nextcloud / server

apps/user_ldap/lib/Access.php

Spacing +181 added lines, -181 removed lines

@@ -130,7 +130,7 @@ 
 	 * @return AbstractMapping
 	 */
 	public function getUserMapper() {
-		if(is_null($this->userMapper)) {
+		if (is_null($this->userMapper)) {
 			throw new \Exception('UserMapper was not assigned to this Access instance.');
 		}
 		return $this->userMapper;
@@ -150,7 +150,7 @@ 
 	 * @return AbstractMapping
 	 */
 	public function getGroupMapper() {
-		if(is_null($this->groupMapper)) {
+		if (is_null($this->groupMapper)) {
 			throw new \Exception('GroupMapper was not assigned to this Access instance.');
 		}
 		return $this->groupMapper;
@@ -183,14 +183,14 @@ 
 	 * @throws ServerNotAvailableException
 	 */
 	public function readAttribute($dn, $attr, $filter = 'objectClass=*') {
-		if(!$this->checkConnection()) {
+		if (!$this->checkConnection()) {
 			\OCP\Util::writeLog('user_ldap',
 				'No LDAP Connector assigned, access impossible for readAttribute.',
 				ILogger::WARN);
 			return false;
 		}
 		$cr = $this->connection->getConnectionResource();
-		if(!$this->ldap->isResource($cr)) {
+		if (!$this->ldap->isResource($cr)) {
 			//LDAP not available
 			\OCP\Util::writeLog('user_ldap', 'LDAP resource not available.', ILogger::DEBUG);
 			return false;
@@ -200,7 +200,7 @@ 
 		$this->abandonPagedSearch();
 		// openLDAP requires that we init a new Paged Search. Not needed by AD,
 		// but does not hurt either.
-		$pagingSize = (int)$this->connection->ldapPagingSize;
+		$pagingSize = (int) $this->connection->ldapPagingSize;
 		// 0 won't result in replies, small numbers may leave out groups
 		// (cf. #12306), 500 is default for paging and should work everywhere.
 		$maxResults = $pagingSize > 20 ? $pagingSize : 500;
@@ -213,7 +213,7 @@ 
 		$isRangeRequest = false;
 		do {
 			$result = $this->executeRead($cr, $dn, $attrToRead, $filter, $maxResults);
-			if(is_bool($result)) {
+			if (is_bool($result)) {
 				// when an exists request was run and it was successful, an empty
 				// array must be returned
 				return $result ? [] : false;
@@ -230,22 +230,22 @@ 
 			$result = $this->extractRangeData($result, $attr);
 			if (!empty($result)) {
 				$normalizedResult = $this->extractAttributeValuesFromResult(
-					[ $attr => $result['values'] ],
+					[$attr => $result['values']],
 					$attr
 				);
 				$values = array_merge($values, $normalizedResult);
 
-				if($result['rangeHigh'] === '*') {
+				if ($result['rangeHigh'] === '*') {
 					// when server replies with * as high range value, there are
 					// no more results left
 					return $values;
 				} else {
-					$low  = $result['rangeHigh'] + 1;
-					$attrToRead = $result['attributeName'] . ';range=' . $low . '-*';
+					$low = $result['rangeHigh'] + 1;
+					$attrToRead = $result['attributeName'].';range='.$low.'-*';
 					$isRangeRequest = true;
 				}
 			}
-		} while($isRangeRequest);
+		} while ($isRangeRequest);
 
 		\OCP\Util::writeLog('user_ldap', 'Requested attribute '.$attr.' not found for '.$dn, ILogger::DEBUG);
 		return false;
@@ -271,13 +271,13 @@ 
 		if (!$this->ldap->isResource($rr)) {
 			if ($attribute !== '') {
 				//do not throw this message on userExists check, irritates
-				\OCP\Util::writeLog('user_ldap', 'readAttribute failed for DN ' . $dn, ILogger::DEBUG);
+				\OCP\Util::writeLog('user_ldap', 'readAttribute failed for DN '.$dn, ILogger::DEBUG);
 			}
 			//in case an error occurs , e.g. object does not exist
 			return false;
 		}
 		if ($attribute === '' && ($filter === 'objectclass=*' || $this->invokeLDAPMethod('countEntries', $cr, $rr) === 1)) {
-			\OCP\Util::writeLog('user_ldap', 'readAttribute: ' . $dn . ' found', ILogger::DEBUG);
+			\OCP\Util::writeLog('user_ldap', 'readAttribute: '.$dn.' found', ILogger::DEBUG);
 			return true;
 		}
 		$er = $this->invokeLDAPMethod('firstEntry', $cr, $rr);
@@ -302,12 +302,12 @@ 
 	 */
 	public function extractAttributeValuesFromResult($result, $attribute) {
 		$values = [];
-		if(isset($result[$attribute]) && $result[$attribute]['count'] > 0) {
+		if (isset($result[$attribute]) && $result[$attribute]['count'] > 0) {
 			$lowercaseAttribute = strtolower($attribute);
-			for($i=0;$i<$result[$attribute]['count'];$i++) {
-				if($this->resemblesDN($attribute)) {
+			for ($i = 0; $i < $result[$attribute]['count']; $i++) {
+				if ($this->resemblesDN($attribute)) {
 					$values[] = $this->helper->sanitizeDN($result[$attribute][$i]);
-				} elseif($lowercaseAttribute === 'objectguid' || $lowercaseAttribute === 'guid') {
+				} elseif ($lowercaseAttribute === 'objectguid' || $lowercaseAttribute === 'guid') {
 					$values[] = $this->convertObjectGUID2Str($result[$attribute][$i]);
 				} else {
 					$values[] = $result[$attribute][$i];
@@ -329,10 +329,10 @@ 
 	 */
 	public function extractRangeData($result, $attribute) {
 		$keys = array_keys($result);
-		foreach($keys as $key) {
-			if($key !== $attribute && strpos($key, $attribute) === 0) {
+		foreach ($keys as $key) {
+			if ($key !== $attribute && strpos($key, $attribute) === 0) {
 				$queryData = explode(';', $key);
-				if(strpos($queryData[1], 'range=') === 0) {
+				if (strpos($queryData[1], 'range=') === 0) {
 					$high = substr($queryData[1], 1 + strpos($queryData[1], '-'));
 					$data = [
 						'values' => $result[$key],
@@ -357,18 +357,18 @@ 
 	 * @throws \Exception
 	 */
 	public function setPassword($userDN, $password) {
-		if((int)$this->connection->turnOnPasswordChange !== 1) {
+		if ((int) $this->connection->turnOnPasswordChange !== 1) {
 			throw new \Exception('LDAP password changes are disabled.');
 		}
 		$cr = $this->connection->getConnectionResource();
-		if(!$this->ldap->isResource($cr)) {
+		if (!$this->ldap->isResource($cr)) {
 			//LDAP not available
 			\OCP\Util::writeLog('user_ldap', 'LDAP resource not available.', ILogger::DEBUG);
 			return false;
 		}
 		try {
 			return @$this->invokeLDAPMethod('modReplace', $cr, $userDN, $password);
-		} catch(ConstraintViolationException $e) {
+		} catch (ConstraintViolationException $e) {
 			throw new HintException('Password change rejected.', \OC::$server->getL10N('user_ldap')->t('Password change rejected. Hint: ').$e->getMessage(), $e->getCode());
 		}
 	}
@@ -410,17 +410,17 @@ 
 	 */
 	public function getDomainDNFromDN($dn) {
 		$allParts = $this->ldap->explodeDN($dn, 0);
-		if($allParts === false) {
+		if ($allParts === false) {
 			//not a valid DN
 			return '';
 		}
 		$domainParts = array();
 		$dcFound = false;
-		foreach($allParts as $part) {
-			if(!$dcFound && strpos($part, 'dc=') === 0) {
+		foreach ($allParts as $part) {
+			if (!$dcFound && strpos($part, 'dc=') === 0) {
 				$dcFound = true;
 			}
-			if($dcFound) {
+			if ($dcFound) {
 				$domainParts[] = $part;
 			}
 		}
@@ -446,7 +446,7 @@ 
 
 		//Check whether the DN belongs to the Base, to avoid issues on multi-
 		//server setups
-		if(is_string($fdn) && $this->isDNPartOfBase($fdn, $this->connection->ldapBaseUsers)) {
+		if (is_string($fdn) && $this->isDNPartOfBase($fdn, $this->connection->ldapBaseUsers)) {
 			return $fdn;
 		}
 
@@ -463,7 +463,7 @@ 
 		//To avoid bypassing the base DN settings under certain circumstances
 		//with the group support, check whether the provided DN matches one of
 		//the given Bases
-		if(!$this->isDNPartOfBase($fdn, $this->connection->ldapBaseGroups)) {
+		if (!$this->isDNPartOfBase($fdn, $this->connection->ldapBaseGroups)) {
 			return false;
 		}
 
@@ -481,11 +481,11 @@ 
 	 */
 	public function groupsMatchFilter($groupDNs) {
 		$validGroupDNs = [];
-		foreach($groupDNs as $dn) {
+		foreach ($groupDNs as $dn) {
 			$cacheKey = 'groupsMatchFilter-'.$dn;
 			$groupMatchFilter = $this->connection->getFromCache($cacheKey);
-			if(!is_null($groupMatchFilter)) {
-				if($groupMatchFilter) {
+			if (!is_null($groupMatchFilter)) {
+				if ($groupMatchFilter) {
 					$validGroupDNs[] = $dn;
 				}
 				continue;
@@ -493,13 +493,13 @@ 
 
 			// Check the base DN first. If this is not met already, we don't
 			// need to ask the server at all.
-			if(!$this->isDNPartOfBase($dn, $this->connection->ldapBaseGroups)) {
+			if (!$this->isDNPartOfBase($dn, $this->connection->ldapBaseGroups)) {
 				$this->connection->writeToCache($cacheKey, false);
 				continue;
 			}
 
 			$result = $this->readAttribute($dn, '', $this->connection->ldapGroupFilter);
-			if(is_array($result)) {
+			if (is_array($result)) {
 				$this->connection->writeToCache($cacheKey, true);
 				$validGroupDNs[] = $dn;
 			} else {
@@ -520,7 +520,7 @@ 
 		//To avoid bypassing the base DN settings under certain circumstances
 		//with the group support, check whether the provided DN matches one of
 		//the given Bases
-		if(!$this->isDNPartOfBase($fdn, $this->connection->ldapBaseUsers)) {
+		if (!$this->isDNPartOfBase($fdn, $this->connection->ldapBaseUsers)) {
 			return false;
 		}
 
@@ -540,7 +540,7 @@ 
 	 */
 	public function dn2ocname($fdn, $ldapName = null, $isUser = true, &$newlyMapped = null, array $record = null) {
 		$newlyMapped = false;
-		if($isUser) {
+		if ($isUser) {
 			$mapper = $this->getUserMapper();
 			$nameAttribute = $this->connection->ldapUserDisplayName;
 			$filter = $this->connection->ldapUserFilter;
@@ -552,15 +552,15 @@ 
 
 		//let's try to retrieve the Nextcloud name from the mappings table
 		$ncName = $mapper->getNameByDN($fdn);
-		if(is_string($ncName)) {
+		if (is_string($ncName)) {
 			return $ncName;
 		}
 
 		//second try: get the UUID and check if it is known. Then, update the DN and return the name.
 		$uuid = $this->getUUID($fdn, $isUser, $record);
-		if(is_string($uuid)) {
+		if (is_string($uuid)) {
 			$ncName = $mapper->getNameByUUID($uuid);
-			if(is_string($ncName)) {
+			if (is_string($ncName)) {
 				$mapper->setDNbyUUID($fdn, $uuid);
 				return $ncName;
 			}
@@ -570,17 +570,17 @@ 
 			return false;
 		}
 
-		if(is_null($ldapName)) {
+		if (is_null($ldapName)) {
 			$ldapName = $this->readAttribute($fdn, $nameAttribute, $filter);
-			if(!isset($ldapName[0]) && empty($ldapName[0])) {
+			if (!isset($ldapName[0]) && empty($ldapName[0])) {
 				\OCP\Util::writeLog('user_ldap', 'No or empty name for '.$fdn.' with filter '.$filter.'.', ILogger::INFO);
 				return false;
 			}
 			$ldapName = $ldapName[0];
 		}
 
-		if($isUser) {
-			$usernameAttribute = (string)$this->connection->ldapExpertUsernameAttr;
+		if ($isUser) {
+			$usernameAttribute = (string) $this->connection->ldapExpertUsernameAttr;
 			if ($usernameAttribute !== '') {
 				$username = $this->readAttribute($fdn, $usernameAttribute);
 				$username = $username[0];
@@ -610,11 +610,11 @@ 
 		// outside of core user management will still cache the user as non-existing.
 		$originalTTL = $this->connection->ldapCacheTTL;
 		$this->connection->setConfiguration(['ldapCacheTTL' => 0]);
-		if(($isUser && $intName !== '' && !$this->ncUserManager->userExists($intName))
+		if (($isUser && $intName !== '' && !$this->ncUserManager->userExists($intName))
 			|| (!$isUser && !\OC::$server->getGroupManager()->groupExists($intName))) {
-			if($mapper->map($fdn, $intName, $uuid)) {
+			if ($mapper->map($fdn, $intName, $uuid)) {
 				$this->connection->setConfiguration(['ldapCacheTTL' => $originalTTL]);
-				if($this->ncUserManager instanceof PublicEmitter && $isUser) {
+				if ($this->ncUserManager instanceof PublicEmitter && $isUser) {
 					$this->ncUserManager->emit('\OC\User', 'assignedUserId', [$intName]);
 				}
 				$newlyMapped = true;
@@ -624,8 +624,8 @@ 
 		$this->connection->setConfiguration(['ldapCacheTTL' => $originalTTL]);
 
 		$altName = $this->createAltInternalOwnCloudName($intName, $isUser);
-		if(is_string($altName) && $mapper->map($fdn, $altName, $uuid)) {
-			if($this->ncUserManager instanceof PublicEmitter && $isUser) {
+		if (is_string($altName) && $mapper->map($fdn, $altName, $uuid)) {
+			if ($this->ncUserManager instanceof PublicEmitter && $isUser) {
 				$this->ncUserManager->emit('\OC\User', 'assignedUserId', [$intName]);
 			}
 			$newlyMapped = true;
@@ -666,7 +666,7 @@ 
 	 * @throws \Exception
 	 */
 	private function ldap2NextcloudNames($ldapObjects, $isUsers) {
-		if($isUsers) {
+		if ($isUsers) {
 			$nameAttribute = $this->connection->ldapUserDisplayName;
 			$sndAttribute  = $this->connection->ldapUserDisplayName2;
 		} else {
@@ -674,9 +674,9 @@ 
 		}
 		$nextcloudNames = [];
 
-		foreach($ldapObjects as $ldapObject) {
+		foreach ($ldapObjects as $ldapObject) {
 			$nameByLDAP = null;
-			if(    isset($ldapObject[$nameAttribute])
+			if (isset($ldapObject[$nameAttribute])
 				&& is_array($ldapObject[$nameAttribute])
 				&& isset($ldapObject[$nameAttribute][0])
 			) {
@@ -685,13 +685,13 @@ 
 			}
 
 			$ncName = $this->dn2ocname($ldapObject['dn'][0], $nameByLDAP, $isUsers);
-			if($ncName) {
+			if ($ncName) {
 				$nextcloudNames[] = $ncName;
-				if($isUsers) {
+				if ($isUsers) {
 					$this->updateUserState($ncName);
 					//cache the user names so it does not need to be retrieved
 					//again later (e.g. sharing dialogue).
-					if(is_null($nameByLDAP)) {
+					if (is_null($nameByLDAP)) {
 						continue;
 					}
 					$sndName = isset($ldapObject[$sndAttribute][0])
@@ -711,7 +711,7 @@ 
 	 */
 	public function updateUserState($ncname) {
 		$user = $this->userManager->get($ncname);
-		if($user instanceof OfflineUser) {
+		if ($user instanceof OfflineUser) {
 			$user->unmark();
 		}
 	}
@@ -742,7 +742,7 @@ 
 	 */
 	public function cacheUserDisplayName($ocName, $displayName, $displayName2 = '') {
 		$user = $this->userManager->get($ocName);
-		if($user === null) {
+		if ($user === null) {
 			return;
 		}
 		$displayName = $user->composeAndStoreDisplayName($displayName, $displayName2);
@@ -762,9 +762,9 @@ 
 		$attempts = 0;
 		//while loop is just a precaution. If a name is not generated within
 		//20 attempts, something else is very wrong. Avoids infinite loop.
-		while($attempts < 20){
-			$altName = $name . '_' . rand(1000,9999);
-			if(!$this->ncUserManager->userExists($altName)) {
+		while ($attempts < 20) {
+			$altName = $name.'_'.rand(1000, 9999);
+			if (!$this->ncUserManager->userExists($altName)) {
 				return $altName;
 			}
 			$attempts++;
@@ -786,25 +786,25 @@ 
 	 */
 	private function _createAltInternalOwnCloudNameForGroups($name) {
 		$usedNames = $this->groupMapper->getNamesBySearch($name, "", '_%');
-		if(!$usedNames || count($usedNames) === 0) {
+		if (!$usedNames || count($usedNames) === 0) {
 			$lastNo = 1; //will become name_2
 		} else {
 			natsort($usedNames);
 			$lastName = array_pop($usedNames);
-			$lastNo = (int)substr($lastName, strrpos($lastName, '_') + 1);
+			$lastNo = (int) substr($lastName, strrpos($lastName, '_') + 1);
 		}
-		$altName = $name.'_'. (string)($lastNo+1);
+		$altName = $name.'_'.(string) ($lastNo + 1);
 		unset($usedNames);
 
 		$attempts = 1;
-		while($attempts < 21){
+		while ($attempts < 21) {
 			// Check to be really sure it is unique
 			// while loop is just a precaution. If a name is not generated within
 			// 20 attempts, something else is very wrong. Avoids infinite loop.
-			if(!\OC::$server->getGroupManager()->groupExists($altName)) {
+			if (!\OC::$server->getGroupManager()->groupExists($altName)) {
 				return $altName;
 			}
-			$altName = $name . '_' . ($lastNo + $attempts);
+			$altName = $name.'_'.($lastNo + $attempts);
 			$attempts++;
 		}
 		return false;
@@ -819,7 +819,7 @@ 
 	private function createAltInternalOwnCloudName($name, $isUser) {
 		$originalTTL = $this->connection->ldapCacheTTL;
 		$this->connection->setConfiguration(array('ldapCacheTTL' => 0));
-		if($isUser) {
+		if ($isUser) {
 			$altName = $this->_createAltInternalOwnCloudNameForUsers($name);
 		} else {
 			$altName = $this->_createAltInternalOwnCloudNameForGroups($name);
@@ -867,13 +867,13 @@ 
 	public function fetchListOfUsers($filter, $attr, $limit = null, $offset = null, $forceApplyAttributes = false) {
 		$ldapRecords = $this->searchUsers($filter, $attr, $limit, $offset);
 		$recordsToUpdate = $ldapRecords;
-		if(!$forceApplyAttributes) {
+		if (!$forceApplyAttributes) {
 			$isBackgroundJobModeAjax = $this->config
 					->getAppValue('core', 'backgroundjobs_mode', 'ajax') === 'ajax';
 			$recordsToUpdate = array_filter($ldapRecords, function($record) use ($isBackgroundJobModeAjax) {
 				$newlyMapped = false;
 				$uid = $this->dn2ocname($record['dn'][0], null, true, $newlyMapped, $record);
-				if(is_string($uid)) {
+				if (is_string($uid)) {
 					$this->cacheUserExists($uid);
 				}
 				return ($uid !== false) && ($newlyMapped || $isBackgroundJobModeAjax);
@@ -891,15 +891,15 @@ 
 	 * @param array $ldapRecords
 	 * @throws \Exception
 	 */
-	public function batchApplyUserAttributes(array $ldapRecords){
+	public function batchApplyUserAttributes(array $ldapRecords) {
 		$displayNameAttribute = strtolower($this->connection->ldapUserDisplayName);
-		foreach($ldapRecords as $userRecord) {
-			if(!isset($userRecord[$displayNameAttribute])) {
+		foreach ($ldapRecords as $userRecord) {
+			if (!isset($userRecord[$displayNameAttribute])) {
 				// displayName is obligatory
 				continue;
 			}
-			$ocName  = $this->dn2ocname($userRecord['dn'][0], null, true);
-			if($ocName === false) {
+			$ocName = $this->dn2ocname($userRecord['dn'][0], null, true);
+			if ($ocName === false) {
 				continue;
 			}
 			$this->updateUserState($ocName);
@@ -932,8 +932,8 @@ 
 	 * @return array
 	 */
 	private function fetchList($list, $manyAttributes) {
-		if(is_array($list)) {
-			if($manyAttributes) {
+		if (is_array($list)) {
+			if ($manyAttributes) {
 				return $list;
 			} else {
 				$list = array_reduce($list, function($carry, $item) {
@@ -1031,7 +1031,7 @@ 
 		// php no longer supports call-time pass-by-reference
 		// thus cannot support controlPagedResultResponse as the third argument
 		// is a reference
-		$doMethod = function () use ($command, &$arguments) {
+		$doMethod = function() use ($command, &$arguments) {
 			if ($command == 'controlPagedResultResponse') {
 				throw new \InvalidArgumentException('Invoker does not support controlPagedResultResponse, call LDAP Wrapper directly instead.');
 			} else {
@@ -1049,7 +1049,7 @@ 
 			$this->connection->resetConnectionResource();
 			$cr = $this->connection->getConnectionResource();
 
-			if(!$this->ldap->isResource($cr)) {
+			if (!$this->ldap->isResource($cr)) {
 				// Seems like we didn't find any resource.
 				\OCP\Util::writeLog('user_ldap', "Could not $command, because resource is missing.", ILogger::DEBUG);
 				throw $e;
@@ -1074,13 +1074,13 @@ 
 	 * @throws ServerNotAvailableException
 	 */
 	private function executeSearch($filter, $base, &$attr = null, $limit = null, $offset = null) {
-		if(!is_null($attr) && !is_array($attr)) {
+		if (!is_null($attr) && !is_array($attr)) {
 			$attr = array(mb_strtolower($attr, 'UTF-8'));
 		}
 
 		// See if we have a resource, in case not cancel with message
 		$cr = $this->connection->getConnectionResource();
-		if(!$this->ldap->isResource($cr)) {
+		if (!$this->ldap->isResource($cr)) {
 			// Seems like we didn't find any resource.
 			// Return an empty array just like before.
 			\OCP\Util::writeLog('user_ldap', 'Could not search, because resource is missing.', ILogger::DEBUG);
@@ -1088,13 +1088,13 @@ 
 		}
 
 		//check whether paged search should be attempted
-		$pagedSearchOK = $this->initPagedSearch($filter, $base, $attr, (int)$limit, $offset);
+		$pagedSearchOK = $this->initPagedSearch($filter, $base, $attr, (int) $limit, $offset);
 
 		$linkResources = array_pad(array(), count($base), $cr);
 		$sr = $this->invokeLDAPMethod('search', $linkResources, $base, $filter, $attr);
 		// cannot use $cr anymore, might have changed in the previous call!
 		$error = $this->ldap->errno($this->connection->getConnectionResource());
-		if(!is_array($sr) || $error !== 0) {
+		if (!is_array($sr) || $error !== 0) {
 			\OCP\Util::writeLog('user_ldap', 'Attempt for Paging?  '.print_r($pagedSearchOK, true), ILogger::ERROR);
 			return false;
 		}
@@ -1117,29 +1117,29 @@ 
 	 */
 	private function processPagedSearchStatus($sr, $filter, $base, $iFoundItems, $limit, $offset, $pagedSearchOK, $skipHandling) {
 		$cookie = null;
-		if($pagedSearchOK) {
+		if ($pagedSearchOK) {
 			$cr = $this->connection->getConnectionResource();
-			foreach($sr as $key => $res) {
-				if($this->ldap->controlPagedResultResponse($cr, $res, $cookie)) {
+			foreach ($sr as $key => $res) {
+				if ($this->ldap->controlPagedResultResponse($cr, $res, $cookie)) {
 					$this->setPagedResultCookie($base[$key], $filter, $limit, $offset, $cookie);
 				}
 			}
 
 			//browsing through prior pages to get the cookie for the new one
-			if($skipHandling) {
+			if ($skipHandling) {
 				return false;
 			}
 			// if count is bigger, then the server does not support
 			// paged search. Instead, he did a normal search. We set a
 			// flag here, so the callee knows how to deal with it.
-			if($iFoundItems <= $limit) {
+			if ($iFoundItems <= $limit) {
 				$this->pagedSearchedSuccessful = true;
 			}
 		} else {
-			if(!is_null($limit) && (int)$this->connection->ldapPagingSize !== 0) {
+			if (!is_null($limit) && (int) $this->connection->ldapPagingSize !== 0) {
 				\OC::$server->getLogger()->debug(
 					'Paged search was not available',
-					[ 'app' => 'user_ldap' ]
+					['app' => 'user_ldap']
 				);
 			}
 		}
@@ -1168,8 +1168,8 @@ 
 	private function count($filter, $base, $attr = null, $limit = null, $offset = null, $skipHandling = false) {
 		\OCP\Util::writeLog('user_ldap', 'Count filter:  '.print_r($filter, true), ILogger::DEBUG);
 
-		$limitPerPage = (int)$this->connection->ldapPagingSize;
-		if(!is_null($limit) && $limit < $limitPerPage && $limit > 0) {
+		$limitPerPage = (int) $this->connection->ldapPagingSize;
+		if (!is_null($limit) && $limit < $limitPerPage && $limit > 0) {
 			$limitPerPage = $limit;
 		}
 
@@ -1179,7 +1179,7 @@ 
 
 		do {
 			$search = $this->executeSearch($filter, $base, $attr, $limitPerPage, $offset);
-			if($search === false) {
+			if ($search === false) {
 				return $counter > 0 ? $counter : false;
 			}
 			list($sr, $pagedSearchOK) = $search;
@@ -1198,7 +1198,7 @@ 
 			 * Continue now depends on $hasMorePages value
 			 */
 			$continue = $pagedSearchOK && $hasMorePages;
-		} while($continue && (is_null($limit) || $limit <= 0 || $limit > $counter));
+		} while ($continue && (is_null($limit) || $limit <= 0 || $limit > $counter));
 
 		return $counter;
 	}
@@ -1210,8 +1210,8 @@ 
 	private function countEntriesInSearchResults($searchResults) {
 		$counter = 0;
 
-		foreach($searchResults as $res) {
-			$count = (int)$this->invokeLDAPMethod('countEntries', $this->connection->getConnectionResource(), $res);
+		foreach ($searchResults as $res) {
+			$count = (int) $this->invokeLDAPMethod('countEntries', $this->connection->getConnectionResource(), $res);
 			$counter += $count;
 		}
 
@@ -1231,8 +1231,8 @@ 
 	 * @throws ServerNotAvailableException
 	 */
 	public function search($filter, $base, $attr = null, $limit = null, $offset = null, $skipHandling = false) {
-		$limitPerPage = (int)$this->connection->ldapPagingSize;
-		if(!is_null($limit) && $limit < $limitPerPage && $limit > 0) {
+		$limitPerPage = (int) $this->connection->ldapPagingSize;
+		if (!is_null($limit) && $limit < $limitPerPage && $limit > 0) {
 			$limitPerPage = $limit;
 		}
 
@@ -1246,13 +1246,13 @@ 
 		$savedoffset = $offset;
 		do {
 			$search = $this->executeSearch($filter, $base, $attr, $limitPerPage, $offset);
-			if($search === false) {
+			if ($search === false) {
 				return [];
 			}
 			list($sr, $pagedSearchOK) = $search;
 			$cr = $this->connection->getConnectionResource();
 
-			if($skipHandling) {
+			if ($skipHandling) {
 				//i.e. result do not need to be fetched, we just need the cookie
 				//thus pass 1 or any other value as $iFoundItems because it is not
 				//used
@@ -1263,7 +1263,7 @@ 
 			}
 
 			$iFoundItems = 0;
-			foreach($sr as $res) {
+			foreach ($sr as $res) {
 				$findings = array_merge($findings, $this->invokeLDAPMethod('getEntries', $cr, $res));
 				$iFoundItems = max($iFoundItems, $findings['count']);
 				unset($findings['count']);
@@ -1279,27 +1279,27 @@ 
 
 		// if we're here, probably no connection resource is returned.
 		// to make Nextcloud behave nicely, we simply give back an empty array.
-		if(is_null($findings)) {
+		if (is_null($findings)) {
 			return array();
 		}
 
-		if(!is_null($attr)) {
+		if (!is_null($attr)) {
 			$selection = [];
 			$i = 0;
-			foreach($findings as $item) {
-				if(!is_array($item)) {
+			foreach ($findings as $item) {
+				if (!is_array($item)) {
 					continue;
 				}
 				$item = \OCP\Util::mb_array_change_key_case($item, MB_CASE_LOWER, 'UTF-8');
-				foreach($attr as $key) {
-					if(isset($item[$key])) {
-						if(is_array($item[$key]) && isset($item[$key]['count'])) {
+				foreach ($attr as $key) {
+					if (isset($item[$key])) {
+						if (is_array($item[$key]) && isset($item[$key]['count'])) {
 							unset($item[$key]['count']);
 						}
-						if($key !== 'dn') {
-							if($this->resemblesDN($key)) {
+						if ($key !== 'dn') {
+							if ($this->resemblesDN($key)) {
 								$selection[$i][$key] = $this->helper->sanitizeDN($item[$key]);
-							} else if($key === 'objectguid' || $key === 'guid') {
+							} else if ($key === 'objectguid' || $key === 'guid') {
 								$selection[$i][$key] = [$this->convertObjectGUID2Str($item[$key][0])];
 							} else {
 								$selection[$i][$key] = $item[$key];
@@ -1317,14 +1317,14 @@ 
 		//we slice the findings, when
 		//a) paged search unsuccessful, though attempted
 		//b) no paged search, but limit set
-		if((!$this->getPagedSearchResultState()
+		if ((!$this->getPagedSearchResultState()
 			&& $pagedSearchOK)
 			|| (
 				!$pagedSearchOK
 				&& !is_null($limit)
 			)
 		) {
-			$findings = array_slice($findings, (int)$offset, $limit);
+			$findings = array_slice($findings, (int) $offset, $limit);
 		}
 		return $findings;
 	}
@@ -1337,13 +1337,13 @@ 
 	public function sanitizeUsername($name) {
 		$name = trim($name);
 
-		if($this->connection->ldapIgnoreNamingRules) {
+		if ($this->connection->ldapIgnoreNamingRules) {
 			return $name;
 		}
 
 		// Transliteration to ASCII
 		$transliterated = @iconv('UTF-8', 'ASCII//TRANSLIT', $name);
-		if($transliterated !== false) {
+		if ($transliterated !== false) {
 			// depending on system config iconv can work or not
 			$name = $transliterated;
 		}
@@ -1354,7 +1354,7 @@ 
 		// Every remaining disallowed characters will be removed
 		$name = preg_replace('/[^a-zA-Z0-9_.@-]/u', '', $name);
 
-		if($name === '') {
+		if ($name === '') {
 			throw new \InvalidArgumentException('provided name template for username does not contain any allowed characters');
 		}
 
@@ -1369,13 +1369,13 @@ 
 	*/
 	public function escapeFilterPart($input, $allowAsterisk = false) {
 		$asterisk = '';
-		if($allowAsterisk && strlen($input) > 0 && $input[0] === '*') {
+		if ($allowAsterisk && strlen($input) > 0 && $input[0] === '*') {
 			$asterisk = '*';
 			$input = mb_substr($input, 1, null, 'UTF-8');
 		}
 		$search  = array('*', '\\', '(', ')');
 		$replace = array('\\*', '\\\\', '\\(', '\\)');
-		return $asterisk . str_replace($search, $replace, $input);
+		return $asterisk.str_replace($search, $replace, $input);
 	}
 
 	/**
@@ -1405,13 +1405,13 @@ 
 	 */
 	private function combineFilter($filters, $operator) {
 		$combinedFilter = '('.$operator;
-		foreach($filters as $filter) {
+		foreach ($filters as $filter) {
 			if ($filter !== '' && $filter[0] !== '(') {
 				$filter = '('.$filter.')';
 			}
-			$combinedFilter.=$filter;
+			$combinedFilter .= $filter;
 		}
-		$combinedFilter.=')';
+		$combinedFilter .= ')';
 		return $combinedFilter;
 	}
 
@@ -1447,17 +1447,17 @@ 
 	 * @throws \Exception
 	 */
 	private function getAdvancedFilterPartForSearch($search, $searchAttributes) {
-		if(!is_array($searchAttributes) || count($searchAttributes) < 2) {
+		if (!is_array($searchAttributes) || count($searchAttributes) < 2) {
 			throw new \Exception('searchAttributes must be an array with at least two string');
 		}
 		$searchWords = explode(' ', trim($search));
 		$wordFilters = array();
-		foreach($searchWords as $word) {
+		foreach ($searchWords as $word) {
 			$word = $this->prepareSearchTerm($word);
 			//every word needs to appear at least once
 			$wordMatchOneAttrFilters = array();
-			foreach($searchAttributes as $attr) {
-				$wordMatchOneAttrFilters[] = $attr . '=' . $word;
+			foreach ($searchAttributes as $attr) {
+				$wordMatchOneAttrFilters[] = $attr.'='.$word;
 			}
 			$wordFilters[] = $this->combineFilterWithOr($wordMatchOneAttrFilters);
 		}
@@ -1475,10 +1475,10 @@ 
 	private function getFilterPartForSearch($search, $searchAttributes, $fallbackAttribute) {
 		$filter = array();
 		$haveMultiSearchAttributes = (is_array($searchAttributes) && count($searchAttributes) > 0);
-		if($haveMultiSearchAttributes && strpos(trim($search), ' ') !== false) {
+		if ($haveMultiSearchAttributes && strpos(trim($search), ' ') !== false) {
 			try {
 				return $this->getAdvancedFilterPartForSearch($search, $searchAttributes);
-			} catch(\Exception $e) {
+			} catch (\Exception $e) {
 				\OCP\Util::writeLog(
 					'user_ldap',
 					'Creating advanced filter for search failed, falling back to simple method.',
@@ -1488,17 +1488,17 @@ 
 		}
 
 		$search = $this->prepareSearchTerm($search);
-		if(!is_array($searchAttributes) || count($searchAttributes) === 0) {
+		if (!is_array($searchAttributes) || count($searchAttributes) === 0) {
 			if ($fallbackAttribute === '') {
 				return '';
 			}
-			$filter[] = $fallbackAttribute . '=' . $search;
+			$filter[] = $fallbackAttribute.'='.$search;
 		} else {
-			foreach($searchAttributes as $attribute) {
-				$filter[] = $attribute . '=' . $search;
+			foreach ($searchAttributes as $attribute) {
+				$filter[] = $attribute.'='.$search;
 			}
 		}
-		if(count($filter) === 1) {
+		if (count($filter) === 1) {
 			return '('.$filter[0].')';
 		}
 		return $this->combineFilterWithOr($filter);
@@ -1519,7 +1519,7 @@ 
 		if ($term === '') {
 			$result = '*';
 		} else if ($allowEnum !== 'no') {
-			$result = $term . '*';
+			$result = $term.'*';
 		}
 		return $result;
 	}
@@ -1531,7 +1531,7 @@ 
 	public function getFilterForUserCount() {
 		$filter = $this->combineFilterWithAnd(array(
 			$this->connection->ldapUserFilter,
-			$this->connection->ldapUserDisplayName . '=*'
+			$this->connection->ldapUserDisplayName.'=*'
 		));
 
 		return $filter;
@@ -1549,7 +1549,7 @@ 
 			'ldapAgentName' => $name,
 			'ldapAgentPassword' => $password
 		);
-		if(!$testConnection->setConfiguration($credentials)) {
+		if (!$testConnection->setConfiguration($credentials)) {
 			return false;
 		}
 		return $testConnection->bind();
@@ -1571,30 +1571,30 @@ 
 			// Sacrebleu! The UUID attribute is unknown :( We need first an
 			// existing DN to be able to reliably detect it.
 			$result = $this->search($filter, $base, ['dn'], 1);
-			if(!isset($result[0]) || !isset($result[0]['dn'])) {
+			if (!isset($result[0]) || !isset($result[0]['dn'])) {
 				throw new \Exception('Cannot determine UUID attribute');
 			}
 			$dn = $result[0]['dn'][0];
-			if(!$this->detectUuidAttribute($dn, true)) {
+			if (!$this->detectUuidAttribute($dn, true)) {
 				throw new \Exception('Cannot determine UUID attribute');
 			}
 		} else {
 			// The UUID attribute is either known or an override is given.
 			// By calling this method we ensure that $this->connection->$uuidAttr
 			// is definitely set
-			if(!$this->detectUuidAttribute('', true)) {
+			if (!$this->detectUuidAttribute('', true)) {
 				throw new \Exception('Cannot determine UUID attribute');
 			}
 		}
 
 		$uuidAttr = $this->connection->ldapUuidUserAttribute;
-		if($uuidAttr === 'guid' || $uuidAttr === 'objectguid') {
+		if ($uuidAttr === 'guid' || $uuidAttr === 'objectguid') {
 			$uuid = $this->formatGuid2ForFilterUser($uuid);
 		}
 
-		$filter = $uuidAttr . '=' . $uuid;
+		$filter = $uuidAttr.'='.$uuid;
 		$result = $this->searchUsers($filter, ['dn'], 2);
-		if(is_array($result) && isset($result[0]) && isset($result[0]['dn']) && count($result) === 1) {
+		if (is_array($result) && isset($result[0]) && isset($result[0]['dn']) && count($result) === 1) {
 			// we put the count into account to make sure that this is
 			// really unique
 			return $result[0]['dn'][0];
@@ -1613,7 +1613,7 @@ 
 	 * @return bool true on success, false otherwise
 	 */
 	private function detectUuidAttribute($dn, $isUser = true, $force = false, array $ldapRecord = null) {
-		if($isUser) {
+		if ($isUser) {
 			$uuidAttr     = 'ldapUuidUserAttribute';
 			$uuidOverride = $this->connection->ldapExpertUUIDUserAttr;
 		} else {
@@ -1621,7 +1621,7 @@ 
 			$uuidOverride = $this->connection->ldapExpertUUIDGroupAttr;
 		}
 
-		if(($this->connection->$uuidAttr !== 'auto') && !$force) {
+		if (($this->connection->$uuidAttr !== 'auto') && !$force) {
 			return true;
 		}
 
@@ -1630,10 +1630,10 @@ 
 			return true;
 		}
 
-		foreach(self::UUID_ATTRIBUTES as $attribute) {
-			if($ldapRecord !== null) {
+		foreach (self::UUID_ATTRIBUTES as $attribute) {
+			if ($ldapRecord !== null) {
 				// we have the info from LDAP already, we don't need to talk to the server again
-				if(isset($ldapRecord[$attribute])) {
+				if (isset($ldapRecord[$attribute])) {
 					$this->connection->$uuidAttr = $attribute;
 					return true;
 				} else {
@@ -1642,7 +1642,7 @@ 
 			}
 
 			$value = $this->readAttribute($dn, $attribute);
-			if(is_array($value) && isset($value[0]) && !empty($value[0])) {
+			if (is_array($value) && isset($value[0]) && !empty($value[0])) {
 				\OCP\Util::writeLog(
 					'user_ldap',
 					'Setting '.$attribute.' as '.$uuidAttr,
@@ -1668,7 +1668,7 @@ 
 	 * @return bool|string
 	 */
 	public function getUUID($dn, $isUser = true, $ldapRecord = null) {
-		if($isUser) {
+		if ($isUser) {
 			$uuidAttr     = 'ldapUuidUserAttribute';
 			$uuidOverride = $this->connection->ldapExpertUUIDUserAttr;
 		} else {
@@ -1677,10 +1677,10 @@ 
 		}
 
 		$uuid = false;
-		if($this->detectUuidAttribute($dn, $isUser, false, $ldapRecord)) {
+		if ($this->detectUuidAttribute($dn, $isUser, false, $ldapRecord)) {
 			$attr = $this->connection->$uuidAttr;
 			$uuid = isset($ldapRecord[$attr]) ? $ldapRecord[$attr] : $this->readAttribute($dn, $attr);
-			if( !is_array($uuid)
+			if (!is_array($uuid)
 				&& $uuidOverride !== ''
 				&& $this->detectUuidAttribute($dn, $isUser, true, $ldapRecord))
 			{
@@ -1688,7 +1688,7 @@ 
 					? $ldapRecord[$this->connection->$uuidAttr]
 					: $this->readAttribute($dn, $this->connection->$uuidAttr);
 			}
-			if(is_array($uuid) && isset($uuid[0]) && !empty($uuid[0])) {
+			if (is_array($uuid) && isset($uuid[0]) && !empty($uuid[0])) {
 				$uuid = $uuid[0];
 			}
 		}
@@ -1705,19 +1705,19 @@ 
 	private function convertObjectGUID2Str($oguid) {
 		$hex_guid = bin2hex($oguid);
 		$hex_guid_to_guid_str = '';
-		for($k = 1; $k <= 4; ++$k) {
+		for ($k = 1; $k <= 4; ++$k) {
 			$hex_guid_to_guid_str .= substr($hex_guid, 8 - 2 * $k, 2);
 		}
 		$hex_guid_to_guid_str .= '-';
-		for($k = 1; $k <= 2; ++$k) {
+		for ($k = 1; $k <= 2; ++$k) {
 			$hex_guid_to_guid_str .= substr($hex_guid, 12 - 2 * $k, 2);
 		}
 		$hex_guid_to_guid_str .= '-';
-		for($k = 1; $k <= 2; ++$k) {
+		for ($k = 1; $k <= 2; ++$k) {
 			$hex_guid_to_guid_str .= substr($hex_guid, 16 - 2 * $k, 2);
 		}
-		$hex_guid_to_guid_str .= '-' . substr($hex_guid, 16, 4);
-		$hex_guid_to_guid_str .= '-' . substr($hex_guid, 20);
+		$hex_guid_to_guid_str .= '-'.substr($hex_guid, 16, 4);
+		$hex_guid_to_guid_str .= '-'.substr($hex_guid, 20);
 
 		return strtoupper($hex_guid_to_guid_str);
 	}
@@ -1734,11 +1734,11 @@ 
 	 * @return string
 	 */
 	public function formatGuid2ForFilterUser($guid) {
-		if(!is_string($guid)) {
+		if (!is_string($guid)) {
 			throw new \InvalidArgumentException('String expected');
 		}
 		$blocks = explode('-', $guid);
-		if(count($blocks) !== 5) {
+		if (count($blocks) !== 5) {
 			/*
 			 * Why not throw an Exception instead? This method is a utility
 			 * called only when trying to figure out whether a "missing" known
@@ -1751,20 +1751,20 @@ 
 			 * user. Instead we write a log message.
 			 */
 			\OC::$server->getLogger()->info(
-				'Passed string does not resemble a valid GUID. Known UUID ' .
+				'Passed string does not resemble a valid GUID. Known UUID '.
 				'({uuid}) probably does not match UUID configuration.',
-				[ 'app' => 'user_ldap', 'uuid' => $guid ]
+				['app' => 'user_ldap', 'uuid' => $guid]
 			);
 			return $guid;
 		}
-		for($i=0; $i < 3; $i++) {
+		for ($i = 0; $i < 3; $i++) {
 			$pairs = str_split($blocks[$i], 2);
 			$pairs = array_reverse($pairs);
 			$blocks[$i] = implode('', $pairs);
 		}
-		for($i=0; $i < 5; $i++) {
+		for ($i = 0; $i < 5; $i++) {
 			$pairs = str_split($blocks[$i], 2);
-			$blocks[$i] = '\\' . implode('\\', $pairs);
+			$blocks[$i] = '\\'.implode('\\', $pairs);
 		}
 		return implode('', $blocks);
 	}
@@ -1778,12 +1778,12 @@ 
 		$domainDN = $this->getDomainDNFromDN($dn);
 		$cacheKey = 'getSID-'.$domainDN;
 		$sid = $this->connection->getFromCache($cacheKey);
-		if(!is_null($sid)) {
+		if (!is_null($sid)) {
 			return $sid;
 		}
 
 		$objectSid = $this->readAttribute($domainDN, 'objectsid');
-		if(!is_array($objectSid) || empty($objectSid)) {
+		if (!is_array($objectSid) || empty($objectSid)) {
 			$this->connection->writeToCache($cacheKey, false);
 			return false;
 		}
@@ -1841,12 +1841,12 @@ 
 		$belongsToBase = false;
 		$bases = $this->helper->sanitizeDN($bases);
 
-		foreach($bases as $base) {
+		foreach ($bases as $base) {
 			$belongsToBase = true;
-			if(mb_strripos($dn, $base, 0, 'UTF-8') !== (mb_strlen($dn, 'UTF-8')-mb_strlen($base, 'UTF-8'))) {
+			if (mb_strripos($dn, $base, 0, 'UTF-8') !== (mb_strlen($dn, 'UTF-8') - mb_strlen($base, 'UTF-8'))) {
 				$belongsToBase = false;
 			}
-			if($belongsToBase) {
+			if ($belongsToBase) {
 				break;
 			}
 		}
@@ -1875,16 +1875,16 @@ 
 	 * @return string containing the key or empty if none is cached
 	 */
 	private function getPagedResultCookie($base, $filter, $limit, $offset) {
-		if($offset === 0) {
+		if ($offset === 0) {
 			return '';
 		}
 		$offset -= $limit;
 		//we work with cache here
-		$cacheKey = 'lc' . crc32($base) . '-' . crc32($filter) . '-' . (int)$limit . '-' . (int)$offset;
+		$cacheKey = 'lc'.crc32($base).'-'.crc32($filter).'-'.(int) $limit.'-'.(int) $offset;
 		$cookie = '';
-		if(isset($this->cookies[$cacheKey])) {
+		if (isset($this->cookies[$cacheKey])) {
 			$cookie = $this->cookies[$cacheKey];
-			if(is_null($cookie)) {
+			if (is_null($cookie)) {
 				$cookie = '';
 			}
 		}
@@ -1902,7 +1902,7 @@ 
 	 * @return bool
 	 */
 	public function hasMoreResults() {
-		if(empty($this->lastCookie) && $this->lastCookie !== '0') {
+		if (empty($this->lastCookie) && $this->lastCookie !== '0') {
 			// as in RFC 2696, when all results are returned, the cookie will
 			// be empty.
 			return false;
@@ -1922,8 +1922,8 @@ 
 	 */
 	private function setPagedResultCookie($base, $filter, $limit, $offset, $cookie) {
 		// allow '0' for 389ds
-		if(!empty($cookie) || $cookie === '0') {
-			$cacheKey = 'lc' . crc32($base) . '-' . crc32($filter) . '-' . (int)$limit . '-' . (int)$offset;
+		if (!empty($cookie) || $cookie === '0') {
+			$cacheKey = 'lc'.crc32($base).'-'.crc32($filter).'-'.(int) $limit.'-'.(int) $offset;
 			$this->cookies[$cacheKey] = $cookie;
 			$this->lastCookie = $cookie;
 		}
@@ -1951,16 +1951,16 @@ 
 	private function initPagedSearch($filter, $bases, $attr, $limit, $offset) {
 		$pagedSearchOK = false;
 		if ($limit !== 0) {
-			$offset = (int)$offset; //can be null
+			$offset = (int) $offset; //can be null
 			\OCP\Util::writeLog('user_ldap',
 				'initializing paged search for  Filter '.$filter.' base '.print_r($bases, true)
-				.' attr '.print_r($attr, true). ' limit ' .$limit.' offset '.$offset,
+				.' attr '.print_r($attr, true).' limit '.$limit.' offset '.$offset,
 				ILogger::DEBUG);
 			//get the cookie from the search for the previous search, required by LDAP
-			foreach($bases as $base) {
+			foreach ($bases as $base) {
 
 				$cookie = $this->getPagedResultCookie($base, $filter, $limit, $offset);
-				if(empty($cookie) && $cookie !== "0" && ($offset > 0)) {
+				if (empty($cookie) && $cookie !== "0" && ($offset > 0)) {
 					// no cookie known from a potential previous search. We need
 					// to start from 0 to come to the desired page. cookie value
 					// of '0' is valid, because 389ds
@@ -1970,17 +1970,17 @@ 
 					//still no cookie? obviously, the server does not like us. Let's skip paging efforts.
 					// '0' is valid, because 389ds
 					//TODO: remember this, probably does not change in the next request...
-					if(empty($cookie) && $cookie !== '0') {
+					if (empty($cookie) && $cookie !== '0') {
 						$cookie = null;
 					}
 				}
-				if(!is_null($cookie)) {
+				if (!is_null($cookie)) {
 					//since offset = 0, this is a new search. We abandon other searches that might be ongoing.
 					$this->abandonPagedSearch();
 					$pagedSearchOK = $this->invokeLDAPMethod('controlPagedResult',
 						$this->connection->getConnectionResource(), $limit,
 						false, $cookie);
-					if(!$pagedSearchOK) {
+					if (!$pagedSearchOK) {
 						return false;
 					}
 					\OCP\Util::writeLog('user_ldap', 'Ready for a paged search', ILogger::DEBUG);
@@ -2003,7 +2003,7 @@ 
 			$this->abandonPagedSearch();
 			// in case someone set it to 0 … use 500, otherwise no results will
 			// be returned.
-			$pageSize = (int)$this->connection->ldapPagingSize > 0 ? (int)$this->connection->ldapPagingSize : 500;
+			$pageSize = (int) $this->connection->ldapPagingSize > 0 ? (int) $this->connection->ldapPagingSize : 500;
 			$pagedSearchOK = $this->invokeLDAPMethod('controlPagedResult',
 				$this->connection->getConnectionResource(),
 				$pageSize, false, '');

apps/user_ldap/lib/Connection.php

Spacing +65 added lines, -65 removed lines

@@ -104,7 +104,7 @@ 
 		$this->configuration = new Configuration($configPrefix,
 												 !is_null($configID));
 		$memcache = \OC::$server->getMemCacheFactory();
-		if($memcache->isAvailable()) {
+		if ($memcache->isAvailable()) {
 			$this->cache = $memcache->createDistributed();
 		}
 		$helper = new Helper(\OC::$server->getConfig());
@@ -113,7 +113,7 @@ 
 	}
 
 	public function __destruct() {
-		if(!$this->dontDestruct && $this->ldap->isResource($this->ldapConnectionRes)) {
+		if (!$this->dontDestruct && $this->ldap->isResource($this->ldapConnectionRes)) {
 			@$this->ldap->unbind($this->ldapConnectionRes);
 			$this->bindResult = [];
 		}
@@ -125,7 +125,7 @@ 
 	public function __clone() {
 		$this->configuration = new Configuration($this->configPrefix,
 												 !is_null($this->configID));
-		if(count($this->bindResult) !== 0 && $this->bindResult['result'] === true) {
+		if (count($this->bindResult) !== 0 && $this->bindResult['result'] === true) {
 			$this->bindResult = [];
 		}
 		$this->ldapConnectionRes = null;
@@ -137,7 +137,7 @@ 
 	 * @return bool|mixed
 	 */
 	public function __get($name) {
-		if(!$this->configured) {
+		if (!$this->configured) {
 			$this->readConfiguration();
 		}
 
@@ -153,7 +153,7 @@ 
 		$before = $this->configuration->$name;
 		$this->configuration->$name = $value;
 		$after = $this->configuration->$name;
-		if($before !== $after) {
+		if ($before !== $after) {
 			if ($this->configID !== '' && $this->configID !== null) {
 				$this->configuration->saveConfiguration();
 			}
@@ -177,7 +177,7 @@ 
 	 * @param bool $state
 	 */
 	public function setIgnoreValidation($state) {
-		$this->ignoreValidation = (bool)$state;
+		$this->ignoreValidation = (bool) $state;
 	}
 
 	/**
@@ -193,14 +193,14 @@ 
 	 * Returns the LDAP handler
 	 */
 	public function getConnectionResource() {
-		if(!$this->ldapConnectionRes) {
+		if (!$this->ldapConnectionRes) {
 			$this->init();
-		} else if(!$this->ldap->isResource($this->ldapConnectionRes)) {
+		} else if (!$this->ldap->isResource($this->ldapConnectionRes)) {
 			$this->ldapConnectionRes = null;
 			$this->establishConnection();
 		}
-		if(is_null($this->ldapConnectionRes)) {
-			\OCP\Util::writeLog('user_ldap', 'No LDAP Connection to server ' . $this->configuration->ldapHost, ILogger::ERROR);
+		if (is_null($this->ldapConnectionRes)) {
+			\OCP\Util::writeLog('user_ldap', 'No LDAP Connection to server '.$this->configuration->ldapHost, ILogger::ERROR);
 			throw new ServerNotAvailableException('Connection to LDAP server could not be established');
 		}
 		return $this->ldapConnectionRes;
@@ -210,7 +210,7 @@ 
 	 * resets the connection resource
 	 */
 	public function resetConnectionResource() {
-		if(!is_null($this->ldapConnectionRes)) {
+		if (!is_null($this->ldapConnectionRes)) {
 			@$this->ldap->unbind($this->ldapConnectionRes);
 			$this->ldapConnectionRes = null;
 			$this->bindResult = [];
@@ -223,7 +223,7 @@ 
 	 */
 	private function getCacheKey($key) {
 		$prefix = 'LDAP-'.$this->configID.'-'.$this->configPrefix.'-';
-		if(is_null($key)) {
+		if (is_null($key)) {
 			return $prefix;
 		}
 		return $prefix.hash('sha256', $key);
@@ -234,10 +234,10 @@ 
 	 * @return mixed|null
 	 */
 	public function getFromCache($key) {
-		if(!$this->configured) {
+		if (!$this->configured) {
 			$this->readConfiguration();
 		}
-		if(is_null($this->cache) || !$this->configuration->ldapCacheTTL) {
+		if (is_null($this->cache) || !$this->configuration->ldapCacheTTL) {
 			return null;
 		}
 		$key = $this->getCacheKey($key);
@@ -252,10 +252,10 @@ 
 	 * @return string
 	 */
 	public function writeToCache($key, $value) {
-		if(!$this->configured) {
+		if (!$this->configured) {
 			$this->readConfiguration();
 		}
-		if(is_null($this->cache)
+		if (is_null($this->cache)
 			|| !$this->configuration->ldapCacheTTL
 			|| !$this->configuration->ldapConfigurationActive) {
 			return null;
@@ -266,7 +266,7 @@ 
 	}
 
 	public function clearCache() {
-		if(!is_null($this->cache)) {
+		if (!is_null($this->cache)) {
 			$this->cache->clear($this->getCacheKey(null));
 		}
 	}
@@ -278,7 +278,7 @@ 
 	 * @return null
 	 */
 	private function readConfiguration($force = false) {
-		if((!$this->configured || $force) && !is_null($this->configID)) {
+		if ((!$this->configured || $force) && !is_null($this->configID)) {
 			$this->configuration->readConfiguration();
 			$this->configured = $this->validateConfiguration();
 		}
@@ -291,12 +291,12 @@ 
 	 * @return boolean true if config validates, false otherwise. Check with $setParameters for detailed success on single parameters
 	 */
 	public function setConfiguration($config, &$setParameters = null) {
-		if(is_null($setParameters)) {
+		if (is_null($setParameters)) {
 			$setParameters = array();
 		}
 		$this->doNotValidate = false;
 		$this->configuration->setConfiguration($config, $setParameters);
-		if(count($setParameters) > 0) {
+		if (count($setParameters) > 0) {
 			$this->configured = $this->validateConfiguration();
 		}
 
@@ -323,10 +323,10 @@ 
 		$config = $this->configuration->getConfiguration();
 		$cta = $this->configuration->getConfigTranslationArray();
 		$result = array();
-		foreach($cta as $dbkey => $configkey) {
-			switch($configkey) {
+		foreach ($cta as $dbkey => $configkey) {
+			switch ($configkey) {
 				case 'homeFolderNamingRule':
-					if(strpos($config[$configkey], 'attr:') === 0) {
+					if (strpos($config[$configkey], 'attr:') === 0) {
 						$result[$dbkey] = substr($config[$configkey], 5);
 					} else {
 						$result[$dbkey] = '';
@@ -337,7 +337,7 @@ 
 				case 'ldapBaseGroups':
 				case 'ldapAttributesForUserSearch':
 				case 'ldapAttributesForGroupSearch':
-					if(is_array($config[$configkey])) {
+					if (is_array($config[$configkey])) {
 						$result[$dbkey] = implode("\n", $config[$configkey]);
 						break;
 					} //else follows default
@@ -350,23 +350,23 @@ 
 
 	private function doSoftValidation() {
 		//if User or Group Base are not set, take over Base DN setting
-		foreach(array('ldapBaseUsers', 'ldapBaseGroups') as $keyBase) {
+		foreach (array('ldapBaseUsers', 'ldapBaseGroups') as $keyBase) {
 			$val = $this->configuration->$keyBase;
-			if(empty($val)) {
+			if (empty($val)) {
 				$this->configuration->$keyBase = $this->configuration->ldapBase;
 			}
 		}
 
-		foreach(array('ldapExpertUUIDUserAttr'  => 'ldapUuidUserAttribute',
+		foreach (array('ldapExpertUUIDUserAttr'  => 'ldapUuidUserAttribute',
 					  'ldapExpertUUIDGroupAttr' => 'ldapUuidGroupAttribute')
 				as $expertSetting => $effectiveSetting) {
 			$uuidOverride = $this->configuration->$expertSetting;
-			if(!empty($uuidOverride)) {
+			if (!empty($uuidOverride)) {
 				$this->configuration->$effectiveSetting = $uuidOverride;
 			} else {
 				$uuidAttributes = Access::UUID_ATTRIBUTES;
 				array_unshift($uuidAttributes, 'auto');
-				if(!in_array($this->configuration->$effectiveSetting,
+				if (!in_array($this->configuration->$effectiveSetting,
 							$uuidAttributes)
 					&& (!is_null($this->configID))) {
 					$this->configuration->$effectiveSetting = 'auto';
@@ -380,7 +380,7 @@ 
 			}
 		}
 
-		$backupPort = (int)$this->configuration->ldapBackupPort;
+		$backupPort = (int) $this->configuration->ldapBackupPort;
 		if ($backupPort <= 0) {
 			$this->configuration->backupPort = $this->configuration->ldapPort;
 		}
@@ -388,14 +388,14 @@ 
 		//make sure empty search attributes are saved as simple, empty array
 		$saKeys = array('ldapAttributesForUserSearch',
 						'ldapAttributesForGroupSearch');
-		foreach($saKeys as $key) {
+		foreach ($saKeys as $key) {
 			$val = $this->configuration->$key;
-			if(is_array($val) && count($val) === 1 && empty($val[0])) {
+			if (is_array($val) && count($val) === 1 && empty($val[0])) {
 				$this->configuration->$key = array();
 			}
 		}
 
-		if((stripos($this->configuration->ldapHost, 'ldaps://') === 0)
+		if ((stripos($this->configuration->ldapHost, 'ldaps://') === 0)
 			&& $this->configuration->ldapTLS) {
 			$this->configuration->ldapTLS = false;
 			\OCP\Util::writeLog(
@@ -412,15 +412,15 @@ 
 	private function doCriticalValidation() {
 		$configurationOK = true;
 		$errorStr = 'Configuration Error (prefix '.
-			(string)$this->configPrefix .'): ';
+			(string) $this->configPrefix.'): ';
 
 		//options that shall not be empty
 		$options = array('ldapHost', 'ldapPort', 'ldapUserDisplayName',
 						 'ldapGroupDisplayName', 'ldapLoginFilter');
-		foreach($options as $key) {
+		foreach ($options as $key) {
 			$val = $this->configuration->$key;
-			if(empty($val)) {
-				switch($key) {
+			if (empty($val)) {
+				switch ($key) {
 					case 'ldapHost':
 						$subj = 'LDAP Host';
 						break;
@@ -453,12 +453,12 @@ 
 		$agent = $this->configuration->ldapAgentName;
 		$pwd = $this->configuration->ldapAgentPassword;
 		if (
-			($agent === ''  && $pwd !== '')
+			($agent === '' && $pwd !== '')
 			|| ($agent !== '' && $pwd === '')
 		) {
 			\OCP\Util::writeLog(
 				'user_ldap',
-				$errorStr.'either no password is given for the user ' .
+				$errorStr.'either no password is given for the user '.
 					'agent or a password is given, but not an LDAP agent.',
 				ILogger::WARN);
 			$configurationOK = false;
@@ -468,7 +468,7 @@ 
 		$baseUsers = $this->configuration->ldapBaseUsers;
 		$baseGroups = $this->configuration->ldapBaseGroups;
 
-		if(empty($base) && empty($baseUsers) && empty($baseGroups)) {
+		if (empty($base) && empty($baseUsers) && empty($baseGroups)) {
 			\OCP\Util::writeLog(
 				'user_ldap',
 				$errorStr.'Not a single Base DN given.',
@@ -477,7 +477,7 @@ 
 			$configurationOK = false;
 		}
 
-		if(mb_strpos($this->configuration->ldapLoginFilter, '%uid', 0, 'UTF-8')
+		if (mb_strpos($this->configuration->ldapLoginFilter, '%uid', 0, 'UTF-8')
 		   === false) {
 			\OCP\Util::writeLog(
 				'user_ldap',
@@ -496,7 +496,7 @@ 
 	 */
 	private function validateConfiguration() {
 
-		if($this->doNotValidate) {
+		if ($this->doNotValidate) {
 			//don't do a validation if it is a new configuration with pure
 			//default values. Will be allowed on changes via __set or
 			//setConfiguration
@@ -519,14 +519,14 @@ 
 	 * @throws ServerNotAvailableException
 	 */
 	private function establishConnection() {
-		if(!$this->configuration->ldapConfigurationActive) {
+		if (!$this->configuration->ldapConfigurationActive) {
 			return null;
 		}
 		static $phpLDAPinstalled = true;
-		if(!$phpLDAPinstalled) {
+		if (!$phpLDAPinstalled) {
 			return false;
 		}
-		if(!$this->ignoreValidation && !$this->configured) {
+		if (!$this->ignoreValidation && !$this->configured) {
 			\OCP\Util::writeLog(
 				'user_ldap',
 				'Configuration is invalid, cannot connect',
@@ -534,8 +534,8 @@ 
 			);
 			return false;
 		}
-		if(!$this->ldapConnectionRes) {
-			if(!$this->ldap->areLDAPFunctionsAvailable()) {
+		if (!$this->ldapConnectionRes) {
+			if (!$this->ldap->areLDAPFunctionsAvailable()) {
 				$phpLDAPinstalled = false;
 				\OCP\Util::writeLog(
 					'user_ldap',
@@ -545,8 +545,8 @@ 
 
 				return false;
 			}
-			if($this->configuration->turnOffCertCheck) {
-				if(putenv('LDAPTLS_REQCERT=never')) {
+			if ($this->configuration->turnOffCertCheck) {
+				if (putenv('LDAPTLS_REQCERT=never')) {
 					\OCP\Util::writeLog('user_ldap',
 						'Turned off SSL certificate validation successfully.',
 						ILogger::DEBUG);
@@ -570,20 +570,20 @@ 
 					return $this->bind();
 				}
 			} catch (ServerNotAvailableException $e) {
-				if(!$isBackupHost) {
+				if (!$isBackupHost) {
 					throw $e;
 				}
 			}
 
 			//if LDAP server is not reachable, try the Backup (Replica!) Server
-			if($isBackupHost || $isOverrideMainServer) {
+			if ($isBackupHost || $isOverrideMainServer) {
 				$this->doConnect($this->configuration->ldapBackupHost,
 								 $this->configuration->ldapBackupPort);
 				$this->bindResult = [];
 				$bindStatus = $this->bind();
 				$error = $this->ldap->isResource($this->ldapConnectionRes) ?
 					$this->ldap->errno($this->ldapConnectionRes) : -1;
-				if($bindStatus && $error === 0 && !$this->getFromCache('overrideMainServer')) {
+				if ($bindStatus && $error === 0 && !$this->getFromCache('overrideMainServer')) {
 					//when bind to backup server succeeded and failed to main server,
 					//skip contacting him until next cache refresh
 					$this->writeToCache('overrideMainServer', true);
@@ -608,17 +608,17 @@ 
 
 		$this->ldapConnectionRes = $this->ldap->connect($host, $port);
 
-		if(!$this->ldap->setOption($this->ldapConnectionRes, LDAP_OPT_PROTOCOL_VERSION, 3)) {
+		if (!$this->ldap->setOption($this->ldapConnectionRes, LDAP_OPT_PROTOCOL_VERSION, 3)) {
 			throw new ServerNotAvailableException('Could not set required LDAP Protocol version.');
 		}
 
-		if(!$this->ldap->setOption($this->ldapConnectionRes, LDAP_OPT_REFERRALS, 0)) {
+		if (!$this->ldap->setOption($this->ldapConnectionRes, LDAP_OPT_REFERRALS, 0)) {
 			throw new ServerNotAvailableException('Could not disable LDAP referrals.');
 		}
 
-		if($this->configuration->ldapTLS) {
-			if(!$this->ldap->startTls($this->ldapConnectionRes)) {
-				throw new ServerNotAvailableException('Start TLS failed, when connecting to LDAP host ' . $host . '.');
+		if ($this->configuration->ldapTLS) {
+			if (!$this->ldap->startTls($this->ldapConnectionRes)) {
+				throw new ServerNotAvailableException('Start TLS failed, when connecting to LDAP host '.$host.'.');
 			}
 		}
 
@@ -629,19 +629,19 @@ 
 	 * Binds to LDAP
 	 */
 	public function bind() {
-		if(!$this->configuration->ldapConfigurationActive) {
+		if (!$this->configuration->ldapConfigurationActive) {
 			return false;
 		}
 		$cr = $this->ldapConnectionRes;
-		if(!$this->ldap->isResource($cr)) {
+		if (!$this->ldap->isResource($cr)) {
 			$cr = $this->getConnectionResource();
 		}
 
-		if(
+		if (
 			count($this->bindResult) !== 0
 			&& $this->bindResult['dn'] === $this->configuration->ldapAgentName
 			&& \OC::$server->getHasher()->verify(
-				$this->configPrefix . $this->configuration->ldapAgentPassword,
+				$this->configPrefix.$this->configuration->ldapAgentPassword,
 				$this->bindResult['hash']
 			)
 		) {
@@ -657,19 +657,19 @@ 
 
 		$this->bindResult = [
 			'dn' => $this->configuration->ldapAgentName,
-			'hash' => \OC::$server->getHasher()->hash($this->configPrefix . $this->configuration->ldapAgentPassword),
+			'hash' => \OC::$server->getHasher()->hash($this->configPrefix.$this->configuration->ldapAgentPassword),
 			'result' => $ldapLogin,
 		];
 
-		if(!$ldapLogin) {
+		if (!$ldapLogin) {
 			$errno = $this->ldap->errno($cr);
 
 			\OCP\Util::writeLog('user_ldap',
-				'Bind failed: ' . $errno . ': ' . $this->ldap->error($cr),
+				'Bind failed: '.$errno.': '.$this->ldap->error($cr),
 				ILogger::WARN);
 
 			// Set to failure mode, if LDAP error code is not LDAP_SUCCESS or LDAP_INVALID_CREDENTIALS
-			if($errno !== 0x00 && $errno !== 0x31) {
+			if ($errno !== 0x00 && $errno !== 0x31) {
 				$this->ldapConnectionRes = null;
 			}
 

apps/user_ldap/lib/Group_LDAP.php

Spacing +94 added lines, -94 removed lines

@@ -65,7 +65,7 @@ 
 		parent::__construct($access);
 		$filter = $this->access->connection->ldapGroupFilter;
 		$gassoc = $this->access->connection->ldapGroupMemberAssocAttr;
-		if(!empty($filter) && !empty($gassoc)) {
+		if (!empty($filter) && !empty($gassoc)) {
 			$this->enabled = true;
 		}
 
@@ -83,25 +83,25 @@ 
 	 * Checks whether the user is member of a group or not.
 	 */
 	public function inGroup($uid, $gid) {
-		if(!$this->enabled) {
+		if (!$this->enabled) {
 			return false;
 		}
 		$cacheKey = 'inGroup'.$uid.':'.$gid;
 		$inGroup = $this->access->connection->getFromCache($cacheKey);
-		if(!is_null($inGroup)) {
-			return (bool)$inGroup;
+		if (!is_null($inGroup)) {
+			return (bool) $inGroup;
 		}
 
 		$userDN = $this->access->username2dn($uid);
 
-		if(isset($this->cachedGroupMembers[$gid])) {
+		if (isset($this->cachedGroupMembers[$gid])) {
 			$isInGroup = in_array($userDN, $this->cachedGroupMembers[$gid]);
 			return $isInGroup;
 		}
 
 		$cacheKeyMembers = 'inGroup-members:'.$gid;
 		$members = $this->access->connection->getFromCache($cacheKeyMembers);
-		if(!is_null($members)) {
+		if (!is_null($members)) {
 			$this->cachedGroupMembers[$gid] = $members;
 			$isInGroup = in_array($userDN, $members);
 			$this->access->connection->writeToCache($cacheKey, $isInGroup);
@@ -110,13 +110,13 @@ 
 
 		$groupDN = $this->access->groupname2dn($gid);
 		// just in case
-		if(!$groupDN || !$userDN) {
+		if (!$groupDN || !$userDN) {
 			$this->access->connection->writeToCache($cacheKey, false);
 			return false;
 		}
 
 		//check primary group first
-		if($gid === $this->getUserPrimaryGroup($userDN)) {
+		if ($gid === $this->getUserPrimaryGroup($userDN)) {
 			$this->access->connection->writeToCache($cacheKey, true);
 			return true;
 		}
@@ -124,21 +124,21 @@ 
 		//usually, LDAP attributes are said to be case insensitive. But there are exceptions of course.
 		$members = $this->_groupMembers($groupDN);
 		$members = array_keys($members); // uids are returned as keys
-		if(!is_array($members) || count($members) === 0) {
+		if (!is_array($members) || count($members) === 0) {
 			$this->access->connection->writeToCache($cacheKey, false);
 			return false;
 		}
 
 		//extra work if we don't get back user DNs
-		if(strtolower($this->access->connection->ldapGroupMemberAssocAttr) === 'memberuid') {
+		if (strtolower($this->access->connection->ldapGroupMemberAssocAttr) === 'memberuid') {
 			$dns = array();
 			$filterParts = array();
 			$bytes = 0;
-			foreach($members as $mid) {
+			foreach ($members as $mid) {
 				$filter = str_replace('%uid', $mid, $this->access->connection->ldapLoginFilter);
 				$filterParts[] = $filter;
 				$bytes += strlen($filter);
-				if($bytes >= 9000000) {
+				if ($bytes >= 9000000) {
 					// AD has a default input buffer of 10 MB, we do not want
 					// to take even the chance to exceed it
 					$filter = $this->access->combineFilterWithOr($filterParts);
@@ -148,7 +148,7 @@ 
 					$dns = array_merge($dns, $users);
 				}
 			}
-			if(count($filterParts) > 0) {
+			if (count($filterParts) > 0) {
 				$filter = $this->access->combineFilterWithOr($filterParts);
 				$users = $this->access->fetchListOfUsers($filter, 'dn', count($filterParts));
 				$dns = array_merge($dns, $users);
@@ -191,14 +191,14 @@ 
 			$pos = strpos($memberURLs[0], '(');
 			if ($pos !== false) {
 				$memberUrlFilter = substr($memberURLs[0], $pos);
-				$foundMembers = $this->access->searchUsers($memberUrlFilter,'dn');
+				$foundMembers = $this->access->searchUsers($memberUrlFilter, 'dn');
 				$dynamicMembers = array();
-				foreach($foundMembers as $value) {
+				foreach ($foundMembers as $value) {
 					$dynamicMembers[$value['dn'][0]] = 1;
 				}
 			} else {
 				\OCP\Util::writeLog('user_ldap', 'No search filter found on member url '.
-					'of group ' . $dnGroup, ILogger::DEBUG);
+					'of group '.$dnGroup, ILogger::DEBUG);
 			}
 		}
 		return $dynamicMembers;
@@ -222,7 +222,7 @@ 
 		// used extensively in cron job, caching makes sense for nested groups
 		$cacheKey = '_groupMembers'.$dnGroup;
 		$groupMembers = $this->access->connection->getFromCache($cacheKey);
-		if($groupMembers !== null) {
+		if ($groupMembers !== null) {
 			return $groupMembers;
 		}
 		$seen[$dnGroup] = 1;
@@ -266,9 +266,9 @@ 
 			return array();
 		}
 		$groups = $this->access->groupsMatchFilter($groups);
-		$allGroups =  $groups;
+		$allGroups = $groups;
 		$nestedGroups = $this->access->connection->ldapNestedGroups;
-		if ((int)$nestedGroups === 1) {
+		if ((int) $nestedGroups === 1) {
 			foreach ($groups as $group) {
 				$subGroups = $this->_getGroupDNsFromMemberOf($group, $seen);
 				$allGroups = array_merge($allGroups, $subGroups);
@@ -284,9 +284,9 @@ 
 	 * @return string|bool
 	 */
 	public function gidNumber2Name($gid, $dn) {
-		$cacheKey = 'gidNumberToName' . $gid;
+		$cacheKey = 'gidNumberToName'.$gid;
 		$groupName = $this->access->connection->getFromCache($cacheKey);
-		if(!is_null($groupName) && isset($groupName)) {
+		if (!is_null($groupName) && isset($groupName)) {
 			return $groupName;
 		}
 
@@ -294,10 +294,10 @@ 
 		$filter = $this->access->combineFilterWithAnd([
 			$this->access->connection->ldapGroupFilter,
 			'objectClass=posixGroup',
-			$this->access->connection->ldapGidNumber . '=' . $gid
+			$this->access->connection->ldapGidNumber.'='.$gid
 		]);
 		$result = $this->access->searchGroups($filter, array('dn'), 1);
-		if(empty($result)) {
+		if (empty($result)) {
 			return false;
 		}
 		$dn = $result[0]['dn'][0];
@@ -320,7 +320,7 @@ 
 	 */
 	private function getEntryGidNumber($dn, $attribute) {
 		$value = $this->access->readAttribute($dn, $attribute);
-		if(is_array($value) && !empty($value)) {
+		if (is_array($value) && !empty($value)) {
 			return $value[0];
 		}
 		return false;
@@ -342,9 +342,9 @@ 
 	 */
 	public function getUserGidNumber($dn) {
 		$gidNumber = false;
-		if($this->access->connection->hasGidNumber) {
+		if ($this->access->connection->hasGidNumber) {
 			$gidNumber = $this->getEntryGidNumber($dn, $this->access->connection->ldapGidNumber);
-			if($gidNumber === false) {
+			if ($gidNumber === false) {
 				$this->access->connection->hasGidNumber = false;
 			}
 		}
@@ -361,7 +361,7 @@ 
 	 */
 	private function prepareFilterForUsersHasGidNumber($groupDN, $search = '') {
 		$groupID = $this->getGroupGidNumber($groupDN);
-		if($groupID === false) {
+		if ($groupID === false) {
 			throw new \Exception('Not a valid group');
 		}
 
@@ -370,7 +370,7 @@ 
 		if ($search !== '') {
 			$filterParts[] = $this->access->getFilterPartForUserSearch($search);
 		}
-		$filterParts[] = $this->access->connection->ldapGidNumber .'=' . $groupID;
+		$filterParts[] = $this->access->connection->ldapGidNumber.'='.$groupID;
 
 		return $this->access->combineFilterWithAnd($filterParts);
 	}
@@ -412,7 +412,7 @@ 
 		try {
 			$filter = $this->prepareFilterForUsersHasGidNumber($groupDN, $search);
 			$users = $this->access->countUsers($filter, ['dn'], $limit, $offset);
-			return (int)$users;
+			return (int) $users;
 		} catch (\Exception $e) {
 			return 0;
 		}
@@ -425,9 +425,9 @@ 
 	 */
 	public function getUserGroupByGid($dn) {
 		$groupID = $this->getUserGidNumber($dn);
-		if($groupID !== false) {
+		if ($groupID !== false) {
 			$groupName = $this->gidNumber2Name($groupID, $dn);
-			if($groupName !== false) {
+			if ($groupName !== false) {
 				return $groupName;
 			}
 		}
@@ -444,22 +444,22 @@ 
 	public function primaryGroupID2Name($gid, $dn) {
 		$cacheKey = 'primaryGroupIDtoName';
 		$groupNames = $this->access->connection->getFromCache($cacheKey);
-		if(!is_null($groupNames) && isset($groupNames[$gid])) {
+		if (!is_null($groupNames) && isset($groupNames[$gid])) {
 			return $groupNames[$gid];
 		}
 
 		$domainObjectSid = $this->access->getSID($dn);
-		if($domainObjectSid === false) {
+		if ($domainObjectSid === false) {
 			return false;
 		}
 
 		//we need to get the DN from LDAP
 		$filter = $this->access->combineFilterWithAnd(array(
 			$this->access->connection->ldapGroupFilter,
-			'objectsid=' . $domainObjectSid . '-' . $gid
+			'objectsid='.$domainObjectSid.'-'.$gid
 		));
 		$result = $this->access->searchGroups($filter, array('dn'), 1);
-		if(empty($result)) {
+		if (empty($result)) {
 			return false;
 		}
 		$dn = $result[0]['dn'][0];
@@ -482,7 +482,7 @@ 
 	 */
 	private function getEntryGroupID($dn, $attribute) {
 		$value = $this->access->readAttribute($dn, $attribute);
-		if(is_array($value) && !empty($value)) {
+		if (is_array($value) && !empty($value)) {
 			return $value[0];
 		}
 		return false;
@@ -504,9 +504,9 @@ 
 	 */
 	public function getUserPrimaryGroupIDs($dn) {
 		$primaryGroupID = false;
-		if($this->access->connection->hasPrimaryGroups) {
+		if ($this->access->connection->hasPrimaryGroups) {
 			$primaryGroupID = $this->getEntryGroupID($dn, 'primaryGroupID');
-			if($primaryGroupID === false) {
+			if ($primaryGroupID === false) {
 				$this->access->connection->hasPrimaryGroups = false;
 			}
 		}
@@ -523,7 +523,7 @@ 
 	 */
 	private function prepareFilterForUsersInPrimaryGroup($groupDN, $search = '') {
 		$groupID = $this->getGroupPrimaryGroupID($groupDN);
-		if($groupID === false) {
+		if ($groupID === false) {
 			throw new \Exception('Not a valid group');
 		}
 
@@ -532,7 +532,7 @@ 
 		if ($search !== '') {
 			$filterParts[] = $this->access->getFilterPartForUserSearch($search);
 		}
-		$filterParts[] = 'primaryGroupID=' . $groupID;
+		$filterParts[] = 'primaryGroupID='.$groupID;
 
 		return $this->access->combineFilterWithAnd($filterParts);
 	}
@@ -574,7 +574,7 @@ 
 		try {
 			$filter = $this->prepareFilterForUsersInPrimaryGroup($groupDN, $search);
 			$users = $this->access->countUsers($filter, array('dn'), $limit, $offset);
-			return (int)$users;
+			return (int) $users;
 		} catch (\Exception $e) {
 			return 0;
 		}
@@ -587,9 +587,9 @@ 
 	 */
 	public function getUserPrimaryGroup($dn) {
 		$groupID = $this->getUserPrimaryGroupIDs($dn);
-		if($groupID !== false) {
+		if ($groupID !== false) {
 			$groupName = $this->primaryGroupID2Name($groupID, $dn);
-			if($groupName !== false) {
+			if ($groupName !== false) {
 				return $groupName;
 			}
 		}
@@ -608,16 +608,16 @@ 
 	 * This function includes groups based on dynamic group membership.
 	 */
 	public function getUserGroups($uid) {
-		if(!$this->enabled) {
+		if (!$this->enabled) {
 			return array();
 		}
 		$cacheKey = 'getUserGroups'.$uid;
 		$userGroups = $this->access->connection->getFromCache($cacheKey);
-		if(!is_null($userGroups)) {
+		if (!is_null($userGroups)) {
 			return $userGroups;
 		}
 		$userDN = $this->access->username2dn($uid);
-		if(!$userDN) {
+		if (!$userDN) {
 			$this->access->connection->writeToCache($cacheKey, array());
 			return array();
 		}
@@ -631,14 +631,14 @@ 
 		if (!empty($dynamicGroupMemberURL)) {
 			// look through dynamic groups to add them to the result array if needed
 			$groupsToMatch = $this->access->fetchListOfGroups(
-				$this->access->connection->ldapGroupFilter,array('dn',$dynamicGroupMemberURL));
-			foreach($groupsToMatch as $dynamicGroup) {
+				$this->access->connection->ldapGroupFilter, array('dn', $dynamicGroupMemberURL));
+			foreach ($groupsToMatch as $dynamicGroup) {
 				if (!array_key_exists($dynamicGroupMemberURL, $dynamicGroup)) {
 					continue;
 				}
 				$pos = strpos($dynamicGroup[$dynamicGroupMemberURL][0], '(');
 				if ($pos !== false) {
-					$memberUrlFilter = substr($dynamicGroup[$dynamicGroupMemberURL][0],$pos);
+					$memberUrlFilter = substr($dynamicGroup[$dynamicGroupMemberURL][0], $pos);
 					// apply filter via ldap search to see if this user is in this
 					// dynamic group
 					$userMatch = $this->access->readAttribute(
@@ -649,7 +649,7 @@ 
 					if ($userMatch !== false) {
 						// match found so this user is in this group
 						$groupName = $this->access->dn2groupname($dynamicGroup['dn'][0]);
-						if(is_string($groupName)) {
+						if (is_string($groupName)) {
 							// be sure to never return false if the dn could not be
 							// resolved to a name, for whatever reason.
 							$groups[] = $groupName;
@@ -657,7 +657,7 @@ 
 					}
 				} else {
 					\OCP\Util::writeLog('user_ldap', 'No search filter found on member url '.
-						'of group ' . print_r($dynamicGroup, true), ILogger::DEBUG);
+						'of group '.print_r($dynamicGroup, true), ILogger::DEBUG);
 				}
 			}
 		}
@@ -665,15 +665,15 @@ 
 		// if possible, read out membership via memberOf. It's far faster than
 		// performing a search, which still is a fallback later.
 		// memberof doesn't support memberuid, so skip it here.
-		if((int)$this->access->connection->hasMemberOfFilterSupport === 1
-			&& (int)$this->access->connection->useMemberOfToDetectMembership === 1
+		if ((int) $this->access->connection->hasMemberOfFilterSupport === 1
+			&& (int) $this->access->connection->useMemberOfToDetectMembership === 1
 		    && strtolower($this->access->connection->ldapGroupMemberAssocAttr) !== 'memberuid'
 		    ) {
 			$groupDNs = $this->_getGroupDNsFromMemberOf($userDN);
 			if (is_array($groupDNs)) {
 				foreach ($groupDNs as $dn) {
 					$groupName = $this->access->dn2groupname($dn);
-					if(is_string($groupName)) {
+					if (is_string($groupName)) {
 						// be sure to never return false if the dn could not be
 						// resolved to a name, for whatever reason.
 						$groups[] = $groupName;
@@ -681,10 +681,10 @@ 
 				}
 			}
 
-			if($primaryGroup !== false) {
+			if ($primaryGroup !== false) {
 				$groups[] = $primaryGroup;
 			}
-			if($gidGroupName !== false) {
+			if ($gidGroupName !== false) {
 				$groups[] = $gidGroupName;
 			}
 			$this->access->connection->writeToCache($cacheKey, $groups);
@@ -692,14 +692,14 @@ 
 		}
 
 		//uniqueMember takes DN, memberuid the uid, so we need to distinguish
-		if((strtolower($this->access->connection->ldapGroupMemberAssocAttr) === 'uniquemember')
+		if ((strtolower($this->access->connection->ldapGroupMemberAssocAttr) === 'uniquemember')
 			|| (strtolower($this->access->connection->ldapGroupMemberAssocAttr) === 'member')
 		) {
 			$uid = $userDN;
-		} else if(strtolower($this->access->connection->ldapGroupMemberAssocAttr) === 'memberuid') {
+		} else if (strtolower($this->access->connection->ldapGroupMemberAssocAttr) === 'memberuid') {
 			$result = $this->access->readAttribute($userDN, 'uid');
 			if ($result === false) {
-				\OCP\Util::writeLog('user_ldap', 'No uid attribute found for DN ' . $userDN . ' on '.
+				\OCP\Util::writeLog('user_ldap', 'No uid attribute found for DN '.$userDN.' on '.
 					$this->access->connection->ldapHost, ILogger::DEBUG);
 			}
 			$uid = $result[0];
@@ -708,7 +708,7 @@ 
 			$uid = $userDN;
 		}
 
-		if(isset($this->cachedGroupsByMember[$uid])) {
+		if (isset($this->cachedGroupsByMember[$uid])) {
 			$groups = array_merge($groups, $this->cachedGroupsByMember[$uid]);
 		} else {
 			$groupsByMember = array_values($this->getGroupsByMember($uid));
@@ -717,10 +717,10 @@ 
 			$groups = array_merge($groups, $groupsByMember);
 		}
 
-		if($primaryGroup !== false) {
+		if ($primaryGroup !== false) {
 			$groups[] = $primaryGroup;
 		}
-		if($gidGroupName !== false) {
+		if ($gidGroupName !== false) {
 			$groups[] = $gidGroupName;
 		}
 
@@ -758,7 +758,7 @@ 
 				$nestedGroups = $this->access->connection->ldapNestedGroups;
 				if (!empty($nestedGroups)) {
 					$supergroups = $this->getGroupsByMember($groupDN, $seen);
-					if (is_array($supergroups) && (count($supergroups)>0)) {
+					if (is_array($supergroups) && (count($supergroups) > 0)) {
 						$allGroups = array_merge($allGroups, $supergroups);
 					}
 				}
@@ -777,33 +777,33 @@ 
 	 * @return array with user ids
 	 */
 	public function usersInGroup($gid, $search = '', $limit = -1, $offset = 0) {
-		if(!$this->enabled) {
+		if (!$this->enabled) {
 			return array();
 		}
-		if(!$this->groupExists($gid)) {
+		if (!$this->groupExists($gid)) {
 			return array();
 		}
 		$search = $this->access->escapeFilterPart($search, true);
 		$cacheKey = 'usersInGroup-'.$gid.'-'.$search.'-'.$limit.'-'.$offset;
 		// check for cache of the exact query
 		$groupUsers = $this->access->connection->getFromCache($cacheKey);
-		if(!is_null($groupUsers)) {
+		if (!is_null($groupUsers)) {
 			return $groupUsers;
 		}
 
 		// check for cache of the query without limit and offset
 		$groupUsers = $this->access->connection->getFromCache('usersInGroup-'.$gid.'-'.$search);
-		if(!is_null($groupUsers)) {
+		if (!is_null($groupUsers)) {
 			$groupUsers = array_slice($groupUsers, $offset, $limit);
 			$this->access->connection->writeToCache($cacheKey, $groupUsers);
 			return $groupUsers;
 		}
 
-		if($limit === -1) {
+		if ($limit === -1) {
 			$limit = null;
 		}
 		$groupDN = $this->access->groupname2dn($gid);
-		if(!$groupDN) {
+		if (!$groupDN) {
 			// group couldn't be found, return empty resultset
 			$this->access->connection->writeToCache($cacheKey, array());
 			return array();
@@ -812,7 +812,7 @@ 
 		$primaryUsers = $this->getUsersInPrimaryGroup($groupDN, $search, $limit, $offset);
 		$posixGroupUsers = $this->getUsersInGidNumber($groupDN, $search, $limit, $offset);
 		$members = array_keys($this->_groupMembers($groupDN));
-		if(!$members && empty($posixGroupUsers) && empty($primaryUsers)) {
+		if (!$members && empty($posixGroupUsers) && empty($primaryUsers)) {
 			//in case users could not be retrieved, return empty result set
 			$this->access->connection->writeToCache($cacheKey, []);
 			return [];
@@ -821,29 +821,29 @@ 
 		$groupUsers = array();
 		$isMemberUid = (strtolower($this->access->connection->ldapGroupMemberAssocAttr) === 'memberuid');
 		$attrs = $this->access->userManager->getAttributes(true);
-		foreach($members as $member) {
-			if($isMemberUid) {
+		foreach ($members as $member) {
+			if ($isMemberUid) {
 				//we got uids, need to get their DNs to 'translate' them to user names
 				$filter = $this->access->combineFilterWithAnd(array(
 					str_replace('%uid', trim($member), $this->access->connection->ldapLoginFilter),
 					$this->access->getFilterPartForUserSearch($search)
 				));
 				$ldap_users = $this->access->fetchListOfUsers($filter, $attrs, 1);
-				if(count($ldap_users) < 1) {
+				if (count($ldap_users) < 1) {
 					continue;
 				}
 				$groupUsers[] = $this->access->dn2username($ldap_users[0]['dn'][0]);
 			} else {
 				//we got DNs, check if we need to filter by search or we can give back all of them
 				if ($search !== '') {
-					if(!$this->access->readAttribute($member,
+					if (!$this->access->readAttribute($member,
 						$this->access->connection->ldapUserDisplayName,
 						$this->access->getFilterPartForUserSearch($search))) {
 						continue;
 					}
 				}
 				// dn2username will also check if the users belong to the allowed base
-				if($ocname = $this->access->dn2username($member)) {
+				if ($ocname = $this->access->dn2username($member)) {
 					$groupUsers[] = $ocname;
 				}
 			}
@@ -871,16 +871,16 @@ 
 		}
 
 		$cacheKey = 'countUsersInGroup-'.$gid.'-'.$search;
-		if(!$this->enabled || !$this->groupExists($gid)) {
+		if (!$this->enabled || !$this->groupExists($gid)) {
 			return false;
 		}
 		$groupUsers = $this->access->connection->getFromCache($cacheKey);
-		if(!is_null($groupUsers)) {
+		if (!is_null($groupUsers)) {
 			return $groupUsers;
 		}
 
 		$groupDN = $this->access->groupname2dn($gid);
-		if(!$groupDN) {
+		if (!$groupDN) {
 			// group couldn't be found, return empty result set
 			$this->access->connection->writeToCache($cacheKey, false);
 			return false;
@@ -888,7 +888,7 @@ 
 
 		$members = array_keys($this->_groupMembers($groupDN));
 		$primaryUserCount = $this->countUsersInPrimaryGroup($groupDN, '');
-		if(!$members && $primaryUserCount === 0) {
+		if (!$members && $primaryUserCount === 0) {
 			//in case users could not be retrieved, return empty result set
 			$this->access->connection->writeToCache($cacheKey, false);
 			return false;
@@ -913,27 +913,27 @@ 
 		//For now this is not important, because the only use of this method
 		//does not supply a search string
 		$groupUsers = array();
-		foreach($members as $member) {
-			if($isMemberUid) {
+		foreach ($members as $member) {
+			if ($isMemberUid) {
 				//we got uids, need to get their DNs to 'translate' them to user names
 				$filter = $this->access->combineFilterWithAnd(array(
 					str_replace('%uid', $member, $this->access->connection->ldapLoginFilter),
 					$this->access->getFilterPartForUserSearch($search)
 				));
 				$ldap_users = $this->access->fetchListOfUsers($filter, 'dn', 1);
-				if(count($ldap_users) < 1) {
+				if (count($ldap_users) < 1) {
 					continue;
 				}
 				$groupUsers[] = $this->access->dn2username($ldap_users[0]);
 			} else {
 				//we need to apply the search filter now
-				if(!$this->access->readAttribute($member,
+				if (!$this->access->readAttribute($member,
 					$this->access->connection->ldapUserDisplayName,
 					$this->access->getFilterPartForUserSearch($search))) {
 					continue;
 				}
 				// dn2username will also check if the users belong to the allowed base
-				if($ocname = $this->access->dn2username($member)) {
+				if ($ocname = $this->access->dn2username($member)) {
 					$groupUsers[] = $ocname;
 				}
 			}
@@ -956,7 +956,7 @@ 
 	 * Returns a list with all groups (used by getGroups)
 	 */
 	protected function getGroupsChunk($search = '', $limit = -1, $offset = 0) {
-		if(!$this->enabled) {
+		if (!$this->enabled) {
 			return array();
 		}
 		$cacheKey = 'getGroups-'.$search.'-'.$limit.'-'.$offset;
@@ -964,13 +964,13 @@ 
 		//Check cache before driving unnecessary searches
 		\OCP\Util::writeLog('user_ldap', 'getGroups '.$cacheKey, ILogger::DEBUG);
 		$ldap_groups = $this->access->connection->getFromCache($cacheKey);
-		if(!is_null($ldap_groups)) {
+		if (!is_null($ldap_groups)) {
 			return $ldap_groups;
 		}
 
 		// if we'd pass -1 to LDAP search, we'd end up in a Protocol
 		// error. With a limit of 0, we get 0 results. So we pass null.
-		if($limit <= 0) {
+		if ($limit <= 0) {
 			$limit = null;
 		}
 		$filter = $this->access->combineFilterWithAnd(array(
@@ -1002,11 +1002,11 @@ 
 	 * (active directory has a limit of 1000 by default)
 	 */
 	public function getGroups($search = '', $limit = -1, $offset = 0) {
-		if(!$this->enabled) {
+		if (!$this->enabled) {
 			return array();
 		}
 		$search = $this->access->escapeFilterPart($search, true);
-		$pagingSize = (int)$this->access->connection->ldapPagingSize;
+		$pagingSize = (int) $this->access->connection->ldapPagingSize;
 		if ($pagingSize <= 0) {
 			return $this->getGroupsChunk($search, $limit, $offset);
 		}
@@ -1049,20 +1049,20 @@ 
 	 */
 	public function groupExists($gid) {
 		$groupExists = $this->access->connection->getFromCache('groupExists'.$gid);
-		if(!is_null($groupExists)) {
-			return (bool)$groupExists;
+		if (!is_null($groupExists)) {
+			return (bool) $groupExists;
 		}
 
 		//getting dn, if false the group does not exist. If dn, it may be mapped
 		//only, requires more checking.
 		$dn = $this->access->groupname2dn($gid);
-		if(!$dn) {
+		if (!$dn) {
 			$this->access->connection->writeToCache('groupExists'.$gid, false);
 			return false;
 		}
 
 		//if group really still exists, we will be able to read its objectclass
-		if(!is_array($this->access->readAttribute($dn, ''))) {
+		if (!is_array($this->access->readAttribute($dn, ''))) {
 			$this->access->connection->writeToCache('groupExists'.$gid, false);
 			return false;
 		}
@@ -1080,7 +1080,7 @@ 
 	* compared with GroupInterface::CREATE_GROUP etc.
 	*/
 	public function implementsActions($actions) {
-		return (bool)((GroupInterface::COUNT_USERS |
+		return (bool) ((GroupInterface::COUNT_USERS |
 				$this->groupPluginManager->getImplementedActions()) & $actions);
 	}