nextcloud / server

apps/user_ldap/lib/Access.php

Spacing +169 added lines, -169 removed lines

@@ -124,7 +124,7 @@ 
 	 * @return AbstractMapping
 	 */
 	public function getUserMapper() {
-		if(is_null($this->userMapper)) {
+		if (is_null($this->userMapper)) {
 			throw new \Exception('UserMapper was not assigned to this Access instance.');
 		}
 		return $this->userMapper;
@@ -144,7 +144,7 @@ 
 	 * @return AbstractMapping
 	 */
 	public function getGroupMapper() {
-		if(is_null($this->groupMapper)) {
+		if (is_null($this->groupMapper)) {
 			throw new \Exception('GroupMapper was not assigned to this Access instance.');
 		}
 		return $this->groupMapper;
@@ -175,14 +175,14 @@ 
 	 *          array if $attr is empty, false otherwise
 	 */
 	public function readAttribute($dn, $attr, $filter = 'objectClass=*') {
-		if(!$this->checkConnection()) {
+		if (!$this->checkConnection()) {
 			\OCP\Util::writeLog('user_ldap',
 				'No LDAP Connector assigned, access impossible for readAttribute.',
 				\OCP\Util::WARN);
 			return false;
 		}
 		$cr = $this->connection->getConnectionResource();
-		if(!$this->ldap->isResource($cr)) {
+		if (!$this->ldap->isResource($cr)) {
 			//LDAP not available
 			\OCP\Util::writeLog('user_ldap', 'LDAP resource not available.', \OCP\Util::DEBUG);
 			return false;
@@ -205,7 +205,7 @@ 
 		$isRangeRequest = false;
 		do {
 			$result = $this->executeRead($cr, $dn, $attrToRead, $filter, $maxResults);
-			if(is_bool($result)) {
+			if (is_bool($result)) {
 				// when an exists request was run and it was successful, an empty
 				// array must be returned
 				return $result ? [] : false;
@@ -222,22 +222,22 @@ 
 			$result = $this->extractRangeData($result, $attr);
 			if (!empty($result)) {
 				$normalizedResult = $this->extractAttributeValuesFromResult(
-					[ $attr => $result['values'] ],
+					[$attr => $result['values']],
 					$attr
 				);
 				$values = array_merge($values, $normalizedResult);
 
-				if($result['rangeHigh'] === '*') {
+				if ($result['rangeHigh'] === '*') {
 					// when server replies with * as high range value, there are
 					// no more results left
 					return $values;
 				} else {
-					$low  = $result['rangeHigh'] + 1;
-					$attrToRead = $result['attributeName'] . ';range=' . $low . '-*';
+					$low = $result['rangeHigh'] + 1;
+					$attrToRead = $result['attributeName'].';range='.$low.'-*';
 					$isRangeRequest = true;
 				}
 			}
-		} while($isRangeRequest);
+		} while ($isRangeRequest);
 
 		\OCP\Util::writeLog('user_ldap', 'Requested attribute '.$attr.' not found for '.$dn, \OCP\Util::DEBUG);
 		return false;
@@ -262,13 +262,13 @@ 
 		if (!$this->ldap->isResource($rr)) {
 			if ($attribute !== '') {
 				//do not throw this message on userExists check, irritates
-				\OCP\Util::writeLog('user_ldap', 'readAttribute failed for DN ' . $dn, \OCP\Util::DEBUG);
+				\OCP\Util::writeLog('user_ldap', 'readAttribute failed for DN '.$dn, \OCP\Util::DEBUG);
 			}
 			//in case an error occurs , e.g. object does not exist
 			return false;
 		}
 		if ($attribute === '' && ($filter === 'objectclass=*' || $this->invokeLDAPMethod('countEntries', $cr, $rr) === 1)) {
-			\OCP\Util::writeLog('user_ldap', 'readAttribute: ' . $dn . ' found', \OCP\Util::DEBUG);
+			\OCP\Util::writeLog('user_ldap', 'readAttribute: '.$dn.' found', \OCP\Util::DEBUG);
 			return true;
 		}
 		$er = $this->invokeLDAPMethod('firstEntry', $cr, $rr);
@@ -293,12 +293,12 @@ 
 	 */
 	public function extractAttributeValuesFromResult($result, $attribute) {
 		$values = [];
-		if(isset($result[$attribute]) && $result[$attribute]['count'] > 0) {
+		if (isset($result[$attribute]) && $result[$attribute]['count'] > 0) {
 			$lowercaseAttribute = strtolower($attribute);
-			for($i=0;$i<$result[$attribute]['count'];$i++) {
-				if($this->resemblesDN($attribute)) {
+			for ($i = 0; $i < $result[$attribute]['count']; $i++) {
+				if ($this->resemblesDN($attribute)) {
 					$values[] = $this->helper->sanitizeDN($result[$attribute][$i]);
-				} elseif($lowercaseAttribute === 'objectguid' || $lowercaseAttribute === 'guid') {
+				} elseif ($lowercaseAttribute === 'objectguid' || $lowercaseAttribute === 'guid') {
 					$values[] = $this->convertObjectGUID2Str($result[$attribute][$i]);
 				} else {
 					$values[] = $result[$attribute][$i];
@@ -320,10 +320,10 @@ 
 	 */
 	public function extractRangeData($result, $attribute) {
 		$keys = array_keys($result);
-		foreach($keys as $key) {
-			if($key !== $attribute && strpos($key, $attribute) === 0) {
+		foreach ($keys as $key) {
+			if ($key !== $attribute && strpos($key, $attribute) === 0) {
 				$queryData = explode(';', $key);
-				if(strpos($queryData[1], 'range=') === 0) {
+				if (strpos($queryData[1], 'range=') === 0) {
 					$high = substr($queryData[1], 1 + strpos($queryData[1], '-'));
 					$data = [
 						'values' => $result[$key],
@@ -348,18 +348,18 @@ 
 	 * @throws \Exception
 	 */
 	public function setPassword($userDN, $password) {
-		if(intval($this->connection->turnOnPasswordChange) !== 1) {
+		if (intval($this->connection->turnOnPasswordChange) !== 1) {
 			throw new \Exception('LDAP password changes are disabled.');
 		}
 		$cr = $this->connection->getConnectionResource();
-		if(!$this->ldap->isResource($cr)) {
+		if (!$this->ldap->isResource($cr)) {
 			//LDAP not available
 			\OCP\Util::writeLog('user_ldap', 'LDAP resource not available.', \OCP\Util::DEBUG);
 			return false;
 		}
 		try {
 			return @$this->invokeLDAPMethod('modReplace', $cr, $userDN, $password);
-		} catch(ConstraintViolationException $e) {
+		} catch (ConstraintViolationException $e) {
 			throw new HintException('Password change rejected.', \OC::$server->getL10N('user_ldap')->t('Password change rejected. Hint: ').$e->getMessage(), $e->getCode());
 		}
 	}
@@ -401,17 +401,17 @@ 
 	 */
 	public function getDomainDNFromDN($dn) {
 		$allParts = $this->ldap->explodeDN($dn, 0);
-		if($allParts === false) {
+		if ($allParts === false) {
 			//not a valid DN
 			return '';
 		}
 		$domainParts = array();
 		$dcFound = false;
-		foreach($allParts as $part) {
-			if(!$dcFound && strpos($part, 'dc=') === 0) {
+		foreach ($allParts as $part) {
+			if (!$dcFound && strpos($part, 'dc=') === 0) {
 				$dcFound = true;
 			}
-			if($dcFound) {
+			if ($dcFound) {
 				$domainParts[] = $part;
 			}
 		}
@@ -438,7 +438,7 @@ 
 
 		//Check whether the DN belongs to the Base, to avoid issues on multi-
 		//server setups
-		if(is_string($fdn) && $this->isDNPartOfBase($fdn, $this->connection->ldapBaseUsers)) {
+		if (is_string($fdn) && $this->isDNPartOfBase($fdn, $this->connection->ldapBaseUsers)) {
 			return $fdn;
 		}
 
@@ -455,7 +455,7 @@ 
 		//To avoid bypassing the base DN settings under certain circumstances
 		//with the group support, check whether the provided DN matches one of
 		//the given Bases
-		if(!$this->isDNPartOfBase($fdn, $this->connection->ldapBaseGroups)) {
+		if (!$this->isDNPartOfBase($fdn, $this->connection->ldapBaseGroups)) {
 			return false;
 		}
 
@@ -472,11 +472,11 @@ 
 	 */
 	public function groupsMatchFilter($groupDNs) {
 		$validGroupDNs = [];
-		foreach($groupDNs as $dn) {
+		foreach ($groupDNs as $dn) {
 			$cacheKey = 'groupsMatchFilter-'.$dn;
 			$groupMatchFilter = $this->connection->getFromCache($cacheKey);
-			if(!is_null($groupMatchFilter)) {
-				if($groupMatchFilter) {
+			if (!is_null($groupMatchFilter)) {
+				if ($groupMatchFilter) {
 					$validGroupDNs[] = $dn;
 				}
 				continue;
@@ -484,13 +484,13 @@ 
 
 			// Check the base DN first. If this is not met already, we don't
 			// need to ask the server at all.
-			if(!$this->isDNPartOfBase($dn, $this->connection->ldapBaseGroups)) {
+			if (!$this->isDNPartOfBase($dn, $this->connection->ldapBaseGroups)) {
 				$this->connection->writeToCache($cacheKey, false);
 				continue;
 			}
 
 			$result = $this->readAttribute($dn, 'cn', $this->connection->ldapGroupFilter);
-			if(is_array($result)) {
+			if (is_array($result)) {
 				$this->connection->writeToCache($cacheKey, true);
 				$validGroupDNs[] = $dn;
 			} else {
@@ -511,7 +511,7 @@ 
 		//To avoid bypassing the base DN settings under certain circumstances
 		//with the group support, check whether the provided DN matches one of
 		//the given Bases
-		if(!$this->isDNPartOfBase($fdn, $this->connection->ldapBaseUsers)) {
+		if (!$this->isDNPartOfBase($fdn, $this->connection->ldapBaseUsers)) {
 			return false;
 		}
 
@@ -531,7 +531,7 @@ 
 	 */
 	public function dn2ocname($fdn, $ldapName = null, $isUser = true, &$newlyMapped = null, array $record = null) {
 		$newlyMapped = false;
-		if($isUser) {
+		if ($isUser) {
 			$mapper = $this->getUserMapper();
 			$nameAttribute = $this->connection->ldapUserDisplayName;
 		} else {
@@ -541,15 +541,15 @@ 
 
 		//let's try to retrieve the Nextcloud name from the mappings table
 		$ncName = $mapper->getNameByDN($fdn);
-		if(is_string($ncName)) {
+		if (is_string($ncName)) {
 			return $ncName;
 		}
 
 		//second try: get the UUID and check if it is known. Then, update the DN and return the name.
 		$uuid = $this->getUUID($fdn, $isUser, $record);
-		if(is_string($uuid)) {
+		if (is_string($uuid)) {
 			$ncName = $mapper->getNameByUUID($uuid);
-			if(is_string($ncName)) {
+			if (is_string($ncName)) {
 				$mapper->setDNbyUUID($fdn, $uuid);
 				return $ncName;
 			}
@@ -559,16 +559,16 @@ 
 			return false;
 		}
 
-		if(is_null($ldapName)) {
+		if (is_null($ldapName)) {
 			$ldapName = $this->readAttribute($fdn, $nameAttribute);
-			if(!isset($ldapName[0]) && empty($ldapName[0])) {
+			if (!isset($ldapName[0]) && empty($ldapName[0])) {
 				\OCP\Util::writeLog('user_ldap', 'No or empty name for '.$fdn.'.', \OCP\Util::INFO);
 				return false;
 			}
 			$ldapName = $ldapName[0];
 		}
 
-		if($isUser) {
+		if ($isUser) {
 			$usernameAttribute = strval($this->connection->ldapExpertUsernameAttr);
 			if ($usernameAttribute !== '') {
 				$username = $this->readAttribute($fdn, $usernameAttribute);
@@ -587,9 +587,9 @@ 
 		// outside of core user management will still cache the user as non-existing.
 		$originalTTL = $this->connection->ldapCacheTTL;
 		$this->connection->setConfiguration(array('ldapCacheTTL' => 0));
-		if(($isUser && $intName !== '' && !\OCP\User::userExists($intName))
+		if (($isUser && $intName !== '' && !\OCP\User::userExists($intName))
 			|| (!$isUser && !\OC::$server->getGroupManager()->groupExists($intName))) {
-			if($mapper->map($fdn, $intName, $uuid)) {
+			if ($mapper->map($fdn, $intName, $uuid)) {
 				$this->connection->setConfiguration(array('ldapCacheTTL' => $originalTTL));
 				$newlyMapped = true;
 				return $intName;
@@ -598,7 +598,7 @@ 
 		$this->connection->setConfiguration(array('ldapCacheTTL' => $originalTTL));
 
 		$altName = $this->createAltInternalOwnCloudName($intName, $isUser);
-		if(is_string($altName) && $mapper->map($fdn, $altName, $uuid)) {
+		if (is_string($altName) && $mapper->map($fdn, $altName, $uuid)) {
 			$newlyMapped = true;
 			return $altName;
 		}
@@ -636,7 +636,7 @@ 
 	 * @return array
 	 */
 	private function ldap2NextcloudNames($ldapObjects, $isUsers) {
-		if($isUsers) {
+		if ($isUsers) {
 			$nameAttribute = $this->connection->ldapUserDisplayName;
 			$sndAttribute  = $this->connection->ldapUserDisplayName2;
 		} else {
@@ -644,9 +644,9 @@ 
 		}
 		$nextcloudNames = array();
 
-		foreach($ldapObjects as $ldapObject) {
+		foreach ($ldapObjects as $ldapObject) {
 			$nameByLDAP = null;
-			if(    isset($ldapObject[$nameAttribute])
+			if (isset($ldapObject[$nameAttribute])
 				&& is_array($ldapObject[$nameAttribute])
 				&& isset($ldapObject[$nameAttribute][0])
 			) {
@@ -655,12 +655,12 @@ 
 			}
 
 			$ncName = $this->dn2ocname($ldapObject['dn'][0], $nameByLDAP, $isUsers);
-			if($ncName) {
+			if ($ncName) {
 				$nextcloudNames[] = $ncName;
-				if($isUsers) {
+				if ($isUsers) {
 					//cache the user names so it does not need to be retrieved
 					//again later (e.g. sharing dialogue).
-					if(is_null($nameByLDAP)) {
+					if (is_null($nameByLDAP)) {
 						continue;
 					}
 					$sndName = isset($ldapObject[$sndAttribute][0])
@@ -698,7 +698,7 @@ 
 	 */
 	public function cacheUserDisplayName($ocName, $displayName, $displayName2 = '') {
 		$user = $this->userManager->get($ocName);
-		if($user === null) {
+		if ($user === null) {
 			return;
 		}
 		$displayName = $user->composeAndStoreDisplayName($displayName, $displayName2);
@@ -718,9 +718,9 @@ 
 		$attempts = 0;
 		//while loop is just a precaution. If a name is not generated within
 		//20 attempts, something else is very wrong. Avoids infinite loop.
-		while($attempts < 20){
-			$altName = $name . '_' . rand(1000,9999);
-			if(!\OCP\User::userExists($altName)) {
+		while ($attempts < 20) {
+			$altName = $name.'_'.rand(1000, 9999);
+			if (!\OCP\User::userExists($altName)) {
 				return $altName;
 			}
 			$attempts++;
@@ -742,25 +742,25 @@ 
 	 */
 	private function _createAltInternalOwnCloudNameForGroups($name) {
 		$usedNames = $this->groupMapper->getNamesBySearch($name, "", '_%');
-		if(!($usedNames) || count($usedNames) === 0) {
+		if (!($usedNames) || count($usedNames) === 0) {
 			$lastNo = 1; //will become name_2
 		} else {
 			natsort($usedNames);
 			$lastName = array_pop($usedNames);
 			$lastNo = intval(substr($lastName, strrpos($lastName, '_') + 1));
 		}
-		$altName = $name.'_'.strval($lastNo+1);
+		$altName = $name.'_'.strval($lastNo + 1);
 		unset($usedNames);
 
 		$attempts = 1;
-		while($attempts < 21){
+		while ($attempts < 21) {
 			// Check to be really sure it is unique
 			// while loop is just a precaution. If a name is not generated within
 			// 20 attempts, something else is very wrong. Avoids infinite loop.
-			if(!\OC::$server->getGroupManager()->groupExists($altName)) {
+			if (!\OC::$server->getGroupManager()->groupExists($altName)) {
 				return $altName;
 			}
-			$altName = $name . '_' . ($lastNo + $attempts);
+			$altName = $name.'_'.($lastNo + $attempts);
 			$attempts++;
 		}
 		return false;
@@ -775,7 +775,7 @@ 
 	private function createAltInternalOwnCloudName($name, $isUser) {
 		$originalTTL = $this->connection->ldapCacheTTL;
 		$this->connection->setConfiguration(array('ldapCacheTTL' => 0));
-		if($isUser) {
+		if ($isUser) {
 			$altName = $this->_createAltInternalOwnCloudNameForUsers($name);
 		} else {
 			$altName = $this->_createAltInternalOwnCloudNameForGroups($name);
@@ -825,13 +825,13 @@ 
 	public function fetchListOfUsers($filter, $attr, $limit = null, $offset = null, $forceApplyAttributes = false) {
 		$ldapRecords = $this->searchUsers($filter, $attr, $limit, $offset);
 		$recordsToUpdate = $ldapRecords;
-		if(!$forceApplyAttributes) {
+		if (!$forceApplyAttributes) {
 			$isBackgroundJobModeAjax = $this->config
 					->getAppValue('core', 'backgroundjobs_mode', 'ajax') === 'ajax';
 			$recordsToUpdate = array_filter($ldapRecords, function($record) use ($isBackgroundJobModeAjax) {
 				$newlyMapped = false;
 				$uid = $this->dn2ocname($record['dn'][0], null, true, $newlyMapped, $record);
-				if(is_string($uid)) {
+				if (is_string($uid)) {
 					$this->cacheUserExists($uid);
 				}
 				return ($uid !== false) && ($newlyMapped || $isBackgroundJobModeAjax);
@@ -847,19 +847,19 @@ 
 	 * and their values
 	 * @param array $ldapRecords
 	 */
-	public function batchApplyUserAttributes(array $ldapRecords){
+	public function batchApplyUserAttributes(array $ldapRecords) {
 		$displayNameAttribute = strtolower($this->connection->ldapUserDisplayName);
-		foreach($ldapRecords as $userRecord) {
-			if(!isset($userRecord[$displayNameAttribute])) {
+		foreach ($ldapRecords as $userRecord) {
+			if (!isset($userRecord[$displayNameAttribute])) {
 				// displayName is obligatory
 				continue;
 			}
-			$ocName  = $this->dn2ocname($userRecord['dn'][0], null, true);
-			if($ocName === false) {
+			$ocName = $this->dn2ocname($userRecord['dn'][0], null, true);
+			if ($ocName === false) {
 				continue;
 			}
 			$user = $this->userManager->get($ocName);
-			if($user instanceof OfflineUser) {
+			if ($user instanceof OfflineUser) {
 				$user->unmark();
 				$user = $this->userManager->get($ocName);
 			}
@@ -891,8 +891,8 @@ 
 	 * @return array
 	 */
 	private function fetchList($list, $manyAttributes) {
-		if(is_array($list)) {
-			if($manyAttributes) {
+		if (is_array($list)) {
+			if ($manyAttributes) {
 				return $list;
 			} else {
 				$list = array_reduce($list, function($carry, $item) {
@@ -990,7 +990,7 @@ 
 		// php no longer supports call-time pass-by-reference
 		// thus cannot support controlPagedResultResponse as the third argument
 		// is a reference
-		$doMethod = function () use ($command, &$arguments) {
+		$doMethod = function() use ($command, &$arguments) {
 			if ($command == 'controlPagedResultResponse') {
 				throw new \InvalidArgumentException('Invoker does not support controlPagedResultResponse, call LDAP Wrapper directly instead.');
 			} else {
@@ -1008,7 +1008,7 @@ 
 			$this->connection->resetConnectionResource();
 			$cr = $this->connection->getConnectionResource();
 
-			if(!$this->ldap->isResource($cr)) {
+			if (!$this->ldap->isResource($cr)) {
 				// Seems like we didn't find any resource.
 				\OCP\Util::writeLog('user_ldap', "Could not $command, because resource is missing.", \OCP\Util::DEBUG);
 				throw $e;
@@ -1033,13 +1033,13 @@ 
 	 * @throws ServerNotAvailableException
 	 */
 	private function executeSearch($filter, $base, &$attr = null, $limit = null, $offset = null) {
-		if(!is_null($attr) && !is_array($attr)) {
+		if (!is_null($attr) && !is_array($attr)) {
 			$attr = array(mb_strtolower($attr, 'UTF-8'));
 		}
 
 		// See if we have a resource, in case not cancel with message
 		$cr = $this->connection->getConnectionResource();
-		if(!$this->ldap->isResource($cr)) {
+		if (!$this->ldap->isResource($cr)) {
 			// Seems like we didn't find any resource.
 			// Return an empty array just like before.
 			\OCP\Util::writeLog('user_ldap', 'Could not search, because resource is missing.', \OCP\Util::DEBUG);
@@ -1053,7 +1053,7 @@ 
 		$sr = $this->invokeLDAPMethod('search', $linkResources, $base, $filter, $attr);
 		// cannot use $cr anymore, might have changed in the previous call!
 		$error = $this->ldap->errno($this->connection->getConnectionResource());
-		if(!is_array($sr) || $error !== 0) {
+		if (!is_array($sr) || $error !== 0) {
 			\OCP\Util::writeLog('user_ldap', 'Attempt for Paging?  '.print_r($pagedSearchOK, true), \OCP\Util::ERROR);
 			return false;
 		}
@@ -1076,26 +1076,26 @@ 
 	 */
 	private function processPagedSearchStatus($sr, $filter, $base, $iFoundItems, $limit, $offset, $pagedSearchOK, $skipHandling) {
 		$cookie = null;
-		if($pagedSearchOK) {
+		if ($pagedSearchOK) {
 			$cr = $this->connection->getConnectionResource();
-			foreach($sr as $key => $res) {
-				if($this->ldap->controlPagedResultResponse($cr, $res, $cookie)) {
+			foreach ($sr as $key => $res) {
+				if ($this->ldap->controlPagedResultResponse($cr, $res, $cookie)) {
 					$this->setPagedResultCookie($base[$key], $filter, $limit, $offset, $cookie);
 				}
 			}
 
 			//browsing through prior pages to get the cookie for the new one
-			if($skipHandling) {
+			if ($skipHandling) {
 				return false;
 			}
 			// if count is bigger, then the server does not support
 			// paged search. Instead, he did a normal search. We set a
 			// flag here, so the callee knows how to deal with it.
-			if($iFoundItems <= $limit) {
+			if ($iFoundItems <= $limit) {
 				$this->pagedSearchedSuccessful = true;
 			}
 		} else {
-			if(!is_null($limit)) {
+			if (!is_null($limit)) {
 				\OCP\Util::writeLog('user_ldap', 'Paged search was not available', \OCP\Util::INFO);
 			}
 		}
@@ -1125,7 +1125,7 @@ 
 		\OCP\Util::writeLog('user_ldap', 'Count filter:  '.print_r($filter, true), \OCP\Util::DEBUG);
 
 		$limitPerPage = intval($this->connection->ldapPagingSize);
-		if(!is_null($limit) && $limit < $limitPerPage && $limit > 0) {
+		if (!is_null($limit) && $limit < $limitPerPage && $limit > 0) {
 			$limitPerPage = $limit;
 		}
 
@@ -1135,7 +1135,7 @@ 
 
 		do {
 			$search = $this->executeSearch($filter, $base, $attr, $limitPerPage, $offset);
-			if($search === false) {
+			if ($search === false) {
 				return $counter > 0 ? $counter : false;
 			}
 			list($sr, $pagedSearchOK) = $search;
@@ -1154,7 +1154,7 @@ 
 			 * Continue now depends on $hasMorePages value
 			 */
 			$continue = $pagedSearchOK && $hasMorePages;
-		} while($continue && (is_null($limit) || $limit <= 0 || $limit > $counter));
+		} while ($continue && (is_null($limit) || $limit <= 0 || $limit > $counter));
 
 		return $counter;
 	}
@@ -1166,7 +1166,7 @@ 
 	private function countEntriesInSearchResults($searchResults) {
 		$counter = 0;
 
-		foreach($searchResults as $res) {
+		foreach ($searchResults as $res) {
 			$count = intval($this->invokeLDAPMethod('countEntries', $this->connection->getConnectionResource(), $res));
 			$counter += $count;
 		}
@@ -1188,7 +1188,7 @@ 
 	 */
 	public function search($filter, $base, $attr = null, $limit = null, $offset = null, $skipHandling = false) {
 		$limitPerPage = intval($this->connection->ldapPagingSize);
-		if(!is_null($limit) && $limit < $limitPerPage && $limit > 0) {
+		if (!is_null($limit) && $limit < $limitPerPage && $limit > 0) {
 			$limitPerPage = $limit;
 		}
 
@@ -1202,13 +1202,13 @@ 
 		$savedoffset = $offset;
 		do {
 			$search = $this->executeSearch($filter, $base, $attr, $limitPerPage, $offset);
-			if($search === false) {
+			if ($search === false) {
 				return [];
 			}
 			list($sr, $pagedSearchOK) = $search;
 			$cr = $this->connection->getConnectionResource();
 
-			if($skipHandling) {
+			if ($skipHandling) {
 				//i.e. result do not need to be fetched, we just need the cookie
 				//thus pass 1 or any other value as $iFoundItems because it is not
 				//used
@@ -1219,7 +1219,7 @@ 
 			}
 
 			$iFoundItems = 0;
-			foreach($sr as $res) {
+			foreach ($sr as $res) {
 				$findings = array_merge($findings, $this->invokeLDAPMethod('getEntries', $cr, $res));
 				$iFoundItems = max($iFoundItems, $findings['count']);
 				unset($findings['count']);
@@ -1235,24 +1235,24 @@ 
 
 		// if we're here, probably no connection resource is returned.
 		// to make Nextcloud behave nicely, we simply give back an empty array.
-		if(is_null($findings)) {
+		if (is_null($findings)) {
 			return array();
 		}
 
-		if(!is_null($attr)) {
+		if (!is_null($attr)) {
 			$selection = [];
 			$i = 0;
-			foreach($findings as $item) {
-				if(!is_array($item)) {
+			foreach ($findings as $item) {
+				if (!is_array($item)) {
 					continue;
 				}
 				$item = \OCP\Util::mb_array_change_key_case($item, MB_CASE_LOWER, 'UTF-8');
-				foreach($attr as $key) {
-					if(isset($item[$key])) {
-						if(is_array($item[$key]) && isset($item[$key]['count'])) {
+				foreach ($attr as $key) {
+					if (isset($item[$key])) {
+						if (is_array($item[$key]) && isset($item[$key]['count'])) {
 							unset($item[$key]['count']);
 						}
-						if($key !== 'dn') {
+						if ($key !== 'dn') {
 							$selection[$i][$key] = $this->resemblesDN($key) ?
 								$this->helper->sanitizeDN($item[$key])
 								: $key === 'objectguid' || $key === 'guid' ?
@@ -1271,7 +1271,7 @@ 
 		//we slice the findings, when
 		//a) paged search unsuccessful, though attempted
 		//b) no paged search, but limit set
-		if((!$this->getPagedSearchResultState()
+		if ((!$this->getPagedSearchResultState()
 			&& $pagedSearchOK)
 			|| (
 				!$pagedSearchOK
@@ -1288,7 +1288,7 @@ 
 	 * @return bool|mixed|string
 	 */
 	public function sanitizeUsername($name) {
-		if($this->connection->ldapIgnoreNamingRules) {
+		if ($this->connection->ldapIgnoreNamingRules) {
 			return trim($name);
 		}
 
@@ -1313,13 +1313,13 @@ 
 	*/
 	public function escapeFilterPart($input, $allowAsterisk = false) {
 		$asterisk = '';
-		if($allowAsterisk && strlen($input) > 0 && $input[0] === '*') {
+		if ($allowAsterisk && strlen($input) > 0 && $input[0] === '*') {
 			$asterisk = '*';
 			$input = mb_substr($input, 1, null, 'UTF-8');
 		}
 		$search  = array('*', '\\', '(', ')');
 		$replace = array('\\*', '\\\\', '\\(', '\\)');
-		return $asterisk . str_replace($search, $replace, $input);
+		return $asterisk.str_replace($search, $replace, $input);
 	}
 
 	/**
@@ -1349,13 +1349,13 @@ 
 	 */
 	private function combineFilter($filters, $operator) {
 		$combinedFilter = '('.$operator;
-		foreach($filters as $filter) {
+		foreach ($filters as $filter) {
 			if ($filter !== '' && $filter[0] !== '(') {
 				$filter = '('.$filter.')';
 			}
-			$combinedFilter.=$filter;
+			$combinedFilter .= $filter;
 		}
-		$combinedFilter.=')';
+		$combinedFilter .= ')';
 		return $combinedFilter;
 	}
 
@@ -1391,17 +1391,17 @@ 
 	 * @throws \Exception
 	 */
 	private function getAdvancedFilterPartForSearch($search, $searchAttributes) {
-		if(!is_array($searchAttributes) || count($searchAttributes) < 2) {
+		if (!is_array($searchAttributes) || count($searchAttributes) < 2) {
 			throw new \Exception('searchAttributes must be an array with at least two string');
 		}
 		$searchWords = explode(' ', trim($search));
 		$wordFilters = array();
-		foreach($searchWords as $word) {
+		foreach ($searchWords as $word) {
 			$word = $this->prepareSearchTerm($word);
 			//every word needs to appear at least once
 			$wordMatchOneAttrFilters = array();
-			foreach($searchAttributes as $attr) {
-				$wordMatchOneAttrFilters[] = $attr . '=' . $word;
+			foreach ($searchAttributes as $attr) {
+				$wordMatchOneAttrFilters[] = $attr.'='.$word;
 			}
 			$wordFilters[] = $this->combineFilterWithOr($wordMatchOneAttrFilters);
 		}
@@ -1419,10 +1419,10 @@ 
 	private function getFilterPartForSearch($search, $searchAttributes, $fallbackAttribute) {
 		$filter = array();
 		$haveMultiSearchAttributes = (is_array($searchAttributes) && count($searchAttributes) > 0);
-		if($haveMultiSearchAttributes && strpos(trim($search), ' ') !== false) {
+		if ($haveMultiSearchAttributes && strpos(trim($search), ' ') !== false) {
 			try {
 				return $this->getAdvancedFilterPartForSearch($search, $searchAttributes);
-			} catch(\Exception $e) {
+			} catch (\Exception $e) {
 				\OCP\Util::writeLog(
 					'user_ldap',
 					'Creating advanced filter for search failed, falling back to simple method.',
@@ -1432,17 +1432,17 @@ 
 		}
 
 		$search = $this->prepareSearchTerm($search);
-		if(!is_array($searchAttributes) || count($searchAttributes) === 0) {
+		if (!is_array($searchAttributes) || count($searchAttributes) === 0) {
 			if ($fallbackAttribute === '') {
 				return '';
 			}
-			$filter[] = $fallbackAttribute . '=' . $search;
+			$filter[] = $fallbackAttribute.'='.$search;
 		} else {
-			foreach($searchAttributes as $attribute) {
-				$filter[] = $attribute . '=' . $search;
+			foreach ($searchAttributes as $attribute) {
+				$filter[] = $attribute.'='.$search;
 			}
 		}
-		if(count($filter) === 1) {
+		if (count($filter) === 1) {
 			return '('.$filter[0].')';
 		}
 		return $this->combineFilterWithOr($filter);
@@ -1463,7 +1463,7 @@ 
 		if ($term === '') {
 			$result = '*';
 		} else if ($allowEnum !== 'no') {
-			$result = $term . '*';
+			$result = $term.'*';
 		}
 		return $result;
 	}
@@ -1475,7 +1475,7 @@ 
 	public function getFilterForUserCount() {
 		$filter = $this->combineFilterWithAnd(array(
 			$this->connection->ldapUserFilter,
-			$this->connection->ldapUserDisplayName . '=*'
+			$this->connection->ldapUserDisplayName.'=*'
 		));
 
 		return $filter;
@@ -1493,7 +1493,7 @@ 
 			'ldapAgentName' => $name,
 			'ldapAgentPassword' => $password
 		);
-		if(!$testConnection->setConfiguration($credentials)) {
+		if (!$testConnection->setConfiguration($credentials)) {
 			return false;
 		}
 		return $testConnection->bind();
@@ -1515,30 +1515,30 @@ 
 			// Sacrebleu! The UUID attribute is unknown :( We need first an
 			// existing DN to be able to reliably detect it.
 			$result = $this->search($filter, $base, ['dn'], 1);
-			if(!isset($result[0]) || !isset($result[0]['dn'])) {
+			if (!isset($result[0]) || !isset($result[0]['dn'])) {
 				throw new \Exception('Cannot determine UUID attribute');
 			}
 			$dn = $result[0]['dn'][0];
-			if(!$this->detectUuidAttribute($dn, true)) {
+			if (!$this->detectUuidAttribute($dn, true)) {
 				throw new \Exception('Cannot determine UUID attribute');
 			}
 		} else {
 			// The UUID attribute is either known or an override is given.
 			// By calling this method we ensure that $this->connection->$uuidAttr
 			// is definitely set
-			if(!$this->detectUuidAttribute('', true)) {
+			if (!$this->detectUuidAttribute('', true)) {
 				throw new \Exception('Cannot determine UUID attribute');
 			}
 		}
 
 		$uuidAttr = $this->connection->ldapUuidUserAttribute;
-		if($uuidAttr === 'guid' || $uuidAttr === 'objectguid') {
+		if ($uuidAttr === 'guid' || $uuidAttr === 'objectguid') {
 			$uuid = $this->formatGuid2ForFilterUser($uuid);
 		}
 
-		$filter = $uuidAttr . '=' . $uuid;
+		$filter = $uuidAttr.'='.$uuid;
 		$result = $this->searchUsers($filter, ['dn'], 2);
-		if(is_array($result) && isset($result[0]) && isset($result[0]['dn']) && count($result) === 1) {
+		if (is_array($result) && isset($result[0]) && isset($result[0]['dn']) && count($result) === 1) {
 			// we put the count into account to make sure that this is
 			// really unique
 			return $result[0]['dn'][0];
@@ -1557,7 +1557,7 @@ 
 	 * @return bool true on success, false otherwise
 	 */
 	private function detectUuidAttribute($dn, $isUser = true, $force = false, array $ldapRecord = null) {
-		if($isUser) {
+		if ($isUser) {
 			$uuidAttr     = 'ldapUuidUserAttribute';
 			$uuidOverride = $this->connection->ldapExpertUUIDUserAttr;
 		} else {
@@ -1565,7 +1565,7 @@ 
 			$uuidOverride = $this->connection->ldapExpertUUIDGroupAttr;
 		}
 
-		if(($this->connection->$uuidAttr !== 'auto') && !$force) {
+		if (($this->connection->$uuidAttr !== 'auto') && !$force) {
 			return true;
 		}
 
@@ -1574,10 +1574,10 @@ 
 			return true;
 		}
 
-		foreach(self::UUID_ATTRIBUTES as $attribute) {
-			if($ldapRecord !== null) {
+		foreach (self::UUID_ATTRIBUTES as $attribute) {
+			if ($ldapRecord !== null) {
 				// we have the info from LDAP already, we don't need to talk to the server again
-				if(isset($ldapRecord[$attribute])) {
+				if (isset($ldapRecord[$attribute])) {
 					$this->connection->$uuidAttr = $attribute;
 					return true;
 				} else {
@@ -1586,7 +1586,7 @@ 
 			}
 
 			$value = $this->readAttribute($dn, $attribute);
-			if(is_array($value) && isset($value[0]) && !empty($value[0])) {
+			if (is_array($value) && isset($value[0]) && !empty($value[0])) {
 				\OCP\Util::writeLog('user_ldap',
 									'Setting '.$attribute.' as '.$uuidAttr,
 									\OCP\Util::DEBUG);
@@ -1608,7 +1608,7 @@ 
 	 * @return bool|string
 	 */
 	public function getUUID($dn, $isUser = true, $ldapRecord = null) {
-		if($isUser) {
+		if ($isUser) {
 			$uuidAttr     = 'ldapUuidUserAttribute';
 			$uuidOverride = $this->connection->ldapExpertUUIDUserAttr;
 		} else {
@@ -1617,10 +1617,10 @@ 
 		}
 
 		$uuid = false;
-		if($this->detectUuidAttribute($dn, $isUser, false, $ldapRecord)) {
+		if ($this->detectUuidAttribute($dn, $isUser, false, $ldapRecord)) {
 			$attr = $this->connection->$uuidAttr;
 			$uuid = isset($ldapRecord[$attr]) ? $ldapRecord[$attr] : $this->readAttribute($dn, $attr);
-			if( !is_array($uuid)
+			if (!is_array($uuid)
 				&& $uuidOverride !== ''
 				&& $this->detectUuidAttribute($dn, $isUser, true, $ldapRecord))
 			{
@@ -1628,7 +1628,7 @@ 
 					? $ldapRecord[$this->connection->$uuidAttr]
 					: $this->readAttribute($dn, $this->connection->$uuidAttr);
 			}
-			if(is_array($uuid) && isset($uuid[0]) && !empty($uuid[0])) {
+			if (is_array($uuid) && isset($uuid[0]) && !empty($uuid[0])) {
 				$uuid = $uuid[0];
 			}
 		}
@@ -1645,19 +1645,19 @@ 
 	private function convertObjectGUID2Str($oguid) {
 		$hex_guid = bin2hex($oguid);
 		$hex_guid_to_guid_str = '';
-		for($k = 1; $k <= 4; ++$k) {
+		for ($k = 1; $k <= 4; ++$k) {
 			$hex_guid_to_guid_str .= substr($hex_guid, 8 - 2 * $k, 2);
 		}
 		$hex_guid_to_guid_str .= '-';
-		for($k = 1; $k <= 2; ++$k) {
+		for ($k = 1; $k <= 2; ++$k) {
 			$hex_guid_to_guid_str .= substr($hex_guid, 12 - 2 * $k, 2);
 		}
 		$hex_guid_to_guid_str .= '-';
-		for($k = 1; $k <= 2; ++$k) {
+		for ($k = 1; $k <= 2; ++$k) {
 			$hex_guid_to_guid_str .= substr($hex_guid, 16 - 2 * $k, 2);
 		}
-		$hex_guid_to_guid_str .= '-' . substr($hex_guid, 16, 4);
-		$hex_guid_to_guid_str .= '-' . substr($hex_guid, 20);
+		$hex_guid_to_guid_str .= '-'.substr($hex_guid, 16, 4);
+		$hex_guid_to_guid_str .= '-'.substr($hex_guid, 20);
 
 		return strtoupper($hex_guid_to_guid_str);
 	}
@@ -1674,11 +1674,11 @@ 
 	 * @return string
 	 */
 	public function formatGuid2ForFilterUser($guid) {
-		if(!is_string($guid)) {
+		if (!is_string($guid)) {
 			throw new \InvalidArgumentException('String expected');
 		}
 		$blocks = explode('-', $guid);
-		if(count($blocks) !== 5) {
+		if (count($blocks) !== 5) {
 			/*
 			 * Why not throw an Exception instead? This method is a utility
 			 * called only when trying to figure out whether a "missing" known
@@ -1691,20 +1691,20 @@ 
 			 * user. Instead we write a log message.
 			 */
 			\OC::$server->getLogger()->info(
-				'Passed string does not resemble a valid GUID. Known UUID ' .
+				'Passed string does not resemble a valid GUID. Known UUID '.
 				'({uuid}) probably does not match UUID configuration.',
-				[ 'app' => 'user_ldap', 'uuid' => $guid ]
+				['app' => 'user_ldap', 'uuid' => $guid]
 			);
 			return $guid;
 		}
-		for($i=0; $i < 3; $i++) {
+		for ($i = 0; $i < 3; $i++) {
 			$pairs = str_split($blocks[$i], 2);
 			$pairs = array_reverse($pairs);
 			$blocks[$i] = implode('', $pairs);
 		}
-		for($i=0; $i < 5; $i++) {
+		for ($i = 0; $i < 5; $i++) {
 			$pairs = str_split($blocks[$i], 2);
-			$blocks[$i] = '\\' . implode('\\', $pairs);
+			$blocks[$i] = '\\'.implode('\\', $pairs);
 		}
 		return implode('', $blocks);
 	}
@@ -1718,12 +1718,12 @@ 
 		$domainDN = $this->getDomainDNFromDN($dn);
 		$cacheKey = 'getSID-'.$domainDN;
 		$sid = $this->connection->getFromCache($cacheKey);
-		if(!is_null($sid)) {
+		if (!is_null($sid)) {
 			return $sid;
 		}
 
 		$objectSid = $this->readAttribute($domainDN, 'objectsid');
-		if(!is_array($objectSid) || empty($objectSid)) {
+		if (!is_array($objectSid) || empty($objectSid)) {
 			$this->connection->writeToCache($cacheKey, false);
 			return false;
 		}
@@ -1781,12 +1781,12 @@ 
 		$belongsToBase = false;
 		$bases = $this->helper->sanitizeDN($bases);
 
-		foreach($bases as $base) {
+		foreach ($bases as $base) {
 			$belongsToBase = true;
-			if(mb_strripos($dn, $base, 0, 'UTF-8') !== (mb_strlen($dn, 'UTF-8')-mb_strlen($base, 'UTF-8'))) {
+			if (mb_strripos($dn, $base, 0, 'UTF-8') !== (mb_strlen($dn, 'UTF-8') - mb_strlen($base, 'UTF-8'))) {
 				$belongsToBase = false;
 			}
-			if($belongsToBase) {
+			if ($belongsToBase) {
 				break;
 			}
 		}
@@ -1797,7 +1797,7 @@ 
 	 * resets a running Paged Search operation
 	 */
 	private function abandonPagedSearch() {
-		if($this->connection->hasPagedResultSupport) {
+		if ($this->connection->hasPagedResultSupport) {
 			$cr = $this->connection->getConnectionResource();
 			$this->invokeLDAPMethod('controlPagedResult', $cr, 0, false, $this->lastCookie);
 			$this->getPagedSearchResultState();
@@ -1815,16 +1815,16 @@ 
 	 * @return string containing the key or empty if none is cached
 	 */
 	private function getPagedResultCookie($base, $filter, $limit, $offset) {
-		if($offset === 0) {
+		if ($offset === 0) {
 			return '';
 		}
 		$offset -= $limit;
 		//we work with cache here
-		$cacheKey = 'lc' . crc32($base) . '-' . crc32($filter) . '-' . intval($limit) . '-' . intval($offset);
+		$cacheKey = 'lc'.crc32($base).'-'.crc32($filter).'-'.intval($limit).'-'.intval($offset);
 		$cookie = '';
-		if(isset($this->cookies[$cacheKey])) {
+		if (isset($this->cookies[$cacheKey])) {
 			$cookie = $this->cookies[$cacheKey];
-			if(is_null($cookie)) {
+			if (is_null($cookie)) {
 				$cookie = '';
 			}
 		}
@@ -1842,11 +1842,11 @@ 
 	 * @return bool
 	 */
 	public function hasMoreResults() {
-		if(!$this->connection->hasPagedResultSupport) {
+		if (!$this->connection->hasPagedResultSupport) {
 			return false;
 		}
 
-		if(empty($this->lastCookie) && $this->lastCookie !== '0') {
+		if (empty($this->lastCookie) && $this->lastCookie !== '0') {
 			// as in RFC 2696, when all results are returned, the cookie will
 			// be empty.
 			return false;
@@ -1866,8 +1866,8 @@ 
 	 */
 	private function setPagedResultCookie($base, $filter, $limit, $offset, $cookie) {
 		// allow '0' for 389ds
-		if(!empty($cookie) || $cookie === '0') {
-			$cacheKey = 'lc' . crc32($base) . '-' . crc32($filter) . '-' .intval($limit) . '-' . intval($offset);
+		if (!empty($cookie) || $cookie === '0') {
+			$cacheKey = 'lc'.crc32($base).'-'.crc32($filter).'-'.intval($limit).'-'.intval($offset);
 			$this->cookies[$cacheKey] = $cookie;
 			$this->lastCookie = $cookie;
 		}
@@ -1894,22 +1894,22 @@ 
 	 */
 	private function initPagedSearch($filter, $bases, $attr, $limit, $offset) {
 		$pagedSearchOK = false;
-		if($this->connection->hasPagedResultSupport && ($limit !== 0)) {
+		if ($this->connection->hasPagedResultSupport && ($limit !== 0)) {
 			$offset = intval($offset); //can be null
 			\OCP\Util::writeLog('user_ldap',
 				'initializing paged search for  Filter '.$filter.' base '.print_r($bases, true)
-				.' attr '.print_r($attr, true). ' limit ' .$limit.' offset '.$offset,
+				.' attr '.print_r($attr, true).' limit '.$limit.' offset '.$offset,
 				\OCP\Util::DEBUG);
 			//get the cookie from the search for the previous search, required by LDAP
-			foreach($bases as $base) {
+			foreach ($bases as $base) {
 
 				$cookie = $this->getPagedResultCookie($base, $filter, $limit, $offset);
-				if(empty($cookie) && $cookie !== "0" && ($offset > 0)) {
+				if (empty($cookie) && $cookie !== "0" && ($offset > 0)) {
 					// no cookie known from a potential previous search. We need
 					// to start from 0 to come to the desired page. cookie value
 					// of '0' is valid, because 389ds
 					$reOffset = 0;
-					while($reOffset < $offset) {
+					while ($reOffset < $offset) {
 						$this->search($filter, array($base), $attr, $limit, $reOffset, true);
 						$reOffset += $limit;
 					}
@@ -1917,17 +1917,17 @@ 
 					//still no cookie? obviously, the server does not like us. Let's skip paging efforts.
 					// '0' is valid, because 389ds
 					//TODO: remember this, probably does not change in the next request...
-					if(empty($cookie) && $cookie !== '0') {
+					if (empty($cookie) && $cookie !== '0') {
 						$cookie = null;
 					}
 				}
-				if(!is_null($cookie)) {
+				if (!is_null($cookie)) {
 					//since offset = 0, this is a new search. We abandon other searches that might be ongoing.
 					$this->abandonPagedSearch();
 					$pagedSearchOK = $this->invokeLDAPMethod('controlPagedResult',
 						$this->connection->getConnectionResource(), $limit,
 						false, $cookie);
-					if(!$pagedSearchOK) {
+					if (!$pagedSearchOK) {
 						return false;
 					}
 					\OCP\Util::writeLog('user_ldap', 'Ready for a paged search', \OCP\Util::DEBUG);
@@ -1944,7 +1944,7 @@ 
 		 * So we added "&& !empty($this->lastCookie)" to this test to ignore pagination
 		 * if we don't have a previous paged search.
 		 */
-		} else if($this->connection->hasPagedResultSupport && $limit === 0 && !empty($this->lastCookie)) {
+		} else if ($this->connection->hasPagedResultSupport && $limit === 0 && !empty($this->lastCookie)) {
 			// a search without limit was requested. However, if we do use
 			// Paged Search once, we always must do it. This requires us to
 			// initialize it with the configured page size.