |
||
| 234 | public function getConnectionResource() { |
||
| 235 | if (!$this->ldapConnectionRes) { |
||
| 236 | $this->init(); |
||
| 237 | } elseif (!$this->ldap->isResource($this->ldapConnectionRes)) { |
||
| 238 | $this->ldapConnectionRes = null; |
||
| 239 | $this->establishConnection(); |
||
| 240 | } |
||
| 241 | if (is_null($this->ldapConnectionRes)) { |
||
| 242 | $this->logger->error( |
||
| 243 | 'No LDAP Connection to server ' . $this->configuration->ldapHost, |
||
| 244 | ['app' => 'user_ldap'] |
||
| 245 | ); |
||
| 246 | throw new ServerNotAvailableException('Connection to LDAP server could not be established'); |
||
| 247 | } |
||
| 248 | return $this->ldapConnectionRes; |
||
| 249 | } |
||
| 250 | |||
| 251 | /** |
||
| 252 | * resets the connection resource |
||
| 253 | */ |
||
| 254 | public function resetConnectionResource() { |
||
| 255 | if (!is_null($this->ldapConnectionRes)) { |
||
| 256 | @$this->ldap->unbind($this->ldapConnectionRes); |
||
| 257 | $this->ldapConnectionRes = null; |
||
| 258 | $this->bindResult = []; |
||
| 259 | } |
||
| 260 | } |
||
| 261 | |||
| 262 | /** |
||
| 263 | * @param string|null $key |
||
| 264 | * @return string |
||
| 265 | */ |
||
| 266 | private function getCacheKey($key) { |
||
| 267 | $prefix = 'LDAP-'.$this->configID.'-'.$this->configPrefix.'-'; |
||
| 268 | if (is_null($key)) { |
||
| 269 | return $prefix; |
||
| 270 | } |
||
| 271 | return $prefix.hash('sha256', $key); |
||
| 272 | } |
||
| 273 | |||
| 274 | /** |
||
| 275 | * @param string $key |
||
| 276 | * @return mixed|null |
||
| 277 | */ |
||
| 278 | public function getFromCache($key) { |
||
| 279 | if (!$this->configured) { |
||
| 280 | $this->readConfiguration(); |
||
| 281 | } |
||
| 282 | if (is_null($this->cache) || !$this->configuration->ldapCacheTTL) { |
||
| 283 | return null; |
||
| 284 | } |
||
| 285 | $key = $this->getCacheKey($key); |
||
| 286 | |||
| 287 | return json_decode(base64_decode($this->cache->get($key) ?? ''), true); |
||
| 288 | } |
||
| 289 | |||
| 290 | /** |
||
| 291 | * @param string $key |
||
| 292 | * @param mixed $value |
||
| 293 | */ |
||
| 294 | public function writeToCache($key, $value): void { |
||
| 295 | if (!$this->configured) { |
||
| 296 | $this->readConfiguration(); |
||
| 297 | } |
||
| 298 | if (is_null($this->cache) |
||
| 299 | || !$this->configuration->ldapCacheTTL |
||
| 300 | || !$this->configuration->ldapConfigurationActive) { |
||
| 301 | return; |
||
| 302 | } |
||
| 303 | $key = $this->getCacheKey($key); |
||
| 304 | $value = base64_encode(json_encode($value)); |
||
| 305 | $this->cache->set($key, $value, $this->configuration->ldapCacheTTL); |
||
| 306 | } |
||
| 307 | |||
| 308 | public function clearCache() { |
||
| 309 | if (!is_null($this->cache)) { |
||
| 310 | $this->cache->clear($this->getCacheKey(null)); |
||
| 311 | } |
||
| 312 | } |
||
| 313 | |||
| 314 | /** |
||
| 315 | * Caches the general LDAP configuration. |
||
| 316 | * @param bool $force optional. true, if the re-read should be forced. defaults |
||
| 317 | * to false. |
||
| 318 | * @return null |
||
| 319 | */ |
||
| 320 | private function readConfiguration($force = false) { |
||
| 324 | } |
||
| 325 | } |
||
| 326 | |||
| 327 | /** |
||
| 328 | * set LDAP configuration with values delivered by an array, not read from configuration |
||
| 329 | * @param array $config array that holds the config parameters in an associated array |
||
| 330 | * @param array &$setParameters optional; array where the set fields will be given to |
||
| 331 | * @return bool true if config validates, false otherwise. Check with $setParameters for detailed success on single parameters |
||
| 332 | */ |
||
| 333 | public function setConfiguration($config, &$setParameters = null): bool { |
||
| 334 | if (is_null($setParameters)) { |
||
| 335 | $setParameters = []; |
||
| 336 | } |
||
| 337 | $this->doNotValidate = false; |
||
| 338 | $this->configuration->setConfiguration($config, $setParameters); |
||
| 339 | if (count($setParameters) > 0) { |
||
| 340 | $this->configured = $this->validateConfiguration(); |
||
| 341 | } |
||
| 342 | |||
| 343 | |||
| 344 | return $this->configured; |
||
| 345 | } |
||
| 346 | |||
| 347 | /** |
||
| 348 | * saves the current Configuration in the database and empties the |
||
| 349 | * cache |
||
| 350 | * @return null |
||
| 351 | */ |
||
| 352 | public function saveConfiguration() { |
||
| 353 | $this->configuration->saveConfiguration(); |
||
| 354 | $this->clearCache(); |
||
| 355 | } |
||
| 356 | |||
| 357 | /** |
||
| 358 | * get the current LDAP configuration |
||
| 359 | * @return array |
||
| 360 | */ |
||
| 361 | public function getConfiguration() { |
||
| 390 | } |
||
| 391 | |||
| 392 | private function doSoftValidation() { |
||
| 393 | //if User or Group Base are not set, take over Base DN setting |
||
| 394 | foreach (['ldapBaseUsers', 'ldapBaseGroups'] as $keyBase) { |
||
| 395 | $val = $this->configuration->$keyBase; |
||
| 396 | if (empty($val)) { |
||
| 397 | $this->configuration->$keyBase = $this->configuration->ldapBase; |
||
| 398 | } |
||
| 399 | } |
||
| 400 | |||
| 401 | foreach (['ldapExpertUUIDUserAttr' => 'ldapUuidUserAttribute', |
||
| 402 | 'ldapExpertUUIDGroupAttr' => 'ldapUuidGroupAttribute'] |
||
| 403 | as $expertSetting => $effectiveSetting) { |
||
| 404 | $uuidOverride = $this->configuration->$expertSetting; |
||
| 405 | if (!empty($uuidOverride)) { |
||
| 406 | $this->configuration->$effectiveSetting = $uuidOverride; |
||
| 407 | } else { |
||
| 408 | $uuidAttributes = Access::UUID_ATTRIBUTES; |
||
| 409 | array_unshift($uuidAttributes, 'auto'); |
||
| 410 | if (!in_array($this->configuration->$effectiveSetting, $uuidAttributes) |
||
| 411 | && !is_null($this->configID)) { |
||
| 412 | $this->configuration->$effectiveSetting = 'auto'; |
||
| 413 | $this->configuration->saveConfiguration(); |
||
| 414 | $this->logger->info( |
||
| 415 | 'Illegal value for the '.$effectiveSetting.', reset to autodetect.', |
||
| 416 | ['app' => 'user_ldap'] |
||
| 417 | ); |
||
| 418 | } |
||
| 419 | } |
||
| 420 | } |
||
| 421 | |||
| 422 | $backupPort = (int)$this->configuration->ldapBackupPort; |
||
| 423 | if ($backupPort <= 0) { |
||
| 424 | $this->configuration->backupPort = $this->configuration->ldapPort; |
||
| 425 | } |
||
| 426 | |||
| 427 | //make sure empty search attributes are saved as simple, empty array |
||
| 428 | $saKeys = ['ldapAttributesForUserSearch', |
||
| 429 | 'ldapAttributesForGroupSearch']; |
||
| 430 | foreach ($saKeys as $key) { |
||
| 431 | $val = $this->configuration->$key; |
||
| 432 | if (is_array($val) && count($val) === 1 && empty($val[0])) { |
||
| 433 | $this->configuration->$key = []; |
||
| 434 | } |
||
| 435 | } |
||
| 436 | |||
| 437 | if ((stripos((string)$this->configuration->ldapHost, 'ldaps://') === 0) |
||
| 438 | && $this->configuration->ldapTLS) { |
||
| 439 | $this->configuration->ldapTLS = false; |
||
| 440 | $this->logger->info( |
||
| 441 | 'LDAPS (already using secure connection) and TLS do not work together. Switched off TLS.', |
||
| 442 | ['app' => 'user_ldap'] |
||
| 443 | ); |
||
| 444 | } |
||
| 445 | } |
||
| 446 | |||
| 447 | /** |
||
| 448 | * @return bool |
||
| 449 | */ |
||
| 450 | private function doCriticalValidation() { |
||
| 451 | $configurationOK = true; |
||
| 452 | $errorStr = 'Configuration Error (prefix '. |
||
| 453 | (string)$this->configPrefix .'): '; |
||
| 454 | |||
| 455 | //options that shall not be empty |
||
| 456 | $options = ['ldapHost', 'ldapPort', 'ldapUserDisplayName', |
||
| 457 | 'ldapGroupDisplayName', 'ldapLoginFilter']; |
||
| 458 | foreach ($options as $key) { |
||
| 459 | $val = $this->configuration->$key; |
||
| 460 | if (empty($val)) { |
||
| 461 | switch ($key) { |
||
| 462 | case 'ldapHost': |
||
| 463 | $subj = 'LDAP Host'; |
||
| 464 | break; |
||
| 465 | case 'ldapPort': |
||
| 466 | $subj = 'LDAP Port'; |
||
| 467 | break; |
||
| 468 | case 'ldapUserDisplayName': |
||
| 469 | $subj = 'LDAP User Display Name'; |
||
| 470 | break; |
||
| 471 | case 'ldapGroupDisplayName': |
||
| 472 | $subj = 'LDAP Group Display Name'; |
||
| 473 | break; |
||
| 474 | case 'ldapLoginFilter': |
||
| 475 | $subj = 'LDAP Login Filter'; |
||
| 476 | break; |
||
| 477 | default: |
||
| 478 | $subj = $key; |
||
| 479 | break; |
||
| 480 | } |
||
| 481 | $configurationOK = false; |
||
| 482 | $this->logger->warning( |
||
| 483 | $errorStr.'No '.$subj.' given!', |
||
| 484 | ['app' => 'user_ldap'] |
||
| 485 | ); |
||
| 486 | } |
||
| 487 | } |
||
| 488 | |||
| 489 | //combinations |
||
| 490 | $agent = $this->configuration->ldapAgentName; |
||
| 491 | $pwd = $this->configuration->ldapAgentPassword; |
||
| 492 | if ( |
||
| 493 | ($agent === '' && $pwd !== '') |
||
| 494 | || ($agent !== '' && $pwd === '') |
||
| 495 | ) { |
||
| 496 | $this->logger->warning( |
||
| 497 | $errorStr.'either no password is given for the user ' . |
||
| 498 | 'agent or a password is given, but not an LDAP agent.', |
||
| 499 | ['app' => 'user_ldap'] |
||
| 500 | ); |
||
| 501 | $configurationOK = false; |
||
| 502 | } |
||
| 503 | |||
| 504 | $base = $this->configuration->ldapBase; |
||
| 505 | $baseUsers = $this->configuration->ldapBaseUsers; |
||
| 506 | $baseGroups = $this->configuration->ldapBaseGroups; |
||
| 507 | |||
| 508 | if (empty($base) && empty($baseUsers) && empty($baseGroups)) { |
||
| 509 | $this->logger->warning( |
||
| 510 | $errorStr.'Not a single Base DN given.', |
||
| 511 | ['app' => 'user_ldap'] |
||
| 512 | ); |
||
| 513 | $configurationOK = false; |
||
| 514 | } |
||
| 515 | |||
| 516 | if (mb_strpos((string)$this->configuration->ldapLoginFilter, '%uid', 0, 'UTF-8') |
||
| 517 | === false) { |
||
| 518 | $this->logger->warning( |
||
| 519 | $errorStr.'login filter does not contain %uid place holder.', |
||
| 520 | ['app' => 'user_ldap'] |
||
| 521 | ); |
||
| 522 | $configurationOK = false; |
||
| 523 | } |
||
| 524 | |||
| 525 | return $configurationOK; |
||
| 526 | } |
||
| 527 | |||
| 528 | /** |
||
| 529 | * Validates the user specified configuration |
||
| 530 | * @return bool true if configuration seems OK, false otherwise |
||
| 531 | */ |
||
| 532 | private function validateConfiguration() { |
||
| 533 | if ($this->doNotValidate) { |
||
| 534 | //don't do a validation if it is a new configuration with pure |
||
| 535 | //default values. Will be allowed on changes via __set or |
||
| 536 | //setConfiguration |
||
| 537 | return false; |
||
| 538 | } |
||
| 539 | |||
| 540 | // first step: "soft" checks: settings that are not really |
||
| 541 | // necessary, but advisable. If left empty, give an info message |
||
| 542 | $this->doSoftValidation(); |
||
| 543 | |||
| 544 | //second step: critical checks. If left empty or filled wrong, mark as |
||
| 545 | //not configured and give a warning. |
||
| 546 | return $this->doCriticalValidation(); |
||
| 547 | } |
||
| 548 | |||
| 549 | |||
| 550 | /** |
||
| 551 | * Connects and Binds to LDAP |
||
| 552 | * |
||
| 553 | * @throws ServerNotAvailableException |
||
| 554 | */ |
||
| 555 | private function establishConnection() { |
||
| 634 | } |
||
| 635 | |||
| 636 | /** |
||
| 637 | * @param string $host |
||
| 638 | * @param string $port |
||
| 639 | * @return bool |
||
| 640 | * @throws \OC\ServerNotAvailableException |
||
| 641 | */ |
||
| 642 | private function doConnect($host, $port) { |
||
| 668 | } |
||
| 669 | |||
| 670 | /** |
||
| 671 | * Binds to LDAP |
||
| 672 | */ |
||
| 673 | public function bind() { |
||
| 723 |
Loading history...
The issue could also be caused by a filter entry in the build configuration. If the path has been excluded in your configuration, e.g.
excluded_paths: ["lib/*"], you can move it to the dependency path list as follows:For further information see https://scrutinizer-ci.com/docs/tools/php/php-scrutinizer/#list-dependency-paths