Inspection of "Merge pull request #22916 from J0WI/unifiy-links-t..." - nextcloud/server - Measure and Improve Code Quality continuously with Scrutinizer

Passed

Push — master ( 72fda1...adc4f1 )

by Roeland

created 2020-12-22 08:53 UTC

Status

Indentation +464 added lines, -464 removed lines patch added patch discarded remove patch

@@ -50,468 +50,468 @@
 block discarded – undo
  */
 class SharedStorage extends \OC\Files\Storage\Wrapper\Jail implements ISharedStorage, IDisableEncryptionStorage {
 
-	/** @var \OCP\Share\IShare */
-	private $superShare;
-
-	/** @var \OCP\Share\IShare[] */
-	private $groupedShares;
-
-	/**
-	 * @var \OC\Files\View
-	 */
-	private $ownerView;
-
-	private $initialized = false;
-
-	/**
-	 * @var ICacheEntry
-	 */
-	private $sourceRootInfo;
-
-	/** @var string */
-	private $user;
-
-	/**
-	 * @var \OCP\ILogger
-	 */
-	private $logger;
-
-	/** @var  IStorage */
-	private $nonMaskedStorage;
-
-	private $options;
-
-	/** @var boolean */
-	private $sharingDisabledForUser;
-
-	public function __construct($arguments) {
-		$this->ownerView = $arguments['ownerView'];
-		$this->logger = \OC::$server->getLogger();
-
-		$this->superShare = $arguments['superShare'];
-		$this->groupedShares = $arguments['groupedShares'];
-
-		$this->user = $arguments['user'];
-		if (isset($arguments['sharingDisabledForUser'])) {
-			$this->sharingDisabledForUser = $arguments['sharingDisabledForUser'];
-		} else {
-			$this->sharingDisabledForUser = false;
-		}
-
-		parent::__construct([
-			'storage' => null,
-			'root' => null,
-		]);
-	}
-
-	/**
-	 * @return ICacheEntry
-	 */
-	private function getSourceRootInfo() {
-		if (is_null($this->sourceRootInfo)) {
-			if (is_null($this->superShare->getNodeCacheEntry())) {
-				$this->init();
-				$this->sourceRootInfo = $this->nonMaskedStorage->getCache()->get($this->rootPath);
-			} else {
-				$this->sourceRootInfo = $this->superShare->getNodeCacheEntry();
-			}
-		}
-		return $this->sourceRootInfo;
-	}
-
-	private function init() {
-		if ($this->initialized) {
-			return;
-		}
-		$this->initialized = true;
-		try {
-			Filesystem::initMountPoints($this->superShare->getShareOwner());
-			$storageId = $this->superShare->getNodeCacheEntry() ? $this->superShare->getNodeCacheEntry()->getStorageId() : null;
-			$sourcePath = $this->ownerView->getPath($this->superShare->getNodeId(), $storageId);
-			[$this->nonMaskedStorage, $this->rootPath] = $this->ownerView->resolvePath($sourcePath);
-			$this->storage = new PermissionsMask([
-				'storage' => $this->nonMaskedStorage,
-				'mask' => $this->superShare->getPermissions(),
-			]);
-		} catch (NotFoundException $e) {
-			// original file not accessible or deleted, set FailedStorage
-			$this->storage = new FailedStorage(['exception' => $e]);
-			$this->cache = new FailedCache();
-			$this->rootPath = '';
-		} catch (NoUserException $e) {
-			// sharer user deleted, set FailedStorage
-			$this->storage = new FailedStorage(['exception' => $e]);
-			$this->cache = new FailedCache();
-			$this->rootPath = '';
-		} catch (\Exception $e) {
-			$this->storage = new FailedStorage(['exception' => $e]);
-			$this->cache = new FailedCache();
-			$this->rootPath = '';
-			$this->logger->logException($e);
-		}
-
-		if (!$this->nonMaskedStorage) {
-			$this->nonMaskedStorage = $this->storage;
-		}
-	}
-
-	/**
-	 * @inheritdoc
-	 */
-	public function instanceOfStorage($class) {
-		if ($class === '\OC\Files\Storage\Common') {
-			return true;
-		}
-		if (in_array($class, ['\OC\Files\Storage\Home', '\OC\Files\ObjectStore\HomeObjectStoreStorage', '\OCP\Files\IHomeStorage'])) {
-			return false;
-		}
-		return parent::instanceOfStorage($class);
-	}
-
-	/**
-	 * @return string
-	 */
-	public function getShareId() {
-		return $this->superShare->getId();
-	}
-
-	private function isValid() {
-		return $this->getSourceRootInfo() && ($this->getSourceRootInfo()->getPermissions() & Constants::PERMISSION_SHARE) === Constants::PERMISSION_SHARE;
-	}
-
-	/**
-	 * get id of the mount point
-	 *
-	 * @return string
-	 */
-	public function getId() {
-		return 'shared::' . $this->getMountPoint();
-	}
-
-	/**
-	 * Get the permissions granted for a shared file
-	 *
-	 * @param string $target Shared target file path
-	 * @return int CRUDS permissions granted
-	 */
-	public function getPermissions($target = '') {
-		if (!$this->isValid()) {
-			return 0;
-		}
-		$permissions = parent::getPermissions($target) & $this->superShare->getPermissions();
-
-		// part files and the mount point always have delete permissions
-		if ($target === '' || pathinfo($target, PATHINFO_EXTENSION) === 'part') {
-			$permissions |= \OCP\Constants::PERMISSION_DELETE;
-		}
-
-		if ($this->sharingDisabledForUser) {
-			$permissions &= ~\OCP\Constants::PERMISSION_SHARE;
-		}
-
-		return $permissions;
-	}
-
-	public function isCreatable($path) {
-		return ($this->getPermissions($path) & \OCP\Constants::PERMISSION_CREATE);
-	}
-
-	public function isReadable($path) {
-		if (!$this->isValid()) {
-			return false;
-		}
-		if (!$this->file_exists($path)) {
-			return false;
-		}
-		/** @var IStorage $storage */
-		/** @var string $internalPath */
-		[$storage, $internalPath] = $this->resolvePath($path);
-		return $storage->isReadable($internalPath);
-	}
-
-	public function isUpdatable($path) {
-		return ($this->getPermissions($path) & \OCP\Constants::PERMISSION_UPDATE);
-	}
-
-	public function isDeletable($path) {
-		return ($this->getPermissions($path) & \OCP\Constants::PERMISSION_DELETE);
-	}
-
-	public function isSharable($path) {
-		if (\OCP\Util::isSharingDisabledForUser() || !\OC\Share\Share::isResharingAllowed()) {
-			return false;
-		}
-		return ($this->getPermissions($path) & \OCP\Constants::PERMISSION_SHARE);
-	}
-
-	public function fopen($path, $mode) {
-		$source = $this->getUnjailedPath($path);
-		switch ($mode) {
-			case 'r+':
-			case 'rb+':
-			case 'w+':
-			case 'wb+':
-			case 'x+':
-			case 'xb+':
-			case 'a+':
-			case 'ab+':
-			case 'w':
-			case 'wb':
-			case 'x':
-			case 'xb':
-			case 'a':
-			case 'ab':
-				$creatable = $this->isCreatable(dirname($path));
-				$updatable = $this->isUpdatable($path);
-				// if neither permissions given, no need to continue
-				if (!$creatable && !$updatable) {
-					if (pathinfo($path, PATHINFO_EXTENSION) === 'part') {
-						$updatable = $this->isUpdatable(dirname($path));
-					}
-
-					if (!$updatable) {
-						return false;
-					}
-				}
-
-				$exists = $this->file_exists($path);
-				// if a file exists, updatable permissions are required
-				if ($exists && !$updatable) {
-					return false;
-				}
-
-				// part file is allowed if !$creatable but the final file is $updatable
-				if (pathinfo($path, PATHINFO_EXTENSION) !== 'part') {
-					if (!$exists && !$creatable) {
-						return false;
-					}
-				}
-		}
-		$info = [
-			'target' => $this->getMountPoint() . '/' . $path,
-			'source' => $source,
-			'mode' => $mode,
-		];
-		\OCP\Util::emitHook('\OC\Files\Storage\Shared', 'fopen', $info);
-		return $this->nonMaskedStorage->fopen($this->getUnjailedPath($path), $mode);
-	}
-
-	/**
-	 * see https://www.php.net/manual/en/function.rename.php
-	 *
-	 * @param string $path1
-	 * @param string $path2
-	 * @return bool
-	 */
-	public function rename($path1, $path2) {
-		$this->init();
-		$isPartFile = pathinfo($path1, PATHINFO_EXTENSION) === 'part';
-		$targetExists = $this->file_exists($path2);
-		$sameFolder = dirname($path1) === dirname($path2);
-
-		if ($targetExists || ($sameFolder && !$isPartFile)) {
-			if (!$this->isUpdatable('')) {
-				return false;
-			}
-		} else {
-			if (!$this->isCreatable('')) {
-				return false;
-			}
-		}
-
-		return $this->nonMaskedStorage->rename($this->getUnjailedPath($path1), $this->getUnjailedPath($path2));
-	}
-
-	/**
-	 * return mount point of share, relative to data/user/files
-	 *
-	 * @return string
-	 */
-	public function getMountPoint() {
-		return $this->superShare->getTarget();
-	}
-
-	/**
-	 * @param string $path
-	 */
-	public function setMountPoint($path) {
-		$this->superShare->setTarget($path);
-
-		foreach ($this->groupedShares as $share) {
-			$share->setTarget($path);
-		}
-	}
-
-	/**
-	 * get the user who shared the file
-	 *
-	 * @return string
-	 */
-	public function getSharedFrom() {
-		return $this->superShare->getShareOwner();
-	}
-
-	/**
-	 * @return \OCP\Share\IShare
-	 */
-	public function getShare() {
-		return $this->superShare;
-	}
-
-	/**
-	 * return share type, can be "file" or "folder"
-	 *
-	 * @return string
-	 */
-	public function getItemType() {
-		return $this->superShare->getNodeType();
-	}
-
-	/**
-	 * @param string $path
-	 * @param null $storage
-	 * @return Cache
-	 */
-	public function getCache($path = '', $storage = null) {
-		if ($this->cache) {
-			return $this->cache;
-		}
-		if (!$storage) {
-			$storage = $this;
-		}
-		$sourceRoot = $this->getSourceRootInfo();
-		if ($this->storage instanceof FailedStorage) {
-			return new FailedCache();
-		}
-
-		$this->cache = new \OCA\Files_Sharing\Cache($storage, $sourceRoot, $this->superShare);
-		return $this->cache;
-	}
-
-	public function getScanner($path = '', $storage = null) {
-		if (!$storage) {
-			$storage = $this;
-		}
-		return new \OCA\Files_Sharing\Scanner($storage);
-	}
-
-	public function getOwner($path) {
-		return $this->superShare->getShareOwner();
-	}
-
-	public function getWatcher($path = '', $storage = null) {
-		// cache updating is handled by the share source
-		return new NullWatcher();
-	}
-
-	/**
-	 * unshare complete storage, also the grouped shares
-	 *
-	 * @return bool
-	 */
-	public function unshareStorage() {
-		foreach ($this->groupedShares as $share) {
-			\OC::$server->getShareManager()->deleteFromSelf($share, $this->user);
-		}
-		return true;
-	}
-
-	/**
-	 * @param string $path
-	 * @param int $type \OCP\Lock\ILockingProvider::LOCK_SHARED or \OCP\Lock\ILockingProvider::LOCK_EXCLUSIVE
-	 * @param \OCP\Lock\ILockingProvider $provider
-	 * @throws \OCP\Lock\LockedException
-	 */
-	public function acquireLock($path, $type, ILockingProvider $provider) {
-		/** @var \OCP\Files\Storage $targetStorage */
-		[$targetStorage, $targetInternalPath] = $this->resolvePath($path);
-		$targetStorage->acquireLock($targetInternalPath, $type, $provider);
-		// lock the parent folders of the owner when locking the share as recipient
-		if ($path === '') {
-			$sourcePath = $this->ownerView->getPath($this->superShare->getNodeId());
-			$this->ownerView->lockFile(dirname($sourcePath), ILockingProvider::LOCK_SHARED, true);
-		}
-	}
-
-	/**
-	 * @param string $path
-	 * @param int $type \OCP\Lock\ILockingProvider::LOCK_SHARED or \OCP\Lock\ILockingProvider::LOCK_EXCLUSIVE
-	 * @param \OCP\Lock\ILockingProvider $provider
-	 */
-	public function releaseLock($path, $type, ILockingProvider $provider) {
-		/** @var \OCP\Files\Storage $targetStorage */
-		[$targetStorage, $targetInternalPath] = $this->resolvePath($path);
-		$targetStorage->releaseLock($targetInternalPath, $type, $provider);
-		// unlock the parent folders of the owner when unlocking the share as recipient
-		if ($path === '') {
-			$sourcePath = $this->ownerView->getPath($this->superShare->getNodeId());
-			$this->ownerView->unlockFile(dirname($sourcePath), ILockingProvider::LOCK_SHARED, true);
-		}
-	}
-
-	/**
-	 * @param string $path
-	 * @param int $type \OCP\Lock\ILockingProvider::LOCK_SHARED or \OCP\Lock\ILockingProvider::LOCK_EXCLUSIVE
-	 * @param \OCP\Lock\ILockingProvider $provider
-	 */
-	public function changeLock($path, $type, ILockingProvider $provider) {
-		/** @var \OCP\Files\Storage $targetStorage */
-		[$targetStorage, $targetInternalPath] = $this->resolvePath($path);
-		$targetStorage->changeLock($targetInternalPath, $type, $provider);
-	}
-
-	/**
-	 * @return array [ available, last_checked ]
-	 */
-	public function getAvailability() {
-		// shares do not participate in availability logic
-		return [
-			'available' => true,
-			'last_checked' => 0,
-		];
-	}
-
-	/**
-	 * @param bool $available
-	 */
-	public function setAvailability($available) {
-		// shares do not participate in availability logic
-	}
-
-	public function getSourceStorage() {
-		$this->init();
-		return $this->nonMaskedStorage;
-	}
-
-	public function getWrapperStorage() {
-		$this->init();
-		return $this->storage;
-	}
-
-	public function file_get_contents($path) {
-		$info = [
-			'target' => $this->getMountPoint() . '/' . $path,
-			'source' => $this->getUnjailedPath($path),
-		];
-		\OCP\Util::emitHook('\OC\Files\Storage\Shared', 'file_get_contents', $info);
-		return parent::file_get_contents($path);
-	}
-
-	public function file_put_contents($path, $data) {
-		$info = [
-			'target' => $this->getMountPoint() . '/' . $path,
-			'source' => $this->getUnjailedPath($path),
-		];
-		\OCP\Util::emitHook('\OC\Files\Storage\Shared', 'file_put_contents', $info);
-		return parent::file_put_contents($path, $data);
-	}
-
-	public function setMountOptions(array $options) {
-		$this->mountOptions = $options;
-	}
-
-	public function getUnjailedPath($path) {
-		$this->init();
-		return parent::getUnjailedPath($path);
-	}
+    /** @var \OCP\Share\IShare */
+    private $superShare;
+
+    /** @var \OCP\Share\IShare[] */
+    private $groupedShares;
+
+    /**
+     * @var \OC\Files\View
+     */
+    private $ownerView;
+
+    private $initialized = false;
+
+    /**
+     * @var ICacheEntry
+     */
+    private $sourceRootInfo;
+
+    /** @var string */
+    private $user;
+
+    /**
+     * @var \OCP\ILogger
+     */
+    private $logger;
+
+    /** @var  IStorage */
+    private $nonMaskedStorage;
+
+    private $options;
+
+    /** @var boolean */
+    private $sharingDisabledForUser;
+
+    public function __construct($arguments) {
+        $this->ownerView = $arguments['ownerView'];
+        $this->logger = \OC::$server->getLogger();
+
+        $this->superShare = $arguments['superShare'];
+        $this->groupedShares = $arguments['groupedShares'];
+
+        $this->user = $arguments['user'];
+        if (isset($arguments['sharingDisabledForUser'])) {
+            $this->sharingDisabledForUser = $arguments['sharingDisabledForUser'];
+        } else {
+            $this->sharingDisabledForUser = false;
+        }
+
+        parent::__construct([
+            'storage' => null,
+            'root' => null,
+        ]);
+    }
+
+    /**
+     * @return ICacheEntry
+     */
+    private function getSourceRootInfo() {
+        if (is_null($this->sourceRootInfo)) {
+            if (is_null($this->superShare->getNodeCacheEntry())) {
+                $this->init();
+                $this->sourceRootInfo = $this->nonMaskedStorage->getCache()->get($this->rootPath);
+            } else {
+                $this->sourceRootInfo = $this->superShare->getNodeCacheEntry();
+            }
+        }
+        return $this->sourceRootInfo;
+    }
+
+    private function init() {
+        if ($this->initialized) {
+            return;
+        }
+        $this->initialized = true;
+        try {
+            Filesystem::initMountPoints($this->superShare->getShareOwner());
+            $storageId = $this->superShare->getNodeCacheEntry() ? $this->superShare->getNodeCacheEntry()->getStorageId() : null;
+            $sourcePath = $this->ownerView->getPath($this->superShare->getNodeId(), $storageId);
+            [$this->nonMaskedStorage, $this->rootPath] = $this->ownerView->resolvePath($sourcePath);
+            $this->storage = new PermissionsMask([
+                'storage' => $this->nonMaskedStorage,
+                'mask' => $this->superShare->getPermissions(),
+            ]);
+        } catch (NotFoundException $e) {
+            // original file not accessible or deleted, set FailedStorage
+            $this->storage = new FailedStorage(['exception' => $e]);
+            $this->cache = new FailedCache();
+            $this->rootPath = '';
+        } catch (NoUserException $e) {
+            // sharer user deleted, set FailedStorage
+            $this->storage = new FailedStorage(['exception' => $e]);
+            $this->cache = new FailedCache();
+            $this->rootPath = '';
+        } catch (\Exception $e) {
+            $this->storage = new FailedStorage(['exception' => $e]);
+            $this->cache = new FailedCache();
+            $this->rootPath = '';
+            $this->logger->logException($e);
+        }
+
+        if (!$this->nonMaskedStorage) {
+            $this->nonMaskedStorage = $this->storage;
+        }
+    }
+
+    /**
+     * @inheritdoc
+     */
+    public function instanceOfStorage($class) {
+        if ($class === '\OC\Files\Storage\Common') {
+            return true;
+        }
+        if (in_array($class, ['\OC\Files\Storage\Home', '\OC\Files\ObjectStore\HomeObjectStoreStorage', '\OCP\Files\IHomeStorage'])) {
+            return false;
+        }
+        return parent::instanceOfStorage($class);
+    }
+
+    /**
+     * @return string
+     */
+    public function getShareId() {
+        return $this->superShare->getId();
+    }
+
+    private function isValid() {
+        return $this->getSourceRootInfo() && ($this->getSourceRootInfo()->getPermissions() & Constants::PERMISSION_SHARE) === Constants::PERMISSION_SHARE;
+    }
+
+    /**
+     * get id of the mount point
+     *
+     * @return string
+     */
+    public function getId() {
+        return 'shared::' . $this->getMountPoint();
+    }
+
+    /**
+     * Get the permissions granted for a shared file
+     *
+     * @param string $target Shared target file path
+     * @return int CRUDS permissions granted
+     */
+    public function getPermissions($target = '') {
+        if (!$this->isValid()) {
+            return 0;
+        }
+        $permissions = parent::getPermissions($target) & $this->superShare->getPermissions();
+
+        // part files and the mount point always have delete permissions
+        if ($target === '' || pathinfo($target, PATHINFO_EXTENSION) === 'part') {
+            $permissions |= \OCP\Constants::PERMISSION_DELETE;
+        }
+
+        if ($this->sharingDisabledForUser) {
+            $permissions &= ~\OCP\Constants::PERMISSION_SHARE;
+        }
+
+        return $permissions;
+    }
+
+    public function isCreatable($path) {
+        return ($this->getPermissions($path) & \OCP\Constants::PERMISSION_CREATE);
+    }
+
+    public function isReadable($path) {
+        if (!$this->isValid()) {
+            return false;
+        }
+        if (!$this->file_exists($path)) {
+            return false;
+        }
+        /** @var IStorage $storage */
+        /** @var string $internalPath */
+        [$storage, $internalPath] = $this->resolvePath($path);
+        return $storage->isReadable($internalPath);
+    }
+
+    public function isUpdatable($path) {
+        return ($this->getPermissions($path) & \OCP\Constants::PERMISSION_UPDATE);
+    }
+
+    public function isDeletable($path) {
+        return ($this->getPermissions($path) & \OCP\Constants::PERMISSION_DELETE);
+    }
+
+    public function isSharable($path) {
+        if (\OCP\Util::isSharingDisabledForUser() || !\OC\Share\Share::isResharingAllowed()) {
+            return false;
+        }
+        return ($this->getPermissions($path) & \OCP\Constants::PERMISSION_SHARE);
+    }
+
+    public function fopen($path, $mode) {
+        $source = $this->getUnjailedPath($path);
+        switch ($mode) {
+            case 'r+':
+            case 'rb+':
+            case 'w+':
+            case 'wb+':
+            case 'x+':
+            case 'xb+':
+            case 'a+':
+            case 'ab+':
+            case 'w':
+            case 'wb':
+            case 'x':
+            case 'xb':
+            case 'a':
+            case 'ab':
+                $creatable = $this->isCreatable(dirname($path));
+                $updatable = $this->isUpdatable($path);
+                // if neither permissions given, no need to continue
+                if (!$creatable && !$updatable) {
+                    if (pathinfo($path, PATHINFO_EXTENSION) === 'part') {
+                        $updatable = $this->isUpdatable(dirname($path));
+                    }
+
+                    if (!$updatable) {
+                        return false;
+                    }
+                }
+
+                $exists = $this->file_exists($path);
+                // if a file exists, updatable permissions are required
+                if ($exists && !$updatable) {
+                    return false;
+                }
+
+                // part file is allowed if !$creatable but the final file is $updatable
+                if (pathinfo($path, PATHINFO_EXTENSION) !== 'part') {
+                    if (!$exists && !$creatable) {
+                        return false;
+                    }
+                }
+        }
+        $info = [
+            'target' => $this->getMountPoint() . '/' . $path,
+            'source' => $source,
+            'mode' => $mode,
+        ];
+        \OCP\Util::emitHook('\OC\Files\Storage\Shared', 'fopen', $info);
+        return $this->nonMaskedStorage->fopen($this->getUnjailedPath($path), $mode);
+    }
+
+    /**
+     * see https://www.php.net/manual/en/function.rename.php
+     *
+     * @param string $path1
+     * @param string $path2
+     * @return bool
+     */
+    public function rename($path1, $path2) {
+        $this->init();
+        $isPartFile = pathinfo($path1, PATHINFO_EXTENSION) === 'part';
+        $targetExists = $this->file_exists($path2);
+        $sameFolder = dirname($path1) === dirname($path2);
+
+        if ($targetExists || ($sameFolder && !$isPartFile)) {
+            if (!$this->isUpdatable('')) {
+                return false;
+            }
+        } else {
+            if (!$this->isCreatable('')) {
+                return false;
+            }
+        }
+
+        return $this->nonMaskedStorage->rename($this->getUnjailedPath($path1), $this->getUnjailedPath($path2));
+    }
+
+    /**
+     * return mount point of share, relative to data/user/files
+     *
+     * @return string
+     */
+    public function getMountPoint() {
+        return $this->superShare->getTarget();
+    }
+
+    /**
+     * @param string $path
+     */
+    public function setMountPoint($path) {
+        $this->superShare->setTarget($path);
+
+        foreach ($this->groupedShares as $share) {
+            $share->setTarget($path);
+        }
+    }
+
+    /**
+     * get the user who shared the file
+     *
+     * @return string
+     */
+    public function getSharedFrom() {
+        return $this->superShare->getShareOwner();
+    }
+
+    /**
+     * @return \OCP\Share\IShare
+     */
+    public function getShare() {
+        return $this->superShare;
+    }
+
+    /**
+     * return share type, can be "file" or "folder"
+     *
+     * @return string
+     */
+    public function getItemType() {
+        return $this->superShare->getNodeType();
+    }
+
+    /**
+     * @param string $path
+     * @param null $storage
+     * @return Cache
+     */
+    public function getCache($path = '', $storage = null) {
+        if ($this->cache) {
+            return $this->cache;
+        }
+        if (!$storage) {
+            $storage = $this;
+        }
+        $sourceRoot = $this->getSourceRootInfo();
+        if ($this->storage instanceof FailedStorage) {
+            return new FailedCache();
+        }
+
+        $this->cache = new \OCA\Files_Sharing\Cache($storage, $sourceRoot, $this->superShare);
+        return $this->cache;
+    }
+
+    public function getScanner($path = '', $storage = null) {
+        if (!$storage) {
+            $storage = $this;
+        }
+        return new \OCA\Files_Sharing\Scanner($storage);
+    }
+
+    public function getOwner($path) {
+        return $this->superShare->getShareOwner();
+    }
+
+    public function getWatcher($path = '', $storage = null) {
+        // cache updating is handled by the share source
+        return new NullWatcher();
+    }
+
+    /**
+     * unshare complete storage, also the grouped shares
+     *
+     * @return bool
+     */
+    public function unshareStorage() {
+        foreach ($this->groupedShares as $share) {
+            \OC::$server->getShareManager()->deleteFromSelf($share, $this->user);
+        }
+        return true;
+    }
+
+    /**
+     * @param string $path
+     * @param int $type \OCP\Lock\ILockingProvider::LOCK_SHARED or \OCP\Lock\ILockingProvider::LOCK_EXCLUSIVE
+     * @param \OCP\Lock\ILockingProvider $provider
+     * @throws \OCP\Lock\LockedException
+     */
+    public function acquireLock($path, $type, ILockingProvider $provider) {
+        /** @var \OCP\Files\Storage $targetStorage */
+        [$targetStorage, $targetInternalPath] = $this->resolvePath($path);
+        $targetStorage->acquireLock($targetInternalPath, $type, $provider);
+        // lock the parent folders of the owner when locking the share as recipient
+        if ($path === '') {
+            $sourcePath = $this->ownerView->getPath($this->superShare->getNodeId());
+            $this->ownerView->lockFile(dirname($sourcePath), ILockingProvider::LOCK_SHARED, true);
+        }
+    }
+
+    /**
+     * @param string $path
+     * @param int $type \OCP\Lock\ILockingProvider::LOCK_SHARED or \OCP\Lock\ILockingProvider::LOCK_EXCLUSIVE
+     * @param \OCP\Lock\ILockingProvider $provider
+     */
+    public function releaseLock($path, $type, ILockingProvider $provider) {
+        /** @var \OCP\Files\Storage $targetStorage */
+        [$targetStorage, $targetInternalPath] = $this->resolvePath($path);
+        $targetStorage->releaseLock($targetInternalPath, $type, $provider);
+        // unlock the parent folders of the owner when unlocking the share as recipient
+        if ($path === '') {
+            $sourcePath = $this->ownerView->getPath($this->superShare->getNodeId());
+            $this->ownerView->unlockFile(dirname($sourcePath), ILockingProvider::LOCK_SHARED, true);
+        }
+    }
+
+    /**
+     * @param string $path
+     * @param int $type \OCP\Lock\ILockingProvider::LOCK_SHARED or \OCP\Lock\ILockingProvider::LOCK_EXCLUSIVE
+     * @param \OCP\Lock\ILockingProvider $provider
+     */
+    public function changeLock($path, $type, ILockingProvider $provider) {
+        /** @var \OCP\Files\Storage $targetStorage */
+        [$targetStorage, $targetInternalPath] = $this->resolvePath($path);
+        $targetStorage->changeLock($targetInternalPath, $type, $provider);
+    }
+
+    /**
+     * @return array [ available, last_checked ]
+     */
+    public function getAvailability() {
+        // shares do not participate in availability logic
+        return [
+            'available' => true,
+            'last_checked' => 0,
+        ];
+    }
+
+    /**
+     * @param bool $available
+     */
+    public function setAvailability($available) {
+        // shares do not participate in availability logic
+    }
+
+    public function getSourceStorage() {
+        $this->init();
+        return $this->nonMaskedStorage;
+    }
+
+    public function getWrapperStorage() {
+        $this->init();
+        return $this->storage;
+    }
+
+    public function file_get_contents($path) {
+        $info = [
+            'target' => $this->getMountPoint() . '/' . $path,
+            'source' => $this->getUnjailedPath($path),
+        ];
+        \OCP\Util::emitHook('\OC\Files\Storage\Shared', 'file_get_contents', $info);
+        return parent::file_get_contents($path);
+    }
+
+    public function file_put_contents($path, $data) {
+        $info = [
+            'target' => $this->getMountPoint() . '/' . $path,
+            'source' => $this->getUnjailedPath($path),
+        ];
+        \OCP\Util::emitHook('\OC\Files\Storage\Shared', 'file_put_contents', $info);
+        return parent::file_put_contents($path, $data);
+    }
+
+    public function setMountOptions(array $options) {
+        $this->mountOptions = $options;
+    }
+
+    public function getUnjailedPath($path) {
+        $this->init();
+        return parent::getUnjailedPath($path);
+    }
 }

Please login to merge, or discard this patch.

apps/files/lib/Command/ScanAppData.php 1 patch

Indentation +239 added lines, -239 removed lines patch added patch discarded remove patch

@@ -45,243 +45,243 @@
 block discarded – undo
 
 class ScanAppData extends Base {
 
-	/** @var IRootFolder */
-	protected $root;
-	/** @var IConfig */
-	protected $config;
-	/** @var float */
-	protected $execTime = 0;
-	/** @var int */
-	protected $foldersCounter = 0;
-	/** @var int */
-	protected $filesCounter = 0;
-
-	public function __construct(IRootFolder $rootFolder, IConfig $config) {
-		parent::__construct();
-
-		$this->root = $rootFolder;
-		$this->config = $config;
-	}
-
-	protected function configure() {
-		parent::configure();
-
-		$this
-			->setName('files:scan-app-data')
-			->setDescription('rescan the AppData folder');
-
-		$this->addArgument('folder', InputArgument::OPTIONAL, 'The appdata subfolder to scan', '');
-	}
-
-	public function checkScanWarning($fullPath, OutputInterface $output) {
-		$normalizedPath = basename(\OC\Files\Filesystem::normalizePath($fullPath));
-		$path = basename($fullPath);
-
-		if ($normalizedPath !== $path) {
-			$output->writeln("\t<error>Entry \"" . $fullPath . '" will not be accessible due to incompatible encoding</error>');
-		}
-	}
-
-	protected function scanFiles(OutputInterface $output, string $folder): int {
-		try {
-			$appData = $this->getAppDataFolder();
-		} catch (NotFoundException $e) {
-			$output->writeln('<error>NoAppData folder found</error>');
-			return 1;
-		}
-
-		if ($folder !== '') {
-			try {
-				$appData = $appData->get($folder);
-			} catch (NotFoundException $e) {
-				$output->writeln('<error>Could not find folder: ' . $folder . '</error>');
-				return 1;
-			}
-		}
-
-		$connection = $this->reconnectToDatabase($output);
-		$scanner = new \OC\Files\Utils\Scanner(null, $connection, \OC::$server->query(IEventDispatcher::class), \OC::$server->getLogger());
-
-		# check on each file/folder if there was a user interrupt (ctrl-c) and throw an exception
-		$scanner->listen('\OC\Files\Utils\Scanner', 'scanFile', function ($path) use ($output) {
-			$output->writeln("\tFile   <info>$path</info>", OutputInterface::VERBOSITY_VERBOSE);
-			++$this->filesCounter;
-			$this->abortIfInterrupted();
-		});
-
-		$scanner->listen('\OC\Files\Utils\Scanner', 'scanFolder', function ($path) use ($output) {
-			$output->writeln("\tFolder <info>$path</info>", OutputInterface::VERBOSITY_VERBOSE);
-			++$this->foldersCounter;
-			$this->abortIfInterrupted();
-		});
-
-		$scanner->listen('\OC\Files\Utils\Scanner', 'StorageNotAvailable', function (StorageNotAvailableException $e) use ($output) {
-			$output->writeln('Error while scanning, storage not available (' . $e->getMessage() . ')', OutputInterface::VERBOSITY_VERBOSE);
-		});
-
-		$scanner->listen('\OC\Files\Utils\Scanner', 'scanFile', function ($path) use ($output) {
-			$this->checkScanWarning($path, $output);
-		});
-
-		$scanner->listen('\OC\Files\Utils\Scanner', 'scanFolder', function ($path) use ($output) {
-			$this->checkScanWarning($path, $output);
-		});
-
-		try {
-			$scanner->scan($appData->getPath());
-		} catch (ForbiddenException $e) {
-			$output->writeln('<error>Storage not writable</error>');
-			$output->writeln('<info>Make sure you\'re running the scan command only as the user the web server runs as</info>');
-			return 1;
-		} catch (InterruptedException $e) {
-			# exit the function if ctrl-c has been pressed
-			$output->writeln('<info>Interrupted by user</info>');
-			return 1;
-		} catch (NotFoundException $e) {
-			$output->writeln('<error>Path not found: ' . $e->getMessage() . '</error>');
-			return 1;
-		} catch (\Exception $e) {
-			$output->writeln('<error>Exception during scan: ' . $e->getMessage() . '</error>');
-			$output->writeln('<error>' . $e->getTraceAsString() . '</error>');
-			return 1;
-		}
-
-		return 0;
-	}
-
-
-	protected function execute(InputInterface $input, OutputInterface $output): int {
-		# restrict the verbosity level to VERBOSITY_VERBOSE
-		if ($output->getVerbosity() > OutputInterface::VERBOSITY_VERBOSE) {
-			$output->setVerbosity(OutputInterface::VERBOSITY_VERBOSE);
-		}
-
-		$output->writeln('Scanning AppData for files');
-		$output->writeln('');
-
-		$folder = $input->getArgument('folder');
-
-		$this->initTools();
-
-		$exitCode = $this->scanFiles($output, $folder);
-		if ($exitCode === 0) {
-			$this->presentStats($output);
-		}
-		return $exitCode;
-	}
-
-	/**
-	 * Initialises some useful tools for the Command
-	 */
-	protected function initTools() {
-		// Start the timer
-		$this->execTime = -microtime(true);
-		// Convert PHP errors to exceptions
-		set_error_handler([$this, 'exceptionErrorHandler'], E_ALL);
-	}
-
-	/**
-	 * Processes PHP errors as exceptions in order to be able to keep track of problems
-	 *
-	 * @see https://www.php.net/manual/en/function.set-error-handler.php
-	 *
-	 * @param int $severity the level of the error raised
-	 * @param string $message
-	 * @param string $file the filename that the error was raised in
-	 * @param int $line the line number the error was raised
-	 *
-	 * @throws \ErrorException
-	 */
-	public function exceptionErrorHandler($severity, $message, $file, $line) {
-		if (!(error_reporting() & $severity)) {
-			// This error code is not included in error_reporting
-			return;
-		}
-		throw new \ErrorException($message, 0, $severity, $file, $line);
-	}
-
-	/**
-	 * @param OutputInterface $output
-	 */
-	protected function presentStats(OutputInterface $output) {
-		// Stop the timer
-		$this->execTime += microtime(true);
-
-		$headers = [
-			'Folders', 'Files', 'Elapsed time'
-		];
-
-		$this->showSummary($headers, null, $output);
-	}
-
-	/**
-	 * Shows a summary of operations
-	 *
-	 * @param string[] $headers
-	 * @param string[] $rows
-	 * @param OutputInterface $output
-	 */
-	protected function showSummary($headers, $rows, OutputInterface $output) {
-		$niceDate = $this->formatExecTime();
-		if (!$rows) {
-			$rows = [
-				$this->foldersCounter,
-				$this->filesCounter,
-				$niceDate,
-			];
-		}
-		$table = new Table($output);
-		$table
-			->setHeaders($headers)
-			->setRows([$rows]);
-		$table->render();
-	}
-
-
-	/**
-	 * Formats microtime into a human readable format
-	 *
-	 * @return string
-	 */
-	protected function formatExecTime() {
-		$secs = round($this->execTime);
-		# convert seconds into HH:MM:SS form
-		return sprintf('%02d:%02d:%02d', ($secs / 3600), ($secs / 60 % 60), $secs % 60);
-	}
-
-	/**
-	 * @return \OCP\IDBConnection
-	 */
-	protected function reconnectToDatabase(OutputInterface $output) {
-		/** @var Connection | IDBConnection $connection*/
-		$connection = \OC::$server->getDatabaseConnection();
-		try {
-			$connection->close();
-		} catch (\Exception $ex) {
-			$output->writeln("<info>Error while disconnecting from database: {$ex->getMessage()}</info>");
-		}
-		while (!$connection->isConnected()) {
-			try {
-				$connection->connect();
-			} catch (\Exception $ex) {
-				$output->writeln("<info>Error while re-connecting to database: {$ex->getMessage()}</info>");
-				sleep(60);
-			}
-		}
-		return $connection;
-	}
-
-	/**
-	 * @return \OCP\Files\Folder
-	 * @throws NotFoundException
-	 */
-	private function getAppDataFolder() {
-		$instanceId = $this->config->getSystemValue('instanceid', null);
-
-		if ($instanceId === null) {
-			throw new NotFoundException();
-		}
-
-		return $this->root->get('appdata_'.$instanceId);
-	}
+    /** @var IRootFolder */
+    protected $root;
+    /** @var IConfig */
+    protected $config;
+    /** @var float */
+    protected $execTime = 0;
+    /** @var int */
+    protected $foldersCounter = 0;
+    /** @var int */
+    protected $filesCounter = 0;
+
+    public function __construct(IRootFolder $rootFolder, IConfig $config) {
+        parent::__construct();
+
+        $this->root = $rootFolder;
+        $this->config = $config;
+    }
+
+    protected function configure() {
+        parent::configure();
+
+        $this
+            ->setName('files:scan-app-data')
+            ->setDescription('rescan the AppData folder');
+
+        $this->addArgument('folder', InputArgument::OPTIONAL, 'The appdata subfolder to scan', '');
+    }
+
+    public function checkScanWarning($fullPath, OutputInterface $output) {
+        $normalizedPath = basename(\OC\Files\Filesystem::normalizePath($fullPath));
+        $path = basename($fullPath);
+
+        if ($normalizedPath !== $path) {
+            $output->writeln("\t<error>Entry \"" . $fullPath . '" will not be accessible due to incompatible encoding</error>');
+        }
+    }
+
+    protected function scanFiles(OutputInterface $output, string $folder): int {
+        try {
+            $appData = $this->getAppDataFolder();
+        } catch (NotFoundException $e) {
+            $output->writeln('<error>NoAppData folder found</error>');
+            return 1;
+        }
+
+        if ($folder !== '') {
+            try {
+                $appData = $appData->get($folder);
+            } catch (NotFoundException $e) {
+                $output->writeln('<error>Could not find folder: ' . $folder . '</error>');
+                return 1;
+            }
+        }
+
+        $connection = $this->reconnectToDatabase($output);
+        $scanner = new \OC\Files\Utils\Scanner(null, $connection, \OC::$server->query(IEventDispatcher::class), \OC::$server->getLogger());
+
+        # check on each file/folder if there was a user interrupt (ctrl-c) and throw an exception
+        $scanner->listen('\OC\Files\Utils\Scanner', 'scanFile', function ($path) use ($output) {
+            $output->writeln("\tFile   <info>$path</info>", OutputInterface::VERBOSITY_VERBOSE);
+            ++$this->filesCounter;
+            $this->abortIfInterrupted();
+        });
+
+        $scanner->listen('\OC\Files\Utils\Scanner', 'scanFolder', function ($path) use ($output) {
+            $output->writeln("\tFolder <info>$path</info>", OutputInterface::VERBOSITY_VERBOSE);
+            ++$this->foldersCounter;
+            $this->abortIfInterrupted();
+        });
+
+        $scanner->listen('\OC\Files\Utils\Scanner', 'StorageNotAvailable', function (StorageNotAvailableException $e) use ($output) {
+            $output->writeln('Error while scanning, storage not available (' . $e->getMessage() . ')', OutputInterface::VERBOSITY_VERBOSE);
+        });
+
+        $scanner->listen('\OC\Files\Utils\Scanner', 'scanFile', function ($path) use ($output) {
+            $this->checkScanWarning($path, $output);
+        });
+
+        $scanner->listen('\OC\Files\Utils\Scanner', 'scanFolder', function ($path) use ($output) {
+            $this->checkScanWarning($path, $output);
+        });
+
+        try {
+            $scanner->scan($appData->getPath());
+        } catch (ForbiddenException $e) {
+            $output->writeln('<error>Storage not writable</error>');
+            $output->writeln('<info>Make sure you\'re running the scan command only as the user the web server runs as</info>');
+            return 1;
+        } catch (InterruptedException $e) {
+            # exit the function if ctrl-c has been pressed
+            $output->writeln('<info>Interrupted by user</info>');
+            return 1;
+        } catch (NotFoundException $e) {
+            $output->writeln('<error>Path not found: ' . $e->getMessage() . '</error>');
+            return 1;
+        } catch (\Exception $e) {
+            $output->writeln('<error>Exception during scan: ' . $e->getMessage() . '</error>');
+            $output->writeln('<error>' . $e->getTraceAsString() . '</error>');
+            return 1;
+        }
+
+        return 0;
+    }
+
+
+    protected function execute(InputInterface $input, OutputInterface $output): int {
+        # restrict the verbosity level to VERBOSITY_VERBOSE
+        if ($output->getVerbosity() > OutputInterface::VERBOSITY_VERBOSE) {
+            $output->setVerbosity(OutputInterface::VERBOSITY_VERBOSE);
+        }
+
+        $output->writeln('Scanning AppData for files');
+        $output->writeln('');
+
+        $folder = $input->getArgument('folder');
+
+        $this->initTools();
+
+        $exitCode = $this->scanFiles($output, $folder);
+        if ($exitCode === 0) {
+            $this->presentStats($output);
+        }
+        return $exitCode;
+    }
+
+    /**
+     * Initialises some useful tools for the Command
+     */
+    protected function initTools() {
+        // Start the timer
+        $this->execTime = -microtime(true);
+        // Convert PHP errors to exceptions
+        set_error_handler([$this, 'exceptionErrorHandler'], E_ALL);
+    }
+
+    /**
+     * Processes PHP errors as exceptions in order to be able to keep track of problems
+     *
+     * @see https://www.php.net/manual/en/function.set-error-handler.php
+     *
+     * @param int $severity the level of the error raised
+     * @param string $message
+     * @param string $file the filename that the error was raised in
+     * @param int $line the line number the error was raised
+     *
+     * @throws \ErrorException
+     */
+    public function exceptionErrorHandler($severity, $message, $file, $line) {
+        if (!(error_reporting() & $severity)) {
+            // This error code is not included in error_reporting
+            return;
+        }
+        throw new \ErrorException($message, 0, $severity, $file, $line);
+    }
+
+    /**
+     * @param OutputInterface $output
+     */
+    protected function presentStats(OutputInterface $output) {
+        // Stop the timer
+        $this->execTime += microtime(true);
+
+        $headers = [
+            'Folders', 'Files', 'Elapsed time'
+        ];
+
+        $this->showSummary($headers, null, $output);
+    }
+
+    /**
+     * Shows a summary of operations
+     *
+     * @param string[] $headers
+     * @param string[] $rows
+     * @param OutputInterface $output
+     */
+    protected function showSummary($headers, $rows, OutputInterface $output) {
+        $niceDate = $this->formatExecTime();
+        if (!$rows) {
+            $rows = [
+                $this->foldersCounter,
+                $this->filesCounter,
+                $niceDate,
+            ];
+        }
+        $table = new Table($output);
+        $table
+            ->setHeaders($headers)
+            ->setRows([$rows]);
+        $table->render();
+    }
+
+
+    /**
+     * Formats microtime into a human readable format
+     *
+     * @return string
+     */
+    protected function formatExecTime() {
+        $secs = round($this->execTime);
+        # convert seconds into HH:MM:SS form
+        return sprintf('%02d:%02d:%02d', ($secs / 3600), ($secs / 60 % 60), $secs % 60);
+    }
+
+    /**
+     * @return \OCP\IDBConnection
+     */
+    protected function reconnectToDatabase(OutputInterface $output) {
+        /** @var Connection | IDBConnection $connection*/
+        $connection = \OC::$server->getDatabaseConnection();
+        try {
+            $connection->close();
+        } catch (\Exception $ex) {
+            $output->writeln("<info>Error while disconnecting from database: {$ex->getMessage()}</info>");
+        }
+        while (!$connection->isConnected()) {
+            try {
+                $connection->connect();
+            } catch (\Exception $ex) {
+                $output->writeln("<info>Error while re-connecting to database: {$ex->getMessage()}</info>");
+                sleep(60);
+            }
+        }
+        return $connection;
+    }
+
+    /**
+     * @return \OCP\Files\Folder
+     * @throws NotFoundException
+     */
+    private function getAppDataFolder() {
+        $instanceId = $this->config->getSystemValue('instanceid', null);
+
+        if ($instanceId === null) {
+            throw new NotFoundException();
+        }
+
+        return $this->root->get('appdata_'.$instanceId);
+    }
 }

Please login to merge, or discard this patch.

apps/files/lib/Command/Scan.php 1 patch

Indentation +271 added lines, -271 removed lines patch added patch discarded remove patch

@@ -52,275 +52,275 @@
 block discarded – undo
 
 class Scan extends Base {
 
-	/** @var IUserManager $userManager */
-	private $userManager;
-	/** @var float */
-	protected $execTime = 0;
-	/** @var int */
-	protected $foldersCounter = 0;
-	/** @var int */
-	protected $filesCounter = 0;
-
-	public function __construct(IUserManager $userManager) {
-		$this->userManager = $userManager;
-		parent::__construct();
-	}
-
-	protected function configure() {
-		parent::configure();
-
-		$this
-			->setName('files:scan')
-			->setDescription('rescan filesystem')
-			->addArgument(
-				'user_id',
-				InputArgument::OPTIONAL | InputArgument::IS_ARRAY,
-				'will rescan all files of the given user(s)'
-			)
-			->addOption(
-				'path',
-				'p',
-				InputArgument::OPTIONAL,
-				'limit rescan to this path, eg. --path="/alice/files/Music", the user_id is determined by the path and the user_id parameter and --all are ignored'
-			)
-			->addOption(
-				'all',
-				null,
-				InputOption::VALUE_NONE,
-				'will rescan all files of all known users'
-			)->addOption(
-				'unscanned',
-				null,
-				InputOption::VALUE_NONE,
-				'only scan files which are marked as not fully scanned'
-			)->addOption(
-				'shallow',
-				null,
-				InputOption::VALUE_NONE,
-				'do not scan folders recursively'
-			)->addOption(
-				'home-only',
-				null,
-				InputOption::VALUE_NONE,
-				'only scan the home storage, ignoring any mounted external storage or share'
-			);
-	}
-
-	public function checkScanWarning($fullPath, OutputInterface $output) {
-		$normalizedPath = basename(\OC\Files\Filesystem::normalizePath($fullPath));
-		$path = basename($fullPath);
-
-		if ($normalizedPath !== $path) {
-			$output->writeln("\t<error>Entry \"" . $fullPath . '" will not be accessible due to incompatible encoding</error>');
-		}
-	}
-
-	protected function scanFiles($user, $path, OutputInterface $output, $backgroundScan = false, $recursive = true, $homeOnly = false) {
-		$connection = $this->reconnectToDatabase($output);
-		$scanner = new \OC\Files\Utils\Scanner($user, $connection, \OC::$server->query(IEventDispatcher::class), \OC::$server->getLogger());
-
-		# check on each file/folder if there was a user interrupt (ctrl-c) and throw an exception
-
-		$scanner->listen('\OC\Files\Utils\Scanner', 'scanFile', function ($path) use ($output) {
-			$output->writeln("\tFile\t<info>$path</info>", OutputInterface::VERBOSITY_VERBOSE);
-			++$this->filesCounter;
-			$this->abortIfInterrupted();
-		});
-
-		$scanner->listen('\OC\Files\Utils\Scanner', 'scanFolder', function ($path) use ($output) {
-			$output->writeln("\tFolder\t<info>$path</info>", OutputInterface::VERBOSITY_VERBOSE);
-			++$this->foldersCounter;
-			$this->abortIfInterrupted();
-		});
-
-		$scanner->listen('\OC\Files\Utils\Scanner', 'StorageNotAvailable', function (StorageNotAvailableException $e) use ($output) {
-			$output->writeln('Error while scanning, storage not available (' . $e->getMessage() . ')', OutputInterface::VERBOSITY_VERBOSE);
-		});
-
-		$scanner->listen('\OC\Files\Utils\Scanner', 'scanFile', function ($path) use ($output) {
-			$this->checkScanWarning($path, $output);
-		});
-
-		$scanner->listen('\OC\Files\Utils\Scanner', 'scanFolder', function ($path) use ($output) {
-			$this->checkScanWarning($path, $output);
-		});
-
-		try {
-			if ($backgroundScan) {
-				$scanner->backgroundScan($path);
-			} else {
-				$scanner->scan($path, $recursive, $homeOnly ? [$this, 'filterHomeMount'] : null);
-			}
-		} catch (ForbiddenException $e) {
-			$output->writeln("<error>Home storage for user $user not writable</error>");
-			$output->writeln('Make sure you\'re running the scan command only as the user the web server runs as');
-		} catch (InterruptedException $e) {
-			# exit the function if ctrl-c has been pressed
-			$output->writeln('Interrupted by user');
-		} catch (NotFoundException $e) {
-			$output->writeln('<error>Path not found: ' . $e->getMessage() . '</error>');
-		} catch (\Exception $e) {
-			$output->writeln('<error>Exception during scan: ' . $e->getMessage() . '</error>');
-			$output->writeln('<error>' . $e->getTraceAsString() . '</error>');
-		}
-	}
-
-	public function filterHomeMount(IMountPoint $mountPoint) {
-		// any mountpoint inside '/$user/files/'
-		return substr_count($mountPoint->getMountPoint(), '/') <= 3;
-	}
-
-	protected function execute(InputInterface $input, OutputInterface $output): int {
-		$inputPath = $input->getOption('path');
-		if ($inputPath) {
-			$inputPath = '/' . trim($inputPath, '/');
-			list(, $user,) = explode('/', $inputPath, 3);
-			$users = [$user];
-		} elseif ($input->getOption('all')) {
-			$users = $this->userManager->search('');
-		} else {
-			$users = $input->getArgument('user_id');
-		}
-
-		# restrict the verbosity level to VERBOSITY_VERBOSE
-		if ($output->getVerbosity() > OutputInterface::VERBOSITY_VERBOSE) {
-			$output->setVerbosity(OutputInterface::VERBOSITY_VERBOSE);
-		}
-
-		# check quantity of users to be process and show it on the command line
-		$users_total = count($users);
-		if ($users_total === 0) {
-			$output->writeln('<error>Please specify the user id to scan, --all to scan for all users or --path=...</error>');
-			return 1;
-		}
-
-		$this->initTools();
-
-		$user_count = 0;
-		foreach ($users as $user) {
-			if (is_object($user)) {
-				$user = $user->getUID();
-			}
-			$path = $inputPath ? $inputPath : '/' . $user;
-			++$user_count;
-			if ($this->userManager->userExists($user)) {
-				$output->writeln("Starting scan for user $user_count out of $users_total ($user)");
-				$this->scanFiles($user, $path, $output, $input->getOption('unscanned'), !$input->getOption('shallow'), $input->getOption('home-only'));
-				$output->writeln('', OutputInterface::VERBOSITY_VERBOSE);
-			} else {
-				$output->writeln("<error>Unknown user $user_count $user</error>");
-				$output->writeln('', OutputInterface::VERBOSITY_VERBOSE);
-			}
-
-			try {
-				$this->abortIfInterrupted();
-			} catch (InterruptedException $e) {
-				break;
-			}
-		}
-
-		$this->presentStats($output);
-		return 0;
-	}
-
-	/**
-	 * Initialises some useful tools for the Command
-	 */
-	protected function initTools() {
-		// Start the timer
-		$this->execTime = -microtime(true);
-		// Convert PHP errors to exceptions
-		set_error_handler([$this, 'exceptionErrorHandler'], E_ALL);
-	}
-
-	/**
-	 * Processes PHP errors as exceptions in order to be able to keep track of problems
-	 *
-	 * @see https://www.php.net/manual/en/function.set-error-handler.php
-	 *
-	 * @param int $severity the level of the error raised
-	 * @param string $message
-	 * @param string $file the filename that the error was raised in
-	 * @param int $line the line number the error was raised
-	 *
-	 * @throws \ErrorException
-	 */
-	public function exceptionErrorHandler($severity, $message, $file, $line) {
-		if (!(error_reporting() & $severity)) {
-			// This error code is not included in error_reporting
-			return;
-		}
-		throw new \ErrorException($message, 0, $severity, $file, $line);
-	}
-
-	/**
-	 * @param OutputInterface $output
-	 */
-	protected function presentStats(OutputInterface $output) {
-		// Stop the timer
-		$this->execTime += microtime(true);
-
-		$headers = [
-			'Folders', 'Files', 'Elapsed time'
-		];
-
-		$this->showSummary($headers, null, $output);
-	}
-
-	/**
-	 * Shows a summary of operations
-	 *
-	 * @param string[] $headers
-	 * @param string[] $rows
-	 * @param OutputInterface $output
-	 */
-	protected function showSummary($headers, $rows, OutputInterface $output) {
-		$niceDate = $this->formatExecTime();
-		if (!$rows) {
-			$rows = [
-				$this->foldersCounter,
-				$this->filesCounter,
-				$niceDate,
-			];
-		}
-		$table = new Table($output);
-		$table
-			->setHeaders($headers)
-			->setRows([$rows]);
-		$table->render();
-	}
-
-
-	/**
-	 * Formats microtime into a human readable format
-	 *
-	 * @return string
-	 */
-	protected function formatExecTime() {
-		$secs = round($this->execTime);
-		# convert seconds into HH:MM:SS form
-		return sprintf('%02d:%02d:%02d', ($secs / 3600), ($secs / 60 % 60), $secs % 60);
-	}
-
-	/**
-	 * @return \OCP\IDBConnection
-	 */
-	protected function reconnectToDatabase(OutputInterface $output) {
-		/** @var Connection | IDBConnection $connection */
-		$connection = \OC::$server->getDatabaseConnection();
-		try {
-			$connection->close();
-		} catch (\Exception $ex) {
-			$output->writeln("<info>Error while disconnecting from database: {$ex->getMessage()}</info>");
-		}
-		while (!$connection->isConnected()) {
-			try {
-				$connection->connect();
-			} catch (\Exception $ex) {
-				$output->writeln("<info>Error while re-connecting to database: {$ex->getMessage()}</info>");
-				sleep(60);
-			}
-		}
-		return $connection;
-	}
+    /** @var IUserManager $userManager */
+    private $userManager;
+    /** @var float */
+    protected $execTime = 0;
+    /** @var int */
+    protected $foldersCounter = 0;
+    /** @var int */
+    protected $filesCounter = 0;
+
+    public function __construct(IUserManager $userManager) {
+        $this->userManager = $userManager;
+        parent::__construct();
+    }
+
+    protected function configure() {
+        parent::configure();
+
+        $this
+            ->setName('files:scan')
+            ->setDescription('rescan filesystem')
+            ->addArgument(
+                'user_id',
+                InputArgument::OPTIONAL | InputArgument::IS_ARRAY,
+                'will rescan all files of the given user(s)'
+            )
+            ->addOption(
+                'path',
+                'p',
+                InputArgument::OPTIONAL,
+                'limit rescan to this path, eg. --path="/alice/files/Music", the user_id is determined by the path and the user_id parameter and --all are ignored'
+            )
+            ->addOption(
+                'all',
+                null,
+                InputOption::VALUE_NONE,
+                'will rescan all files of all known users'
+            )->addOption(
+                'unscanned',
+                null,
+                InputOption::VALUE_NONE,
+                'only scan files which are marked as not fully scanned'
+            )->addOption(
+                'shallow',
+                null,
+                InputOption::VALUE_NONE,
+                'do not scan folders recursively'
+            )->addOption(
+                'home-only',
+                null,
+                InputOption::VALUE_NONE,
+                'only scan the home storage, ignoring any mounted external storage or share'
+            );
+    }
+
+    public function checkScanWarning($fullPath, OutputInterface $output) {
+        $normalizedPath = basename(\OC\Files\Filesystem::normalizePath($fullPath));
+        $path = basename($fullPath);
+
+        if ($normalizedPath !== $path) {
+            $output->writeln("\t<error>Entry \"" . $fullPath . '" will not be accessible due to incompatible encoding</error>');
+        }
+    }
+
+    protected function scanFiles($user, $path, OutputInterface $output, $backgroundScan = false, $recursive = true, $homeOnly = false) {
+        $connection = $this->reconnectToDatabase($output);
+        $scanner = new \OC\Files\Utils\Scanner($user, $connection, \OC::$server->query(IEventDispatcher::class), \OC::$server->getLogger());
+
+        # check on each file/folder if there was a user interrupt (ctrl-c) and throw an exception
+
+        $scanner->listen('\OC\Files\Utils\Scanner', 'scanFile', function ($path) use ($output) {
+            $output->writeln("\tFile\t<info>$path</info>", OutputInterface::VERBOSITY_VERBOSE);
+            ++$this->filesCounter;
+            $this->abortIfInterrupted();
+        });
+
+        $scanner->listen('\OC\Files\Utils\Scanner', 'scanFolder', function ($path) use ($output) {
+            $output->writeln("\tFolder\t<info>$path</info>", OutputInterface::VERBOSITY_VERBOSE);
+            ++$this->foldersCounter;
+            $this->abortIfInterrupted();
+        });
+
+        $scanner->listen('\OC\Files\Utils\Scanner', 'StorageNotAvailable', function (StorageNotAvailableException $e) use ($output) {
+            $output->writeln('Error while scanning, storage not available (' . $e->getMessage() . ')', OutputInterface::VERBOSITY_VERBOSE);
+        });
+
+        $scanner->listen('\OC\Files\Utils\Scanner', 'scanFile', function ($path) use ($output) {
+            $this->checkScanWarning($path, $output);
+        });
+
+        $scanner->listen('\OC\Files\Utils\Scanner', 'scanFolder', function ($path) use ($output) {
+            $this->checkScanWarning($path, $output);
+        });
+
+        try {
+            if ($backgroundScan) {
+                $scanner->backgroundScan($path);
+            } else {
+                $scanner->scan($path, $recursive, $homeOnly ? [$this, 'filterHomeMount'] : null);
+            }
+        } catch (ForbiddenException $e) {
+            $output->writeln("<error>Home storage for user $user not writable</error>");
+            $output->writeln('Make sure you\'re running the scan command only as the user the web server runs as');
+        } catch (InterruptedException $e) {
+            # exit the function if ctrl-c has been pressed
+            $output->writeln('Interrupted by user');
+        } catch (NotFoundException $e) {
+            $output->writeln('<error>Path not found: ' . $e->getMessage() . '</error>');
+        } catch (\Exception $e) {
+            $output->writeln('<error>Exception during scan: ' . $e->getMessage() . '</error>');
+            $output->writeln('<error>' . $e->getTraceAsString() . '</error>');
+        }
+    }
+
+    public function filterHomeMount(IMountPoint $mountPoint) {
+        // any mountpoint inside '/$user/files/'
+        return substr_count($mountPoint->getMountPoint(), '/') <= 3;
+    }
+
+    protected function execute(InputInterface $input, OutputInterface $output): int {
+        $inputPath = $input->getOption('path');
+        if ($inputPath) {
+            $inputPath = '/' . trim($inputPath, '/');
+            list(, $user,) = explode('/', $inputPath, 3);
+            $users = [$user];
+        } elseif ($input->getOption('all')) {
+            $users = $this->userManager->search('');
+        } else {
+            $users = $input->getArgument('user_id');
+        }
+
+        # restrict the verbosity level to VERBOSITY_VERBOSE
+        if ($output->getVerbosity() > OutputInterface::VERBOSITY_VERBOSE) {
+            $output->setVerbosity(OutputInterface::VERBOSITY_VERBOSE);
+        }
+
+        # check quantity of users to be process and show it on the command line
+        $users_total = count($users);
+        if ($users_total === 0) {
+            $output->writeln('<error>Please specify the user id to scan, --all to scan for all users or --path=...</error>');
+            return 1;
+        }
+
+        $this->initTools();
+
+        $user_count = 0;
+        foreach ($users as $user) {
+            if (is_object($user)) {
+                $user = $user->getUID();
+            }
+            $path = $inputPath ? $inputPath : '/' . $user;
+            ++$user_count;
+            if ($this->userManager->userExists($user)) {
+                $output->writeln("Starting scan for user $user_count out of $users_total ($user)");
+                $this->scanFiles($user, $path, $output, $input->getOption('unscanned'), !$input->getOption('shallow'), $input->getOption('home-only'));
+                $output->writeln('', OutputInterface::VERBOSITY_VERBOSE);
+            } else {
+                $output->writeln("<error>Unknown user $user_count $user</error>");
+                $output->writeln('', OutputInterface::VERBOSITY_VERBOSE);
+            }
+
+            try {
+                $this->abortIfInterrupted();
+            } catch (InterruptedException $e) {
+                break;
+            }
+        }
+
+        $this->presentStats($output);
+        return 0;
+    }
+
+    /**
+     * Initialises some useful tools for the Command
+     */
+    protected function initTools() {
+        // Start the timer
+        $this->execTime = -microtime(true);
+        // Convert PHP errors to exceptions
+        set_error_handler([$this, 'exceptionErrorHandler'], E_ALL);
+    }
+
+    /**
+     * Processes PHP errors as exceptions in order to be able to keep track of problems
+     *
+     * @see https://www.php.net/manual/en/function.set-error-handler.php
+     *
+     * @param int $severity the level of the error raised
+     * @param string $message
+     * @param string $file the filename that the error was raised in
+     * @param int $line the line number the error was raised
+     *
+     * @throws \ErrorException
+     */
+    public function exceptionErrorHandler($severity, $message, $file, $line) {
+        if (!(error_reporting() & $severity)) {
+            // This error code is not included in error_reporting
+            return;
+        }
+        throw new \ErrorException($message, 0, $severity, $file, $line);
+    }
+
+    /**
+     * @param OutputInterface $output
+     */
+    protected function presentStats(OutputInterface $output) {
+        // Stop the timer
+        $this->execTime += microtime(true);
+
+        $headers = [
+            'Folders', 'Files', 'Elapsed time'
+        ];
+
+        $this->showSummary($headers, null, $output);
+    }
+
+    /**
+     * Shows a summary of operations
+     *
+     * @param string[] $headers
+     * @param string[] $rows
+     * @param OutputInterface $output
+     */
+    protected function showSummary($headers, $rows, OutputInterface $output) {
+        $niceDate = $this->formatExecTime();
+        if (!$rows) {
+            $rows = [
+                $this->foldersCounter,
+                $this->filesCounter,
+                $niceDate,
+            ];
+        }
+        $table = new Table($output);
+        $table
+            ->setHeaders($headers)
+            ->setRows([$rows]);
+        $table->render();
+    }
+
+
+    /**
+     * Formats microtime into a human readable format
+     *
+     * @return string
+     */
+    protected function formatExecTime() {
+        $secs = round($this->execTime);
+        # convert seconds into HH:MM:SS form
+        return sprintf('%02d:%02d:%02d', ($secs / 3600), ($secs / 60 % 60), $secs % 60);
+    }
+
+    /**
+     * @return \OCP\IDBConnection
+     */
+    protected function reconnectToDatabase(OutputInterface $output) {
+        /** @var Connection | IDBConnection $connection */
+        $connection = \OC::$server->getDatabaseConnection();
+        try {
+            $connection->close();
+        } catch (\Exception $ex) {
+            $output->writeln("<info>Error while disconnecting from database: {$ex->getMessage()}</info>");
+        }
+        while (!$connection->isConnected()) {
+            try {
+                $connection->connect();
+            } catch (\Exception $ex) {
+                $output->writeln("<info>Error while re-connecting to database: {$ex->getMessage()}</info>");
+                sleep(60);
+            }
+        }
+        return $connection;
+    }
 }

Please login to merge, or discard this patch.

apps/user_ldap/lib/ILDAPWrapper.php 1 patch

Indentation +181 added lines, -181 removed lines patch added patch discarded remove patch

@@ -31,185 +31,185 @@
 block discarded – undo
 
 interface ILDAPWrapper {
 
-	//LDAP functions in use
-
-	/**
-	 * Bind to LDAP directory
-	 * @param resource $link LDAP link resource
-	 * @param string $dn an RDN to log in with
-	 * @param string $password the password
-	 * @return bool true on success, false otherwise
-	 *
-	 * with $dn and $password as null a anonymous bind is attempted.
-	 */
-	public function bind($link, $dn, $password);
-
-	/**
-	 * connect to an LDAP server
-	 * @param string $host The host to connect to
-	 * @param string $port The port to connect to
-	 * @return mixed a link resource on success, otherwise false
-	 */
-	public function connect($host, $port);
-
-	/**
-	 * Send LDAP pagination control
-	 * @param resource $link LDAP link resource
-	 * @param int $pageSize number of results per page
-	 * @param bool $isCritical Indicates whether the pagination is critical of not.
-	 * @param string $cookie structure sent by LDAP server
-	 * @return bool true on success, false otherwise
-	 */
-	public function controlPagedResult($link, $pageSize, $isCritical);
-
-	/**
-	 * Retrieve the LDAP pagination cookie
-	 * @param resource $link LDAP link resource
-	 * @param resource $result LDAP result resource
-	 * @param string $cookie structure sent by LDAP server
-	 * @return bool true on success, false otherwise
-	 *
-	 * Corresponds to ldap_control_paged_result_response
-	 */
-	public function controlPagedResultResponse($link, $result, &$cookie);
-
-	/**
-	 * Count the number of entries in a search
-	 * @param resource $link LDAP link resource
-	 * @param resource $result LDAP result resource
-	 * @return int|false number of results on success, false otherwise
-	 */
-	public function countEntries($link, $result);
-
-	/**
-	 * Return the LDAP error number of the last LDAP command
-	 * @param resource $link LDAP link resource
-	 * @return int error code
-	 */
-	public function errno($link);
-
-	/**
-	 * Return the LDAP error message of the last LDAP command
-	 * @param resource $link LDAP link resource
-	 * @return string error message
-	 */
-	public function error($link);
-
-	/**
-	 * Splits DN into its component parts
-	 * @param string $dn
-	 * @param int @withAttrib
-	 * @return array|false
-	 * @link https://www.php.net/manual/en/function.ldap-explode-dn.php
-	 */
-	public function explodeDN($dn, $withAttrib);
-
-	/**
-	 * Return first result id
-	 * @param resource $link LDAP link resource
-	 * @param resource $result LDAP result resource
-	 * @return Resource an LDAP search result resource
-	 * */
-	public function firstEntry($link, $result);
-
-	/**
-	 * Get attributes from a search result entry
-	 * @param resource $link LDAP link resource
-	 * @param resource $result LDAP result resource
-	 * @return array containing the results, false on error
-	 * */
-	public function getAttributes($link, $result);
-
-	/**
-	 * Get the DN of a result entry
-	 * @param resource $link LDAP link resource
-	 * @param resource $result LDAP result resource
-	 * @return string containing the DN, false on error
-	 */
-	public function getDN($link, $result);
-
-	/**
-	 * Get all result entries
-	 * @param resource $link LDAP link resource
-	 * @param resource $result LDAP result resource
-	 * @return array containing the results, false on error
-	 */
-	public function getEntries($link, $result);
-
-	/**
-	 * Return next result id
-	 * @param resource $link LDAP link resource
-	 * @param resource $result LDAP entry result resource
-	 * @return resource an LDAP search result resource
-	 * */
-	public function nextEntry($link, $result);
-
-	/**
-	 * Read an entry
-	 * @param resource $link LDAP link resource
-	 * @param array $baseDN The DN of the entry to read from
-	 * @param string $filter An LDAP filter
-	 * @param array $attr array of the attributes to read
-	 * @return resource an LDAP search result resource
-	 */
-	public function read($link, $baseDN, $filter, $attr);
-
-	/**
-	 * Search LDAP tree
-	 * @param resource $link LDAP link resource
-	 * @param string $baseDN The DN of the entry to read from
-	 * @param string $filter An LDAP filter
-	 * @param array $attr array of the attributes to read
-	 * @param int $attrsOnly optional, 1 if only attribute types shall be returned
-	 * @param int $limit optional, limits the result entries
-	 * @return resource|false an LDAP search result resource, false on error
-	 */
-	public function search($link, $baseDN, $filter, $attr, $attrsOnly = 0, $limit = 0);
-
-	/**
-	 * Replace the value of a userPassword by $password
-	 * @param resource $link LDAP link resource
-	 * @param string $userDN the DN of the user whose password is to be replaced
-	 * @param string $password the new value for the userPassword
-	 * @return bool true on success, false otherwise
-	 */
-	public function modReplace($link, $userDN, $password);
-
-	/**
-	 * Sets the value of the specified option to be $value
-	 * @param resource $link LDAP link resource
-	 * @param string $option a defined LDAP Server option
-	 * @param int $value the new value for the option
-	 * @return bool true on success, false otherwise
-	 */
-	public function setOption($link, $option, $value);
-
-	/**
-	 * establish Start TLS
-	 * @param resource $link LDAP link resource
-	 * @return bool true on success, false otherwise
-	 */
-	public function startTls($link);
-
-	/**
-	 * Unbind from LDAP directory
-	 * @param resource $link LDAP link resource
-	 * @return bool true on success, false otherwise
-	 */
-	public function unbind($link);
-
-	//additional required methods in Nextcloud
-
-	/**
-	 * Checks whether the server supports LDAP
-	 * @return bool true if it the case, false otherwise
-	 * */
-	public function areLDAPFunctionsAvailable();
-
-	/**
-	 * Checks whether the submitted parameter is a resource
-	 * @param resource $resource the resource variable to check
-	 * @return bool true if it is a resource, false otherwise
-	 */
-	public function isResource($resource);
+    //LDAP functions in use
+
+    /**
+     * Bind to LDAP directory
+     * @param resource $link LDAP link resource
+     * @param string $dn an RDN to log in with
+     * @param string $password the password
+     * @return bool true on success, false otherwise
+     *
+     * with $dn and $password as null a anonymous bind is attempted.
+     */
+    public function bind($link, $dn, $password);
+
+    /**
+     * connect to an LDAP server
+     * @param string $host The host to connect to
+     * @param string $port The port to connect to
+     * @return mixed a link resource on success, otherwise false
+     */
+    public function connect($host, $port);
+
+    /**
+     * Send LDAP pagination control
+     * @param resource $link LDAP link resource
+     * @param int $pageSize number of results per page
+     * @param bool $isCritical Indicates whether the pagination is critical of not.
+     * @param string $cookie structure sent by LDAP server
+     * @return bool true on success, false otherwise
+     */
+    public function controlPagedResult($link, $pageSize, $isCritical);
+
+    /**
+     * Retrieve the LDAP pagination cookie
+     * @param resource $link LDAP link resource
+     * @param resource $result LDAP result resource
+     * @param string $cookie structure sent by LDAP server
+     * @return bool true on success, false otherwise
+     *
+     * Corresponds to ldap_control_paged_result_response
+     */
+    public function controlPagedResultResponse($link, $result, &$cookie);
+
+    /**
+     * Count the number of entries in a search
+     * @param resource $link LDAP link resource
+     * @param resource $result LDAP result resource
+     * @return int|false number of results on success, false otherwise
+     */
+    public function countEntries($link, $result);
+
+    /**
+     * Return the LDAP error number of the last LDAP command
+     * @param resource $link LDAP link resource
+     * @return int error code
+     */
+    public function errno($link);
+
+    /**
+     * Return the LDAP error message of the last LDAP command
+     * @param resource $link LDAP link resource
+     * @return string error message
+     */
+    public function error($link);
+
+    /**
+     * Splits DN into its component parts
+     * @param string $dn
+     * @param int @withAttrib
+     * @return array|false
+     * @link https://www.php.net/manual/en/function.ldap-explode-dn.php
+     */
+    public function explodeDN($dn, $withAttrib);
+
+    /**
+     * Return first result id
+     * @param resource $link LDAP link resource
+     * @param resource $result LDAP result resource
+     * @return Resource an LDAP search result resource
+     * */
+    public function firstEntry($link, $result);
+
+    /**
+     * Get attributes from a search result entry
+     * @param resource $link LDAP link resource
+     * @param resource $result LDAP result resource
+     * @return array containing the results, false on error
+     * */
+    public function getAttributes($link, $result);
+
+    /**
+     * Get the DN of a result entry
+     * @param resource $link LDAP link resource
+     * @param resource $result LDAP result resource
+     * @return string containing the DN, false on error
+     */
+    public function getDN($link, $result);
+
+    /**
+     * Get all result entries
+     * @param resource $link LDAP link resource
+     * @param resource $result LDAP result resource
+     * @return array containing the results, false on error
+     */
+    public function getEntries($link, $result);
+
+    /**
+     * Return next result id
+     * @param resource $link LDAP link resource
+     * @param resource $result LDAP entry result resource
+     * @return resource an LDAP search result resource
+     * */
+    public function nextEntry($link, $result);
+
+    /**
+     * Read an entry
+     * @param resource $link LDAP link resource
+     * @param array $baseDN The DN of the entry to read from
+     * @param string $filter An LDAP filter
+     * @param array $attr array of the attributes to read
+     * @return resource an LDAP search result resource
+     */
+    public function read($link, $baseDN, $filter, $attr);
+
+    /**
+     * Search LDAP tree
+     * @param resource $link LDAP link resource
+     * @param string $baseDN The DN of the entry to read from
+     * @param string $filter An LDAP filter
+     * @param array $attr array of the attributes to read
+     * @param int $attrsOnly optional, 1 if only attribute types shall be returned
+     * @param int $limit optional, limits the result entries
+     * @return resource|false an LDAP search result resource, false on error
+     */
+    public function search($link, $baseDN, $filter, $attr, $attrsOnly = 0, $limit = 0);
+
+    /**
+     * Replace the value of a userPassword by $password
+     * @param resource $link LDAP link resource
+     * @param string $userDN the DN of the user whose password is to be replaced
+     * @param string $password the new value for the userPassword
+     * @return bool true on success, false otherwise
+     */
+    public function modReplace($link, $userDN, $password);
+
+    /**
+     * Sets the value of the specified option to be $value
+     * @param resource $link LDAP link resource
+     * @param string $option a defined LDAP Server option
+     * @param int $value the new value for the option
+     * @return bool true on success, false otherwise
+     */
+    public function setOption($link, $option, $value);
+
+    /**
+     * establish Start TLS
+     * @param resource $link LDAP link resource
+     * @return bool true on success, false otherwise
+     */
+    public function startTls($link);
+
+    /**
+     * Unbind from LDAP directory
+     * @param resource $link LDAP link resource
+     * @return bool true on success, false otherwise
+     */
+    public function unbind($link);
+
+    //additional required methods in Nextcloud
+
+    /**
+     * Checks whether the server supports LDAP
+     * @return bool true if it the case, false otherwise
+     * */
+    public function areLDAPFunctionsAvailable();
+
+    /**
+     * Checks whether the submitted parameter is a resource
+     * @param resource $resource the resource variable to check
+     * @return bool true if it is a resource, false otherwise
+     */
+    public function isResource($resource);
 }

Please login to merge, or discard this patch.

apps/user_ldap/lib/Access.php 1 patch

Indentation +1975 added lines, -1975 removed lines patch added patch discarded remove patch

@@ -65,1762 +65,1762 @@  discard block
 block discarded – undo
  * @package OCA\User_LDAP
  */
 class Access extends LDAPUtility {
-	public const UUID_ATTRIBUTES = ['entryuuid', 'nsuniqueid', 'objectguid', 'guid', 'ipauniqueid'];
-
-	/** @var \OCA\User_LDAP\Connection */
-	public $connection;
-	/** @var Manager */
-	public $userManager;
-	//never ever check this var directly, always use getPagedSearchResultState
-	protected $pagedSearchedSuccessful;
-
-	/**
-	 * @var UserMapping $userMapper
-	 */
-	protected $userMapper;
-
-	/**
-	 * @var AbstractMapping $userMapper
-	 */
-	protected $groupMapper;
-
-	/**
-	 * @var \OCA\User_LDAP\Helper
-	 */
-	private $helper;
-	/** @var IConfig */
-	private $config;
-	/** @var IUserManager */
-	private $ncUserManager;
-	/** @var string */
-	private $lastCookie = '';
-
-	public function __construct(
-		Connection $connection,
-		ILDAPWrapper $ldap,
-		Manager $userManager,
-		Helper $helper,
-		IConfig $config,
-		IUserManager $ncUserManager
-	) {
-		parent::__construct($ldap);
-		$this->connection = $connection;
-		$this->userManager = $userManager;
-		$this->userManager->setLdapAccess($this);
-		$this->helper = $helper;
-		$this->config = $config;
-		$this->ncUserManager = $ncUserManager;
-	}
-
-	/**
-	 * sets the User Mapper
-	 *
-	 * @param AbstractMapping $mapper
-	 */
-	public function setUserMapper(AbstractMapping $mapper) {
-		$this->userMapper = $mapper;
-	}
-
-	/**
-	 * @throws \Exception
-	 */
-	public function getUserMapper(): UserMapping {
-		if (is_null($this->userMapper)) {
-			throw new \Exception('UserMapper was not assigned to this Access instance.');
-		}
-		return $this->userMapper;
-	}
-
-	/**
-	 * sets the Group Mapper
-	 *
-	 * @param AbstractMapping $mapper
-	 */
-	public function setGroupMapper(AbstractMapping $mapper) {
-		$this->groupMapper = $mapper;
-	}
-
-	/**
-	 * returns the Group Mapper
-	 *
-	 * @return AbstractMapping
-	 * @throws \Exception
-	 */
-	public function getGroupMapper() {
-		if (is_null($this->groupMapper)) {
-			throw new \Exception('GroupMapper was not assigned to this Access instance.');
-		}
-		return $this->groupMapper;
-	}
-
-	/**
-	 * @return bool
-	 */
-	private function checkConnection() {
-		return ($this->connection instanceof Connection);
-	}
-
-	/**
-	 * returns the Connection instance
-	 *
-	 * @return \OCA\User_LDAP\Connection
-	 */
-	public function getConnection() {
-		return $this->connection;
-	}
-
-	/**
-	 * reads a given attribute for an LDAP record identified by a DN
-	 *
-	 * @param string $dn the record in question
-	 * @param string $attr the attribute that shall be retrieved
-	 *        if empty, just check the record's existence
-	 * @param string $filter
-	 * @return array|false an array of values on success or an empty
-	 *          array if $attr is empty, false otherwise
-	 * @throws ServerNotAvailableException
-	 */
-	public function readAttribute($dn, $attr, $filter = 'objectClass=*') {
-		if (!$this->checkConnection()) {
-			\OCP\Util::writeLog('user_ldap',
-				'No LDAP Connector assigned, access impossible for readAttribute.',
-				ILogger::WARN);
-			return false;
-		}
-		$cr = $this->connection->getConnectionResource();
-		if (!$this->ldap->isResource($cr)) {
-			//LDAP not available
-			\OCP\Util::writeLog('user_ldap', 'LDAP resource not available.', ILogger::DEBUG);
-			return false;
-		}
-		//Cancel possibly running Paged Results operation, otherwise we run in
-		//LDAP protocol errors
-		$this->abandonPagedSearch();
-		// openLDAP requires that we init a new Paged Search. Not needed by AD,
-		// but does not hurt either.
-		$pagingSize = (int)$this->connection->ldapPagingSize;
-		// 0 won't result in replies, small numbers may leave out groups
-		// (cf. #12306), 500 is default for paging and should work everywhere.
-		$maxResults = $pagingSize > 20 ? $pagingSize : 500;
-		$attr = mb_strtolower($attr, 'UTF-8');
-		// the actual read attribute later may contain parameters on a ranged
-		// request, e.g. member;range=99-199. Depends on server reply.
-		$attrToRead = $attr;
-
-		$values = [];
-		$isRangeRequest = false;
-		do {
-			$result = $this->executeRead($cr, $dn, $attrToRead, $filter, $maxResults);
-			if (is_bool($result)) {
-				// when an exists request was run and it was successful, an empty
-				// array must be returned
-				return $result ? [] : false;
-			}
-
-			if (!$isRangeRequest) {
-				$values = $this->extractAttributeValuesFromResult($result, $attr);
-				if (!empty($values)) {
-					return $values;
-				}
-			}
-
-			$isRangeRequest = false;
-			$result = $this->extractRangeData($result, $attr);
-			if (!empty($result)) {
-				$normalizedResult = $this->extractAttributeValuesFromResult(
-					[$attr => $result['values']],
-					$attr
-				);
-				$values = array_merge($values, $normalizedResult);
-
-				if ($result['rangeHigh'] === '*') {
-					// when server replies with * as high range value, there are
-					// no more results left
-					return $values;
-				} else {
-					$low = $result['rangeHigh'] + 1;
-					$attrToRead = $result['attributeName'] . ';range=' . $low . '-*';
-					$isRangeRequest = true;
-				}
-			}
-		} while ($isRangeRequest);
-
-		\OCP\Util::writeLog('user_ldap', 'Requested attribute ' . $attr . ' not found for ' . $dn, ILogger::DEBUG);
-		return false;
-	}
-
-	/**
-	 * Runs an read operation against LDAP
-	 *
-	 * @param resource $cr the LDAP connection
-	 * @param string $dn
-	 * @param string $attribute
-	 * @param string $filter
-	 * @param int $maxResults
-	 * @return array|bool false if there was any error, true if an exists check
-	 *                    was performed and the requested DN found, array with the
-	 *                    returned data on a successful usual operation
-	 * @throws ServerNotAvailableException
-	 */
-	public function executeRead($cr, $dn, $attribute, $filter, $maxResults) {
-		$this->initPagedSearch($filter, $dn, [$attribute], $maxResults, 0);
-		$dn = $this->helper->DNasBaseParameter($dn);
-		$rr = @$this->invokeLDAPMethod('read', $cr, $dn, $filter, [$attribute]);
-		if (!$this->ldap->isResource($rr)) {
-			if ($attribute !== '') {
-				//do not throw this message on userExists check, irritates
-				\OCP\Util::writeLog('user_ldap', 'readAttribute failed for DN ' . $dn, ILogger::DEBUG);
-			}
-			//in case an error occurs , e.g. object does not exist
-			return false;
-		}
-		if ($attribute === '' && ($filter === 'objectclass=*' || $this->invokeLDAPMethod('countEntries', $cr, $rr) === 1)) {
-			\OCP\Util::writeLog('user_ldap', 'readAttribute: ' . $dn . ' found', ILogger::DEBUG);
-			return true;
-		}
-		$er = $this->invokeLDAPMethod('firstEntry', $cr, $rr);
-		if (!$this->ldap->isResource($er)) {
-			//did not match the filter, return false
-			return false;
-		}
-		//LDAP attributes are not case sensitive
-		$result = \OCP\Util::mb_array_change_key_case(
-			$this->invokeLDAPMethod('getAttributes', $cr, $er), MB_CASE_LOWER, 'UTF-8');
-
-		return $result;
-	}
-
-	/**
-	 * Normalizes a result grom getAttributes(), i.e. handles DNs and binary
-	 * data if present.
-	 *
-	 * @param array $result from ILDAPWrapper::getAttributes()
-	 * @param string $attribute the attribute name that was read
-	 * @return string[]
-	 */
-	public function extractAttributeValuesFromResult($result, $attribute) {
-		$values = [];
-		if (isset($result[$attribute]) && $result[$attribute]['count'] > 0) {
-			$lowercaseAttribute = strtolower($attribute);
-			for ($i = 0; $i < $result[$attribute]['count']; $i++) {
-				if ($this->resemblesDN($attribute)) {
-					$values[] = $this->helper->sanitizeDN($result[$attribute][$i]);
-				} elseif ($lowercaseAttribute === 'objectguid' || $lowercaseAttribute === 'guid') {
-					$values[] = $this->convertObjectGUID2Str($result[$attribute][$i]);
-				} else {
-					$values[] = $result[$attribute][$i];
-				}
-			}
-		}
-		return $values;
-	}
-
-	/**
-	 * Attempts to find ranged data in a getAttribute results and extracts the
-	 * returned values as well as information on the range and full attribute
-	 * name for further processing.
-	 *
-	 * @param array $result from ILDAPWrapper::getAttributes()
-	 * @param string $attribute the attribute name that was read. Without ";range=…"
-	 * @return array If a range was detected with keys 'values', 'attributeName',
-	 *               'attributeFull' and 'rangeHigh', otherwise empty.
-	 */
-	public function extractRangeData($result, $attribute) {
-		$keys = array_keys($result);
-		foreach ($keys as $key) {
-			if ($key !== $attribute && strpos($key, $attribute) === 0) {
-				$queryData = explode(';', $key);
-				if (strpos($queryData[1], 'range=') === 0) {
-					$high = substr($queryData[1], 1 + strpos($queryData[1], '-'));
-					$data = [
-						'values' => $result[$key],
-						'attributeName' => $queryData[0],
-						'attributeFull' => $key,
-						'rangeHigh' => $high,
-					];
-					return $data;
-				}
-			}
-		}
-		return [];
-	}
-
-	/**
-	 * Set password for an LDAP user identified by a DN
-	 *
-	 * @param string $userDN the user in question
-	 * @param string $password the new password
-	 * @return bool
-	 * @throws HintException
-	 * @throws \Exception
-	 */
-	public function setPassword($userDN, $password) {
-		if ((int)$this->connection->turnOnPasswordChange !== 1) {
-			throw new \Exception('LDAP password changes are disabled.');
-		}
-		$cr = $this->connection->getConnectionResource();
-		if (!$this->ldap->isResource($cr)) {
-			//LDAP not available
-			\OCP\Util::writeLog('user_ldap', 'LDAP resource not available.', ILogger::DEBUG);
-			return false;
-		}
-		try {
-			// try PASSWD extended operation first
-			return @$this->invokeLDAPMethod('exopPasswd', $cr, $userDN, '', $password) ||
-				@$this->invokeLDAPMethod('modReplace', $cr, $userDN, $password);
-		} catch (ConstraintViolationException $e) {
-			throw new HintException('Password change rejected.', \OC::$server->getL10N('user_ldap')->t('Password change rejected. Hint: ') . $e->getMessage(), $e->getCode());
-		}
-	}
-
-	/**
-	 * checks whether the given attributes value is probably a DN
-	 *
-	 * @param string $attr the attribute in question
-	 * @return boolean if so true, otherwise false
-	 */
-	private function resemblesDN($attr) {
-		$resemblingAttributes = [
-			'dn',
-			'uniquemember',
-			'member',
-			// memberOf is an "operational" attribute, without a definition in any RFC
-			'memberof'
-		];
-		return in_array($attr, $resemblingAttributes);
-	}
-
-	/**
-	 * checks whether the given string is probably a DN
-	 *
-	 * @param string $string
-	 * @return boolean
-	 */
-	public function stringResemblesDN($string) {
-		$r = $this->ldap->explodeDN($string, 0);
-		// if exploding a DN succeeds and does not end up in
-		// an empty array except for $r[count] being 0.
-		return (is_array($r) && count($r) > 1);
-	}
-
-	/**
-	 * returns a DN-string that is cleaned from not domain parts, e.g.
-	 * cn=foo,cn=bar,dc=foobar,dc=server,dc=org
-	 * becomes dc=foobar,dc=server,dc=org
-	 *
-	 * @param string $dn
-	 * @return string
-	 */
-	public function getDomainDNFromDN($dn) {
-		$allParts = $this->ldap->explodeDN($dn, 0);
-		if ($allParts === false) {
-			//not a valid DN
-			return '';
-		}
-		$domainParts = [];
-		$dcFound = false;
-		foreach ($allParts as $part) {
-			if (!$dcFound && strpos($part, 'dc=') === 0) {
-				$dcFound = true;
-			}
-			if ($dcFound) {
-				$domainParts[] = $part;
-			}
-		}
-		return implode(',', $domainParts);
-	}
-
-	/**
-	 * returns the LDAP DN for the given internal Nextcloud name of the group
-	 *
-	 * @param string $name the Nextcloud name in question
-	 * @return string|false LDAP DN on success, otherwise false
-	 */
-	public function groupname2dn($name) {
-		return $this->groupMapper->getDNByName($name);
-	}
-
-	/**
-	 * returns the LDAP DN for the given internal Nextcloud name of the user
-	 *
-	 * @param string $name the Nextcloud name in question
-	 * @return string|false with the LDAP DN on success, otherwise false
-	 */
-	public function username2dn($name) {
-		$fdn = $this->userMapper->getDNByName($name);
-
-		//Check whether the DN belongs to the Base, to avoid issues on multi-
-		//server setups
-		if (is_string($fdn) && $this->isDNPartOfBase($fdn, $this->connection->ldapBaseUsers)) {
-			return $fdn;
-		}
-
-		return false;
-	}
-
-	/**
-	 * returns the internal Nextcloud name for the given LDAP DN of the group, false on DN outside of search DN or failure
-	 *
-	 * @param string $fdn the dn of the group object
-	 * @param string $ldapName optional, the display name of the object
-	 * @return string|false with the name to use in Nextcloud, false on DN outside of search DN
-	 * @throws \Exception
-	 */
-	public function dn2groupname($fdn, $ldapName = null) {
-		//To avoid bypassing the base DN settings under certain circumstances
-		//with the group support, check whether the provided DN matches one of
-		//the given Bases
-		if (!$this->isDNPartOfBase($fdn, $this->connection->ldapBaseGroups)) {
-			return false;
-		}
-
-		return $this->dn2ocname($fdn, $ldapName, false);
-	}
-
-	/**
-	 * returns the internal Nextcloud name for the given LDAP DN of the user, false on DN outside of search DN or failure
-	 *
-	 * @param string $dn the dn of the user object
-	 * @param string $ldapName optional, the display name of the object
-	 * @return string|false with with the name to use in Nextcloud
-	 * @throws \Exception
-	 */
-	public function dn2username($fdn, $ldapName = null) {
-		//To avoid bypassing the base DN settings under certain circumstances
-		//with the group support, check whether the provided DN matches one of
-		//the given Bases
-		if (!$this->isDNPartOfBase($fdn, $this->connection->ldapBaseUsers)) {
-			return false;
-		}
-
-		return $this->dn2ocname($fdn, $ldapName, true);
-	}
-
-	/**
-	 * returns an internal Nextcloud name for the given LDAP DN, false on DN outside of search DN
-	 *
-	 * @param string $fdn the dn of the user object
-	 * @param string|null $ldapName optional, the display name of the object
-	 * @param bool $isUser optional, whether it is a user object (otherwise group assumed)
-	 * @param bool|null $newlyMapped
-	 * @param array|null $record
-	 * @return false|string with with the name to use in Nextcloud
-	 * @throws \Exception
-	 */
-	public function dn2ocname($fdn, $ldapName = null, $isUser = true, &$newlyMapped = null, array $record = null) {
-		$newlyMapped = false;
-		if ($isUser) {
-			$mapper = $this->getUserMapper();
-			$nameAttribute = $this->connection->ldapUserDisplayName;
-			$filter = $this->connection->ldapUserFilter;
-		} else {
-			$mapper = $this->getGroupMapper();
-			$nameAttribute = $this->connection->ldapGroupDisplayName;
-			$filter = $this->connection->ldapGroupFilter;
-		}
-
-		//let's try to retrieve the Nextcloud name from the mappings table
-		$ncName = $mapper->getNameByDN($fdn);
-		if (is_string($ncName)) {
-			return $ncName;
-		}
-
-		//second try: get the UUID and check if it is known. Then, update the DN and return the name.
-		$uuid = $this->getUUID($fdn, $isUser, $record);
-		if (is_string($uuid)) {
-			$ncName = $mapper->getNameByUUID($uuid);
-			if (is_string($ncName)) {
-				$mapper->setDNbyUUID($fdn, $uuid);
-				return $ncName;
-			}
-		} else {
-			//If the UUID can't be detected something is foul.
-			\OCP\Util::writeLog('user_ldap', 'Cannot determine UUID for ' . $fdn . '. Skipping.', ILogger::INFO);
-			return false;
-		}
-
-		if (is_null($ldapName)) {
-			$ldapName = $this->readAttribute($fdn, $nameAttribute, $filter);
-			if (!isset($ldapName[0]) && empty($ldapName[0])) {
-				\OCP\Util::writeLog('user_ldap', 'No or empty name for ' . $fdn . ' with filter ' . $filter . '.', ILogger::INFO);
-				return false;
-			}
-			$ldapName = $ldapName[0];
-		}
-
-		if ($isUser) {
-			$usernameAttribute = (string)$this->connection->ldapExpertUsernameAttr;
-			if ($usernameAttribute !== '') {
-				$username = $this->readAttribute($fdn, $usernameAttribute);
-				$username = $username[0];
-			} else {
-				$username = $uuid;
-			}
-			try {
-				$intName = $this->sanitizeUsername($username);
-			} catch (\InvalidArgumentException $e) {
-				\OC::$server->getLogger()->logException($e, [
-					'app' => 'user_ldap',
-					'level' => ILogger::WARN,
-				]);
-				// we don't attempt to set a username here. We can go for
-				// for an alternative 4 digit random number as we would append
-				// otherwise, however it's likely not enough space in bigger
-				// setups, and most importantly: this is not intended.
-				return false;
-			}
-		} else {
-			$intName = $ldapName;
-		}
-
-		//a new user/group! Add it only if it doesn't conflict with other backend's users or existing groups
-		//disabling Cache is required to avoid that the new user is cached as not-existing in fooExists check
-		//NOTE: mind, disabling cache affects only this instance! Using it
-		// outside of core user management will still cache the user as non-existing.
-		$originalTTL = $this->connection->ldapCacheTTL;
-		$this->connection->setConfiguration(['ldapCacheTTL' => 0]);
-		if ($intName !== ''
-			&& (($isUser && !$this->ncUserManager->userExists($intName))
-				|| (!$isUser && !\OC::$server->getGroupManager()->groupExists($intName))
-			)
-		) {
-			$this->connection->setConfiguration(['ldapCacheTTL' => $originalTTL]);
-			$newlyMapped = $this->mapAndAnnounceIfApplicable($mapper, $fdn, $intName, $uuid, $isUser);
-			if ($newlyMapped) {
-				return $intName;
-			}
-		}
-
-		$this->connection->setConfiguration(['ldapCacheTTL' => $originalTTL]);
-		$altName = $this->createAltInternalOwnCloudName($intName, $isUser);
-		if (is_string($altName)) {
-			if ($this->mapAndAnnounceIfApplicable($mapper, $fdn, $altName, $uuid, $isUser)) {
-				$newlyMapped = true;
-				return $altName;
-			}
-		}
-
-		//if everything else did not help..
-		\OCP\Util::writeLog('user_ldap', 'Could not create unique name for ' . $fdn . '.', ILogger::INFO);
-		return false;
-	}
-
-	public function mapAndAnnounceIfApplicable(
-		AbstractMapping $mapper,
-		string $fdn,
-		string $name,
-		string $uuid,
-		bool $isUser
-	): bool {
-		if ($mapper->map($fdn, $name, $uuid)) {
-			if ($this->ncUserManager instanceof PublicEmitter && $isUser) {
-				$this->cacheUserExists($name);
-				$this->ncUserManager->emit('\OC\User', 'assignedUserId', [$name]);
-			} elseif (!$isUser) {
-				$this->cacheGroupExists($name);
-			}
-			return true;
-		}
-		return false;
-	}
-
-	/**
-	 * gives back the user names as they are used ownClod internally
-	 *
-	 * @param array $ldapUsers as returned by fetchList()
-	 * @return array an array with the user names to use in Nextcloud
-	 *
-	 * gives back the user names as they are used ownClod internally
-	 * @throws \Exception
-	 */
-	public function nextcloudUserNames($ldapUsers) {
-		return $this->ldap2NextcloudNames($ldapUsers, true);
-	}
-
-	/**
-	 * gives back the group names as they are used ownClod internally
-	 *
-	 * @param array $ldapGroups as returned by fetchList()
-	 * @return array an array with the group names to use in Nextcloud
-	 *
-	 * gives back the group names as they are used ownClod internally
-	 * @throws \Exception
-	 */
-	public function nextcloudGroupNames($ldapGroups) {
-		return $this->ldap2NextcloudNames($ldapGroups, false);
-	}
-
-	/**
-	 * @param array $ldapObjects as returned by fetchList()
-	 * @param bool $isUsers
-	 * @return array
-	 * @throws \Exception
-	 */
-	private function ldap2NextcloudNames($ldapObjects, $isUsers) {
-		if ($isUsers) {
-			$nameAttribute = $this->connection->ldapUserDisplayName;
-			$sndAttribute = $this->connection->ldapUserDisplayName2;
-		} else {
-			$nameAttribute = $this->connection->ldapGroupDisplayName;
-		}
-		$nextcloudNames = [];
-
-		foreach ($ldapObjects as $ldapObject) {
-			$nameByLDAP = null;
-			if (isset($ldapObject[$nameAttribute])
-				&& is_array($ldapObject[$nameAttribute])
-				&& isset($ldapObject[$nameAttribute][0])
-			) {
-				// might be set, but not necessarily. if so, we use it.
-				$nameByLDAP = $ldapObject[$nameAttribute][0];
-			}
-
-			$ncName = $this->dn2ocname($ldapObject['dn'][0], $nameByLDAP, $isUsers);
-			if ($ncName) {
-				$nextcloudNames[] = $ncName;
-				if ($isUsers) {
-					$this->updateUserState($ncName);
-					//cache the user names so it does not need to be retrieved
-					//again later (e.g. sharing dialogue).
-					if (is_null($nameByLDAP)) {
-						continue;
-					}
-					$sndName = isset($ldapObject[$sndAttribute][0])
-						? $ldapObject[$sndAttribute][0] : '';
-					$this->cacheUserDisplayName($ncName, $nameByLDAP, $sndName);
-				} elseif ($nameByLDAP !== null) {
-					$this->cacheGroupDisplayName($ncName, $nameByLDAP);
-				}
-			}
-		}
-		return $nextcloudNames;
-	}
-
-	/**
-	 * removes the deleted-flag of a user if it was set
-	 *
-	 * @param string $ncname
-	 * @throws \Exception
-	 */
-	public function updateUserState($ncname) {
-		$user = $this->userManager->get($ncname);
-		if ($user instanceof OfflineUser) {
-			$user->unmark();
-		}
-	}
-
-	/**
-	 * caches the user display name
-	 *
-	 * @param string $ocName the internal Nextcloud username
-	 * @param string|false $home the home directory path
-	 */
-	public function cacheUserHome($ocName, $home) {
-		$cacheKey = 'getHome' . $ocName;
-		$this->connection->writeToCache($cacheKey, $home);
-	}
-
-	/**
-	 * caches a user as existing
-	 *
-	 * @param string $ocName the internal Nextcloud username
-	 */
-	public function cacheUserExists($ocName) {
-		$this->connection->writeToCache('userExists' . $ocName, true);
-	}
-
-	/**
-	 * caches a group as existing
-	 */
-	public function cacheGroupExists(string $gid): void {
-		$this->connection->writeToCache('groupExists' . $gid, true);
-	}
-
-	/**
-	 * caches the user display name
-	 *
-	 * @param string $ocName the internal Nextcloud username
-	 * @param string $displayName the display name
-	 * @param string $displayName2 the second display name
-	 * @throws \Exception
-	 */
-	public function cacheUserDisplayName($ocName, $displayName, $displayName2 = '') {
-		$user = $this->userManager->get($ocName);
-		if ($user === null) {
-			return;
-		}
-		$displayName = $user->composeAndStoreDisplayName($displayName, $displayName2);
-		$cacheKeyTrunk = 'getDisplayName';
-		$this->connection->writeToCache($cacheKeyTrunk . $ocName, $displayName);
-	}
-
-	public function cacheGroupDisplayName(string $ncName, string $displayName): void {
-		$cacheKey = 'group_getDisplayName' . $ncName;
-		$this->connection->writeToCache($cacheKey, $displayName);
-	}
-
-	/**
-	 * creates a unique name for internal Nextcloud use for users. Don't call it directly.
-	 *
-	 * @param string $name the display name of the object
-	 * @return string|false with with the name to use in Nextcloud or false if unsuccessful
-	 *
-	 * Instead of using this method directly, call
-	 * createAltInternalOwnCloudName($name, true)
-	 */
-	private function _createAltInternalOwnCloudNameForUsers($name) {
-		$attempts = 0;
-		//while loop is just a precaution. If a name is not generated within
-		//20 attempts, something else is very wrong. Avoids infinite loop.
-		while ($attempts < 20) {
-			$altName = $name . '_' . rand(1000, 9999);
-			if (!$this->ncUserManager->userExists($altName)) {
-				return $altName;
-			}
-			$attempts++;
-		}
-		return false;
-	}
-
-	/**
-	 * creates a unique name for internal Nextcloud use for groups. Don't call it directly.
-	 *
-	 * @param string $name the display name of the object
-	 * @return string|false with with the name to use in Nextcloud or false if unsuccessful.
-	 *
-	 * Instead of using this method directly, call
-	 * createAltInternalOwnCloudName($name, false)
-	 *
-	 * Group names are also used as display names, so we do a sequential
-	 * numbering, e.g. Developers_42 when there are 41 other groups called
-	 * "Developers"
-	 */
-	private function _createAltInternalOwnCloudNameForGroups($name) {
-		$usedNames = $this->groupMapper->getNamesBySearch($name, "", '_%');
-		if (!$usedNames || count($usedNames) === 0) {
-			$lastNo = 1; //will become name_2
-		} else {
-			natsort($usedNames);
-			$lastName = array_pop($usedNames);
-			$lastNo = (int)substr($lastName, strrpos($lastName, '_') + 1);
-		}
-		$altName = $name . '_' . (string)($lastNo + 1);
-		unset($usedNames);
-
-		$attempts = 1;
-		while ($attempts < 21) {
-			// Check to be really sure it is unique
-			// while loop is just a precaution. If a name is not generated within
-			// 20 attempts, something else is very wrong. Avoids infinite loop.
-			if (!\OC::$server->getGroupManager()->groupExists($altName)) {
-				return $altName;
-			}
-			$altName = $name . '_' . ($lastNo + $attempts);
-			$attempts++;
-		}
-		return false;
-	}
-
-	/**
-	 * creates a unique name for internal Nextcloud use.
-	 *
-	 * @param string $name the display name of the object
-	 * @param boolean $isUser whether name should be created for a user (true) or a group (false)
-	 * @return string|false with with the name to use in Nextcloud or false if unsuccessful
-	 */
-	private function createAltInternalOwnCloudName($name, $isUser) {
-		$originalTTL = $this->connection->ldapCacheTTL;
-		$this->connection->setConfiguration(['ldapCacheTTL' => 0]);
-		if ($isUser) {
-			$altName = $this->_createAltInternalOwnCloudNameForUsers($name);
-		} else {
-			$altName = $this->_createAltInternalOwnCloudNameForGroups($name);
-		}
-		$this->connection->setConfiguration(['ldapCacheTTL' => $originalTTL]);
-
-		return $altName;
-	}
-
-	/**
-	 * fetches a list of users according to a provided loginName and utilizing
-	 * the login filter.
-	 */
-	public function fetchUsersByLoginName(string $loginName, array $attributes = ['dn']): array {
-		$loginName = $this->escapeFilterPart($loginName);
-		$filter = str_replace('%uid', $loginName, $this->connection->ldapLoginFilter);
-		return $this->fetchListOfUsers($filter, $attributes);
-	}
-
-	/**
-	 * counts the number of users according to a provided loginName and
-	 * utilizing the login filter.
-	 *
-	 * @param string $loginName
-	 * @return int
-	 */
-	public function countUsersByLoginName($loginName) {
-		$loginName = $this->escapeFilterPart($loginName);
-		$filter = str_replace('%uid', $loginName, $this->connection->ldapLoginFilter);
-		return $this->countUsers($filter);
-	}
-
-	/**
-	 * @throws \Exception
-	 */
-	public function fetchListOfUsers(string $filter, array $attr, int $limit = null, int $offset = null, bool $forceApplyAttributes = false): array {
-		$ldapRecords = $this->searchUsers($filter, $attr, $limit, $offset);
-		$recordsToUpdate = $ldapRecords;
-		if (!$forceApplyAttributes) {
-			$isBackgroundJobModeAjax = $this->config
-					->getAppValue('core', 'backgroundjobs_mode', 'ajax') === 'ajax';
-			$listOfDNs = array_reduce($ldapRecords, function ($listOfDNs, $entry) {
-				$listOfDNs[] = $entry['dn'][0];
-				return $listOfDNs;
-			}, []);
-			$idsByDn = $this->userMapper->getListOfIdsByDn($listOfDNs);
-			$recordsToUpdate = array_filter($ldapRecords, function ($record) use ($isBackgroundJobModeAjax, $idsByDn) {
-				$newlyMapped = false;
-				$uid = $idsByDn[$record['dn'][0]] ?? null;
-				if ($uid === null) {
-					$uid = $this->dn2ocname($record['dn'][0], null, true, $newlyMapped, $record);
-				}
-				if (is_string($uid)) {
-					$this->cacheUserExists($uid);
-				}
-				return ($uid !== false) && ($newlyMapped || $isBackgroundJobModeAjax);
-			});
-		}
-		$this->batchApplyUserAttributes($recordsToUpdate);
-		return $this->fetchList($ldapRecords, $this->manyAttributes($attr));
-	}
-
-	/**
-	 * provided with an array of LDAP user records the method will fetch the
-	 * user object and requests it to process the freshly fetched attributes and
-	 * and their values
-	 *
-	 * @param array $ldapRecords
-	 * @throws \Exception
-	 */
-	public function batchApplyUserAttributes(array $ldapRecords) {
-		$displayNameAttribute = strtolower($this->connection->ldapUserDisplayName);
-		foreach ($ldapRecords as $userRecord) {
-			if (!isset($userRecord[$displayNameAttribute])) {
-				// displayName is obligatory
-				continue;
-			}
-			$ocName = $this->dn2ocname($userRecord['dn'][0], null, true);
-			if ($ocName === false) {
-				continue;
-			}
-			$this->updateUserState($ocName);
-			$user = $this->userManager->get($ocName);
-			if ($user !== null) {
-				$user->processAttributes($userRecord);
-			} else {
-				\OC::$server->getLogger()->debug(
-					"The ldap user manager returned null for $ocName",
-					['app' => 'user_ldap']
-				);
-			}
-		}
-	}
-
-	/**
-	 * @param string $filter
-	 * @param string|string[] $attr
-	 * @param int $limit
-	 * @param int $offset
-	 * @return array
-	 */
-	public function fetchListOfGroups($filter, $attr, $limit = null, $offset = null) {
-		$groupRecords = $this->searchGroups($filter, $attr, $limit, $offset);
-
-		$listOfDNs = array_reduce($groupRecords, function ($listOfDNs, $entry) {
-			$listOfDNs[] = $entry['dn'][0];
-			return $listOfDNs;
-		}, []);
-		$idsByDn = $this->groupMapper->getListOfIdsByDn($listOfDNs);
-
-		array_walk($groupRecords, function ($record) use ($idsByDn) {
-			$newlyMapped = false;
-			$gid = $uidsByDn[$record['dn'][0]] ?? null;
-			if ($gid === null) {
-				$gid = $this->dn2ocname($record['dn'][0], null, false, $newlyMapped, $record);
-			}
-			if (!$newlyMapped && is_string($gid)) {
-				$this->cacheGroupExists($gid);
-			}
-		});
-		return $this->fetchList($groupRecords, $this->manyAttributes($attr));
-	}
-
-	/**
-	 * @param array $list
-	 * @param bool $manyAttributes
-	 * @return array
-	 */
-	private function fetchList($list, $manyAttributes) {
-		if (is_array($list)) {
-			if ($manyAttributes) {
-				return $list;
-			} else {
-				$list = array_reduce($list, function ($carry, $item) {
-					$attribute = array_keys($item)[0];
-					$carry[] = $item[$attribute][0];
-					return $carry;
-				}, []);
-				return array_unique($list, SORT_LOCALE_STRING);
-			}
-		}
-
-		//error cause actually, maybe throw an exception in future.
-		return [];
-	}
-
-	/**
-	 * @throws ServerNotAvailableException
-	 */
-	public function searchUsers(string $filter, array $attr = null, int $limit = null, int $offset = null): array {
-		$result = [];
-		foreach ($this->connection->ldapBaseUsers as $base) {
-			$result = array_merge($result, $this->search($filter, $base, $attr, $limit, $offset));
-		}
-		return $result;
-	}
-
-	/**
-	 * @param string $filter
-	 * @param string|string[] $attr
-	 * @param int $limit
-	 * @param int $offset
-	 * @return false|int
-	 * @throws ServerNotAvailableException
-	 */
-	public function countUsers($filter, $attr = ['dn'], $limit = null, $offset = null) {
-		$result = false;
-		foreach ($this->connection->ldapBaseUsers as $base) {
-			$count = $this->count($filter, [$base], $attr, $limit, $offset);
-			$result = is_int($count) ? (int)$result + $count : $result;
-		}
-		return $result;
-	}
-
-	/**
-	 * executes an LDAP search, optimized for Groups
-	 *
-	 * @param string $filter the LDAP filter for the search
-	 * @param string|string[] $attr optional, when a certain attribute shall be filtered out
-	 * @param integer $limit
-	 * @param integer $offset
-	 * @return array with the search result
-	 *
-	 * Executes an LDAP search
-	 * @throws ServerNotAvailableException
-	 */
-	public function searchGroups($filter, $attr = null, $limit = null, $offset = null) {
-		$result = [];
-		foreach ($this->connection->ldapBaseGroups as $base) {
-			$result = array_merge($result, $this->search($filter, $base, $attr, $limit, $offset));
-		}
-		return $result;
-	}
-
-	/**
-	 * returns the number of available groups
-	 *
-	 * @param string $filter the LDAP search filter
-	 * @param string[] $attr optional
-	 * @param int|null $limit
-	 * @param int|null $offset
-	 * @return int|bool
-	 * @throws ServerNotAvailableException
-	 */
-	public function countGroups($filter, $attr = ['dn'], $limit = null, $offset = null) {
-		$result = false;
-		foreach ($this->connection->ldapBaseGroups as $base) {
-			$count = $this->count($filter, [$base], $attr, $limit, $offset);
-			$result = is_int($count) ? (int)$result + $count : $result;
-		}
-		return $result;
-	}
-
-	/**
-	 * returns the number of available objects on the base DN
-	 *
-	 * @param int|null $limit
-	 * @param int|null $offset
-	 * @return int|bool
-	 * @throws ServerNotAvailableException
-	 */
-	public function countObjects($limit = null, $offset = null) {
-		$result = false;
-		foreach ($this->connection->ldapBase as $base) {
-			$count = $this->count('objectclass=*', [$base], ['dn'], $limit, $offset);
-			$result = is_int($count) ? (int)$result + $count : $result;
-		}
-		return $result;
-	}
-
-	/**
-	 * Returns the LDAP handler
-	 *
-	 * @throws \OC\ServerNotAvailableException
-	 */
-
-	/**
-	 * @return mixed
-	 * @throws \OC\ServerNotAvailableException
-	 */
-	private function invokeLDAPMethod() {
-		$arguments = func_get_args();
-		$command = array_shift($arguments);
-		$cr = array_shift($arguments);
-		if (!method_exists($this->ldap, $command)) {
-			return null;
-		}
-		array_unshift($arguments, $cr);
-		// php no longer supports call-time pass-by-reference
-		// thus cannot support controlPagedResultResponse as the third argument
-		// is a reference
-		$doMethod = function () use ($command, &$arguments) {
-			if ($command == 'controlPagedResultResponse') {
-				throw new \InvalidArgumentException('Invoker does not support controlPagedResultResponse, call LDAP Wrapper directly instead.');
-			} else {
-				return call_user_func_array([$this->ldap, $command], $arguments);
-			}
-		};
-		try {
-			$ret = $doMethod();
-		} catch (ServerNotAvailableException $e) {
-			/* Server connection lost, attempt to reestablish it
+    public const UUID_ATTRIBUTES = ['entryuuid', 'nsuniqueid', 'objectguid', 'guid', 'ipauniqueid'];
+
+    /** @var \OCA\User_LDAP\Connection */
+    public $connection;
+    /** @var Manager */
+    public $userManager;
+    //never ever check this var directly, always use getPagedSearchResultState
+    protected $pagedSearchedSuccessful;
+
+    /**
+     * @var UserMapping $userMapper
+     */
+    protected $userMapper;
+
+    /**
+     * @var AbstractMapping $userMapper
+     */
+    protected $groupMapper;
+
+    /**
+     * @var \OCA\User_LDAP\Helper
+     */
+    private $helper;
+    /** @var IConfig */
+    private $config;
+    /** @var IUserManager */
+    private $ncUserManager;
+    /** @var string */
+    private $lastCookie = '';
+
+    public function __construct(
+        Connection $connection,
+        ILDAPWrapper $ldap,
+        Manager $userManager,
+        Helper $helper,
+        IConfig $config,
+        IUserManager $ncUserManager
+    ) {
+        parent::__construct($ldap);
+        $this->connection = $connection;
+        $this->userManager = $userManager;
+        $this->userManager->setLdapAccess($this);
+        $this->helper = $helper;
+        $this->config = $config;
+        $this->ncUserManager = $ncUserManager;
+    }
+
+    /**
+     * sets the User Mapper
+     *
+     * @param AbstractMapping $mapper
+     */
+    public function setUserMapper(AbstractMapping $mapper) {
+        $this->userMapper = $mapper;
+    }
+
+    /**
+     * @throws \Exception
+     */
+    public function getUserMapper(): UserMapping {
+        if (is_null($this->userMapper)) {
+            throw new \Exception('UserMapper was not assigned to this Access instance.');
+        }
+        return $this->userMapper;
+    }
+
+    /**
+     * sets the Group Mapper
+     *
+     * @param AbstractMapping $mapper
+     */
+    public function setGroupMapper(AbstractMapping $mapper) {
+        $this->groupMapper = $mapper;
+    }
+
+    /**
+     * returns the Group Mapper
+     *
+     * @return AbstractMapping
+     * @throws \Exception
+     */
+    public function getGroupMapper() {
+        if (is_null($this->groupMapper)) {
+            throw new \Exception('GroupMapper was not assigned to this Access instance.');
+        }
+        return $this->groupMapper;
+    }
+
+    /**
+     * @return bool
+     */
+    private function checkConnection() {
+        return ($this->connection instanceof Connection);
+    }
+
+    /**
+     * returns the Connection instance
+     *
+     * @return \OCA\User_LDAP\Connection
+     */
+    public function getConnection() {
+        return $this->connection;
+    }
+
+    /**
+     * reads a given attribute for an LDAP record identified by a DN
+     *
+     * @param string $dn the record in question
+     * @param string $attr the attribute that shall be retrieved
+     *        if empty, just check the record's existence
+     * @param string $filter
+     * @return array|false an array of values on success or an empty
+     *          array if $attr is empty, false otherwise
+     * @throws ServerNotAvailableException
+     */
+    public function readAttribute($dn, $attr, $filter = 'objectClass=*') {
+        if (!$this->checkConnection()) {
+            \OCP\Util::writeLog('user_ldap',
+                'No LDAP Connector assigned, access impossible for readAttribute.',
+                ILogger::WARN);
+            return false;
+        }
+        $cr = $this->connection->getConnectionResource();
+        if (!$this->ldap->isResource($cr)) {
+            //LDAP not available
+            \OCP\Util::writeLog('user_ldap', 'LDAP resource not available.', ILogger::DEBUG);
+            return false;
+        }
+        //Cancel possibly running Paged Results operation, otherwise we run in
+        //LDAP protocol errors
+        $this->abandonPagedSearch();
+        // openLDAP requires that we init a new Paged Search. Not needed by AD,
+        // but does not hurt either.
+        $pagingSize = (int)$this->connection->ldapPagingSize;
+        // 0 won't result in replies, small numbers may leave out groups
+        // (cf. #12306), 500 is default for paging and should work everywhere.
+        $maxResults = $pagingSize > 20 ? $pagingSize : 500;
+        $attr = mb_strtolower($attr, 'UTF-8');
+        // the actual read attribute later may contain parameters on a ranged
+        // request, e.g. member;range=99-199. Depends on server reply.
+        $attrToRead = $attr;
+
+        $values = [];
+        $isRangeRequest = false;
+        do {
+            $result = $this->executeRead($cr, $dn, $attrToRead, $filter, $maxResults);
+            if (is_bool($result)) {
+                // when an exists request was run and it was successful, an empty
+                // array must be returned
+                return $result ? [] : false;
+            }
+
+            if (!$isRangeRequest) {
+                $values = $this->extractAttributeValuesFromResult($result, $attr);
+                if (!empty($values)) {
+                    return $values;
+                }
+            }
+
+            $isRangeRequest = false;
+            $result = $this->extractRangeData($result, $attr);
+            if (!empty($result)) {
+                $normalizedResult = $this->extractAttributeValuesFromResult(
+                    [$attr => $result['values']],
+                    $attr
+                );
+                $values = array_merge($values, $normalizedResult);
+
+                if ($result['rangeHigh'] === '*') {
+                    // when server replies with * as high range value, there are
+                    // no more results left
+                    return $values;
+                } else {
+                    $low = $result['rangeHigh'] + 1;
+                    $attrToRead = $result['attributeName'] . ';range=' . $low . '-*';
+                    $isRangeRequest = true;
+                }
+            }
+        } while ($isRangeRequest);
+
+        \OCP\Util::writeLog('user_ldap', 'Requested attribute ' . $attr . ' not found for ' . $dn, ILogger::DEBUG);
+        return false;
+    }
+
+    /**
+     * Runs an read operation against LDAP
+     *
+     * @param resource $cr the LDAP connection
+     * @param string $dn
+     * @param string $attribute
+     * @param string $filter
+     * @param int $maxResults
+     * @return array|bool false if there was any error, true if an exists check
+     *                    was performed and the requested DN found, array with the
+     *                    returned data on a successful usual operation
+     * @throws ServerNotAvailableException
+     */
+    public function executeRead($cr, $dn, $attribute, $filter, $maxResults) {
+        $this->initPagedSearch($filter, $dn, [$attribute], $maxResults, 0);
+        $dn = $this->helper->DNasBaseParameter($dn);
+        $rr = @$this->invokeLDAPMethod('read', $cr, $dn, $filter, [$attribute]);
+        if (!$this->ldap->isResource($rr)) {
+            if ($attribute !== '') {
+                //do not throw this message on userExists check, irritates
+                \OCP\Util::writeLog('user_ldap', 'readAttribute failed for DN ' . $dn, ILogger::DEBUG);
+            }
+            //in case an error occurs , e.g. object does not exist
+            return false;
+        }
+        if ($attribute === '' && ($filter === 'objectclass=*' || $this->invokeLDAPMethod('countEntries', $cr, $rr) === 1)) {
+            \OCP\Util::writeLog('user_ldap', 'readAttribute: ' . $dn . ' found', ILogger::DEBUG);
+            return true;
+        }
+        $er = $this->invokeLDAPMethod('firstEntry', $cr, $rr);
+        if (!$this->ldap->isResource($er)) {
+            //did not match the filter, return false
+            return false;
+        }
+        //LDAP attributes are not case sensitive
+        $result = \OCP\Util::mb_array_change_key_case(
+            $this->invokeLDAPMethod('getAttributes', $cr, $er), MB_CASE_LOWER, 'UTF-8');
+
+        return $result;
+    }
+
+    /**
+     * Normalizes a result grom getAttributes(), i.e. handles DNs and binary
+     * data if present.
+     *
+     * @param array $result from ILDAPWrapper::getAttributes()
+     * @param string $attribute the attribute name that was read
+     * @return string[]
+     */
+    public function extractAttributeValuesFromResult($result, $attribute) {
+        $values = [];
+        if (isset($result[$attribute]) && $result[$attribute]['count'] > 0) {
+            $lowercaseAttribute = strtolower($attribute);
+            for ($i = 0; $i < $result[$attribute]['count']; $i++) {
+                if ($this->resemblesDN($attribute)) {
+                    $values[] = $this->helper->sanitizeDN($result[$attribute][$i]);
+                } elseif ($lowercaseAttribute === 'objectguid' || $lowercaseAttribute === 'guid') {
+                    $values[] = $this->convertObjectGUID2Str($result[$attribute][$i]);
+                } else {
+                    $values[] = $result[$attribute][$i];
+                }
+            }
+        }
+        return $values;
+    }
+
+    /**
+     * Attempts to find ranged data in a getAttribute results and extracts the
+     * returned values as well as information on the range and full attribute
+     * name for further processing.
+     *
+     * @param array $result from ILDAPWrapper::getAttributes()
+     * @param string $attribute the attribute name that was read. Without ";range=…"
+     * @return array If a range was detected with keys 'values', 'attributeName',
+     *               'attributeFull' and 'rangeHigh', otherwise empty.
+     */
+    public function extractRangeData($result, $attribute) {
+        $keys = array_keys($result);
+        foreach ($keys as $key) {
+            if ($key !== $attribute && strpos($key, $attribute) === 0) {
+                $queryData = explode(';', $key);
+                if (strpos($queryData[1], 'range=') === 0) {
+                    $high = substr($queryData[1], 1 + strpos($queryData[1], '-'));
+                    $data = [
+                        'values' => $result[$key],
+                        'attributeName' => $queryData[0],
+                        'attributeFull' => $key,
+                        'rangeHigh' => $high,
+                    ];
+                    return $data;
+                }
+            }
+        }
+        return [];
+    }
+
+    /**
+     * Set password for an LDAP user identified by a DN
+     *
+     * @param string $userDN the user in question
+     * @param string $password the new password
+     * @return bool
+     * @throws HintException
+     * @throws \Exception
+     */
+    public function setPassword($userDN, $password) {
+        if ((int)$this->connection->turnOnPasswordChange !== 1) {
+            throw new \Exception('LDAP password changes are disabled.');
+        }
+        $cr = $this->connection->getConnectionResource();
+        if (!$this->ldap->isResource($cr)) {
+            //LDAP not available
+            \OCP\Util::writeLog('user_ldap', 'LDAP resource not available.', ILogger::DEBUG);
+            return false;
+        }
+        try {
+            // try PASSWD extended operation first
+            return @$this->invokeLDAPMethod('exopPasswd', $cr, $userDN, '', $password) ||
+                @$this->invokeLDAPMethod('modReplace', $cr, $userDN, $password);
+        } catch (ConstraintViolationException $e) {
+            throw new HintException('Password change rejected.', \OC::$server->getL10N('user_ldap')->t('Password change rejected. Hint: ') . $e->getMessage(), $e->getCode());
+        }
+    }
+
+    /**
+     * checks whether the given attributes value is probably a DN
+     *
+     * @param string $attr the attribute in question
+     * @return boolean if so true, otherwise false
+     */
+    private function resemblesDN($attr) {
+        $resemblingAttributes = [
+            'dn',
+            'uniquemember',
+            'member',
+            // memberOf is an "operational" attribute, without a definition in any RFC
+            'memberof'
+        ];
+        return in_array($attr, $resemblingAttributes);
+    }
+
+    /**
+     * checks whether the given string is probably a DN
+     *
+     * @param string $string
+     * @return boolean
+     */
+    public function stringResemblesDN($string) {
+        $r = $this->ldap->explodeDN($string, 0);
+        // if exploding a DN succeeds and does not end up in
+        // an empty array except for $r[count] being 0.
+        return (is_array($r) && count($r) > 1);
+    }
+
+    /**
+     * returns a DN-string that is cleaned from not domain parts, e.g.
+     * cn=foo,cn=bar,dc=foobar,dc=server,dc=org
+     * becomes dc=foobar,dc=server,dc=org
+     *
+     * @param string $dn
+     * @return string
+     */
+    public function getDomainDNFromDN($dn) {
+        $allParts = $this->ldap->explodeDN($dn, 0);
+        if ($allParts === false) {
+            //not a valid DN
+            return '';
+        }
+        $domainParts = [];
+        $dcFound = false;
+        foreach ($allParts as $part) {
+            if (!$dcFound && strpos($part, 'dc=') === 0) {
+                $dcFound = true;
+            }
+            if ($dcFound) {
+                $domainParts[] = $part;
+            }
+        }
+        return implode(',', $domainParts);
+    }
+
+    /**
+     * returns the LDAP DN for the given internal Nextcloud name of the group
+     *
+     * @param string $name the Nextcloud name in question
+     * @return string|false LDAP DN on success, otherwise false
+     */
+    public function groupname2dn($name) {
+        return $this->groupMapper->getDNByName($name);
+    }
+
+    /**
+     * returns the LDAP DN for the given internal Nextcloud name of the user
+     *
+     * @param string $name the Nextcloud name in question
+     * @return string|false with the LDAP DN on success, otherwise false
+     */
+    public function username2dn($name) {
+        $fdn = $this->userMapper->getDNByName($name);
+
+        //Check whether the DN belongs to the Base, to avoid issues on multi-
+        //server setups
+        if (is_string($fdn) && $this->isDNPartOfBase($fdn, $this->connection->ldapBaseUsers)) {
+            return $fdn;
+        }
+
+        return false;
+    }
+
+    /**
+     * returns the internal Nextcloud name for the given LDAP DN of the group, false on DN outside of search DN or failure
+     *
+     * @param string $fdn the dn of the group object
+     * @param string $ldapName optional, the display name of the object
+     * @return string|false with the name to use in Nextcloud, false on DN outside of search DN
+     * @throws \Exception
+     */
+    public function dn2groupname($fdn, $ldapName = null) {
+        //To avoid bypassing the base DN settings under certain circumstances
+        //with the group support, check whether the provided DN matches one of
+        //the given Bases
+        if (!$this->isDNPartOfBase($fdn, $this->connection->ldapBaseGroups)) {
+            return false;
+        }
+
+        return $this->dn2ocname($fdn, $ldapName, false);
+    }
+
+    /**
+     * returns the internal Nextcloud name for the given LDAP DN of the user, false on DN outside of search DN or failure
+     *
+     * @param string $dn the dn of the user object
+     * @param string $ldapName optional, the display name of the object
+     * @return string|false with with the name to use in Nextcloud
+     * @throws \Exception
+     */
+    public function dn2username($fdn, $ldapName = null) {
+        //To avoid bypassing the base DN settings under certain circumstances
+        //with the group support, check whether the provided DN matches one of
+        //the given Bases
+        if (!$this->isDNPartOfBase($fdn, $this->connection->ldapBaseUsers)) {
+            return false;
+        }
+
+        return $this->dn2ocname($fdn, $ldapName, true);
+    }
+
+    /**
+     * returns an internal Nextcloud name for the given LDAP DN, false on DN outside of search DN
+     *
+     * @param string $fdn the dn of the user object
+     * @param string|null $ldapName optional, the display name of the object
+     * @param bool $isUser optional, whether it is a user object (otherwise group assumed)
+     * @param bool|null $newlyMapped
+     * @param array|null $record
+     * @return false|string with with the name to use in Nextcloud
+     * @throws \Exception
+     */
+    public function dn2ocname($fdn, $ldapName = null, $isUser = true, &$newlyMapped = null, array $record = null) {
+        $newlyMapped = false;
+        if ($isUser) {
+            $mapper = $this->getUserMapper();
+            $nameAttribute = $this->connection->ldapUserDisplayName;
+            $filter = $this->connection->ldapUserFilter;
+        } else {
+            $mapper = $this->getGroupMapper();
+            $nameAttribute = $this->connection->ldapGroupDisplayName;
+            $filter = $this->connection->ldapGroupFilter;
+        }
+
+        //let's try to retrieve the Nextcloud name from the mappings table
+        $ncName = $mapper->getNameByDN($fdn);
+        if (is_string($ncName)) {
+            return $ncName;
+        }
+
+        //second try: get the UUID and check if it is known. Then, update the DN and return the name.
+        $uuid = $this->getUUID($fdn, $isUser, $record);
+        if (is_string($uuid)) {
+            $ncName = $mapper->getNameByUUID($uuid);
+            if (is_string($ncName)) {
+                $mapper->setDNbyUUID($fdn, $uuid);
+                return $ncName;
+            }
+        } else {
+            //If the UUID can't be detected something is foul.
+            \OCP\Util::writeLog('user_ldap', 'Cannot determine UUID for ' . $fdn . '. Skipping.', ILogger::INFO);
+            return false;
+        }
+
+        if (is_null($ldapName)) {
+            $ldapName = $this->readAttribute($fdn, $nameAttribute, $filter);
+            if (!isset($ldapName[0]) && empty($ldapName[0])) {
+                \OCP\Util::writeLog('user_ldap', 'No or empty name for ' . $fdn . ' with filter ' . $filter . '.', ILogger::INFO);
+                return false;
+            }
+            $ldapName = $ldapName[0];
+        }
+
+        if ($isUser) {
+            $usernameAttribute = (string)$this->connection->ldapExpertUsernameAttr;
+            if ($usernameAttribute !== '') {
+                $username = $this->readAttribute($fdn, $usernameAttribute);
+                $username = $username[0];
+            } else {
+                $username = $uuid;
+            }
+            try {
+                $intName = $this->sanitizeUsername($username);
+            } catch (\InvalidArgumentException $e) {
+                \OC::$server->getLogger()->logException($e, [
+                    'app' => 'user_ldap',
+                    'level' => ILogger::WARN,
+                ]);
+                // we don't attempt to set a username here. We can go for
+                // for an alternative 4 digit random number as we would append
+                // otherwise, however it's likely not enough space in bigger
+                // setups, and most importantly: this is not intended.
+                return false;
+            }
+        } else {
+            $intName = $ldapName;
+        }
+
+        //a new user/group! Add it only if it doesn't conflict with other backend's users or existing groups
+        //disabling Cache is required to avoid that the new user is cached as not-existing in fooExists check
+        //NOTE: mind, disabling cache affects only this instance! Using it
+        // outside of core user management will still cache the user as non-existing.
+        $originalTTL = $this->connection->ldapCacheTTL;
+        $this->connection->setConfiguration(['ldapCacheTTL' => 0]);
+        if ($intName !== ''
+            && (($isUser && !$this->ncUserManager->userExists($intName))
+                || (!$isUser && !\OC::$server->getGroupManager()->groupExists($intName))
+            )
+        ) {
+            $this->connection->setConfiguration(['ldapCacheTTL' => $originalTTL]);
+            $newlyMapped = $this->mapAndAnnounceIfApplicable($mapper, $fdn, $intName, $uuid, $isUser);
+            if ($newlyMapped) {
+                return $intName;
+            }
+        }
+
+        $this->connection->setConfiguration(['ldapCacheTTL' => $originalTTL]);
+        $altName = $this->createAltInternalOwnCloudName($intName, $isUser);
+        if (is_string($altName)) {
+            if ($this->mapAndAnnounceIfApplicable($mapper, $fdn, $altName, $uuid, $isUser)) {
+                $newlyMapped = true;
+                return $altName;
+            }
+        }
+
+        //if everything else did not help..
+        \OCP\Util::writeLog('user_ldap', 'Could not create unique name for ' . $fdn . '.', ILogger::INFO);
+        return false;
+    }
+
+    public function mapAndAnnounceIfApplicable(
+        AbstractMapping $mapper,
+        string $fdn,
+        string $name,
+        string $uuid,
+        bool $isUser
+    ): bool {
+        if ($mapper->map($fdn, $name, $uuid)) {
+            if ($this->ncUserManager instanceof PublicEmitter && $isUser) {
+                $this->cacheUserExists($name);
+                $this->ncUserManager->emit('\OC\User', 'assignedUserId', [$name]);
+            } elseif (!$isUser) {
+                $this->cacheGroupExists($name);
+            }
+            return true;
+        }
+        return false;
+    }
+
+    /**
+     * gives back the user names as they are used ownClod internally
+     *
+     * @param array $ldapUsers as returned by fetchList()
+     * @return array an array with the user names to use in Nextcloud
+     *
+     * gives back the user names as they are used ownClod internally
+     * @throws \Exception
+     */
+    public function nextcloudUserNames($ldapUsers) {
+        return $this->ldap2NextcloudNames($ldapUsers, true);
+    }
+
+    /**
+     * gives back the group names as they are used ownClod internally
+     *
+     * @param array $ldapGroups as returned by fetchList()
+     * @return array an array with the group names to use in Nextcloud
+     *
+     * gives back the group names as they are used ownClod internally
+     * @throws \Exception
+     */
+    public function nextcloudGroupNames($ldapGroups) {
+        return $this->ldap2NextcloudNames($ldapGroups, false);
+    }
+
+    /**
+     * @param array $ldapObjects as returned by fetchList()
+     * @param bool $isUsers
+     * @return array
+     * @throws \Exception
+     */
+    private function ldap2NextcloudNames($ldapObjects, $isUsers) {
+        if ($isUsers) {
+            $nameAttribute = $this->connection->ldapUserDisplayName;
+            $sndAttribute = $this->connection->ldapUserDisplayName2;
+        } else {
+            $nameAttribute = $this->connection->ldapGroupDisplayName;
+        }
+        $nextcloudNames = [];
+
+        foreach ($ldapObjects as $ldapObject) {
+            $nameByLDAP = null;
+            if (isset($ldapObject[$nameAttribute])
+                && is_array($ldapObject[$nameAttribute])
+                && isset($ldapObject[$nameAttribute][0])
+            ) {
+                // might be set, but not necessarily. if so, we use it.
+                $nameByLDAP = $ldapObject[$nameAttribute][0];
+            }
+
+            $ncName = $this->dn2ocname($ldapObject['dn'][0], $nameByLDAP, $isUsers);
+            if ($ncName) {
+                $nextcloudNames[] = $ncName;
+                if ($isUsers) {
+                    $this->updateUserState($ncName);
+                    //cache the user names so it does not need to be retrieved
+                    //again later (e.g. sharing dialogue).
+                    if (is_null($nameByLDAP)) {
+                        continue;
+                    }
+                    $sndName = isset($ldapObject[$sndAttribute][0])
+                        ? $ldapObject[$sndAttribute][0] : '';
+                    $this->cacheUserDisplayName($ncName, $nameByLDAP, $sndName);
+                } elseif ($nameByLDAP !== null) {
+                    $this->cacheGroupDisplayName($ncName, $nameByLDAP);
+                }
+            }
+        }
+        return $nextcloudNames;
+    }
+
+    /**
+     * removes the deleted-flag of a user if it was set
+     *
+     * @param string $ncname
+     * @throws \Exception
+     */
+    public function updateUserState($ncname) {
+        $user = $this->userManager->get($ncname);
+        if ($user instanceof OfflineUser) {
+            $user->unmark();
+        }
+    }
+
+    /**
+     * caches the user display name
+     *
+     * @param string $ocName the internal Nextcloud username
+     * @param string|false $home the home directory path
+     */
+    public function cacheUserHome($ocName, $home) {
+        $cacheKey = 'getHome' . $ocName;
+        $this->connection->writeToCache($cacheKey, $home);
+    }
+
+    /**
+     * caches a user as existing
+     *
+     * @param string $ocName the internal Nextcloud username
+     */
+    public function cacheUserExists($ocName) {
+        $this->connection->writeToCache('userExists' . $ocName, true);
+    }
+
+    /**
+     * caches a group as existing
+     */
+    public function cacheGroupExists(string $gid): void {
+        $this->connection->writeToCache('groupExists' . $gid, true);
+    }
+
+    /**
+     * caches the user display name
+     *
+     * @param string $ocName the internal Nextcloud username
+     * @param string $displayName the display name
+     * @param string $displayName2 the second display name
+     * @throws \Exception
+     */
+    public function cacheUserDisplayName($ocName, $displayName, $displayName2 = '') {
+        $user = $this->userManager->get($ocName);
+        if ($user === null) {
+            return;
+        }
+        $displayName = $user->composeAndStoreDisplayName($displayName, $displayName2);
+        $cacheKeyTrunk = 'getDisplayName';
+        $this->connection->writeToCache($cacheKeyTrunk . $ocName, $displayName);
+    }
+
+    public function cacheGroupDisplayName(string $ncName, string $displayName): void {
+        $cacheKey = 'group_getDisplayName' . $ncName;
+        $this->connection->writeToCache($cacheKey, $displayName);
+    }
+
+    /**
+     * creates a unique name for internal Nextcloud use for users. Don't call it directly.
+     *
+     * @param string $name the display name of the object
+     * @return string|false with with the name to use in Nextcloud or false if unsuccessful
+     *
+     * Instead of using this method directly, call
+     * createAltInternalOwnCloudName($name, true)
+     */
+    private function _createAltInternalOwnCloudNameForUsers($name) {
+        $attempts = 0;
+        //while loop is just a precaution. If a name is not generated within
+        //20 attempts, something else is very wrong. Avoids infinite loop.
+        while ($attempts < 20) {
+            $altName = $name . '_' . rand(1000, 9999);
+            if (!$this->ncUserManager->userExists($altName)) {
+                return $altName;
+            }
+            $attempts++;
+        }
+        return false;
+    }
+
+    /**
+     * creates a unique name for internal Nextcloud use for groups. Don't call it directly.
+     *
+     * @param string $name the display name of the object
+     * @return string|false with with the name to use in Nextcloud or false if unsuccessful.
+     *
+     * Instead of using this method directly, call
+     * createAltInternalOwnCloudName($name, false)
+     *
+     * Group names are also used as display names, so we do a sequential
+     * numbering, e.g. Developers_42 when there are 41 other groups called
+     * "Developers"
+     */
+    private function _createAltInternalOwnCloudNameForGroups($name) {
+        $usedNames = $this->groupMapper->getNamesBySearch($name, "", '_%');
+        if (!$usedNames || count($usedNames) === 0) {
+            $lastNo = 1; //will become name_2
+        } else {
+            natsort($usedNames);
+            $lastName = array_pop($usedNames);
+            $lastNo = (int)substr($lastName, strrpos($lastName, '_') + 1);
+        }
+        $altName = $name . '_' . (string)($lastNo + 1);
+        unset($usedNames);
+
+        $attempts = 1;
+        while ($attempts < 21) {
+            // Check to be really sure it is unique
+            // while loop is just a precaution. If a name is not generated within
+            // 20 attempts, something else is very wrong. Avoids infinite loop.
+            if (!\OC::$server->getGroupManager()->groupExists($altName)) {
+                return $altName;
+            }
+            $altName = $name . '_' . ($lastNo + $attempts);
+            $attempts++;
+        }
+        return false;
+    }
+
+    /**
+     * creates a unique name for internal Nextcloud use.
+     *
+     * @param string $name the display name of the object
+     * @param boolean $isUser whether name should be created for a user (true) or a group (false)
+     * @return string|false with with the name to use in Nextcloud or false if unsuccessful
+     */
+    private function createAltInternalOwnCloudName($name, $isUser) {
+        $originalTTL = $this->connection->ldapCacheTTL;
+        $this->connection->setConfiguration(['ldapCacheTTL' => 0]);
+        if ($isUser) {
+            $altName = $this->_createAltInternalOwnCloudNameForUsers($name);
+        } else {
+            $altName = $this->_createAltInternalOwnCloudNameForGroups($name);
+        }
+        $this->connection->setConfiguration(['ldapCacheTTL' => $originalTTL]);
+
+        return $altName;
+    }
+
+    /**
+     * fetches a list of users according to a provided loginName and utilizing
+     * the login filter.
+     */
+    public function fetchUsersByLoginName(string $loginName, array $attributes = ['dn']): array {
+        $loginName = $this->escapeFilterPart($loginName);
+        $filter = str_replace('%uid', $loginName, $this->connection->ldapLoginFilter);
+        return $this->fetchListOfUsers($filter, $attributes);
+    }
+
+    /**
+     * counts the number of users according to a provided loginName and
+     * utilizing the login filter.
+     *
+     * @param string $loginName
+     * @return int
+     */
+    public function countUsersByLoginName($loginName) {
+        $loginName = $this->escapeFilterPart($loginName);
+        $filter = str_replace('%uid', $loginName, $this->connection->ldapLoginFilter);
+        return $this->countUsers($filter);
+    }
+
+    /**
+     * @throws \Exception
+     */
+    public function fetchListOfUsers(string $filter, array $attr, int $limit = null, int $offset = null, bool $forceApplyAttributes = false): array {
+        $ldapRecords = $this->searchUsers($filter, $attr, $limit, $offset);
+        $recordsToUpdate = $ldapRecords;
+        if (!$forceApplyAttributes) {
+            $isBackgroundJobModeAjax = $this->config
+                    ->getAppValue('core', 'backgroundjobs_mode', 'ajax') === 'ajax';
+            $listOfDNs = array_reduce($ldapRecords, function ($listOfDNs, $entry) {
+                $listOfDNs[] = $entry['dn'][0];
+                return $listOfDNs;
+            }, []);
+            $idsByDn = $this->userMapper->getListOfIdsByDn($listOfDNs);
+            $recordsToUpdate = array_filter($ldapRecords, function ($record) use ($isBackgroundJobModeAjax, $idsByDn) {
+                $newlyMapped = false;
+                $uid = $idsByDn[$record['dn'][0]] ?? null;
+                if ($uid === null) {
+                    $uid = $this->dn2ocname($record['dn'][0], null, true, $newlyMapped, $record);
+                }
+                if (is_string($uid)) {
+                    $this->cacheUserExists($uid);
+                }
+                return ($uid !== false) && ($newlyMapped || $isBackgroundJobModeAjax);
+            });
+        }
+        $this->batchApplyUserAttributes($recordsToUpdate);
+        return $this->fetchList($ldapRecords, $this->manyAttributes($attr));
+    }
+
+    /**
+     * provided with an array of LDAP user records the method will fetch the
+     * user object and requests it to process the freshly fetched attributes and
+     * and their values
+     *
+     * @param array $ldapRecords
+     * @throws \Exception
+     */
+    public function batchApplyUserAttributes(array $ldapRecords) {
+        $displayNameAttribute = strtolower($this->connection->ldapUserDisplayName);
+        foreach ($ldapRecords as $userRecord) {
+            if (!isset($userRecord[$displayNameAttribute])) {
+                // displayName is obligatory
+                continue;
+            }
+            $ocName = $this->dn2ocname($userRecord['dn'][0], null, true);
+            if ($ocName === false) {
+                continue;
+            }
+            $this->updateUserState($ocName);
+            $user = $this->userManager->get($ocName);
+            if ($user !== null) {
+                $user->processAttributes($userRecord);
+            } else {
+                \OC::$server->getLogger()->debug(
+                    "The ldap user manager returned null for $ocName",
+                    ['app' => 'user_ldap']
+                );
+            }
+        }
+    }
+
+    /**
+     * @param string $filter
+     * @param string|string[] $attr
+     * @param int $limit
+     * @param int $offset
+     * @return array
+     */
+    public function fetchListOfGroups($filter, $attr, $limit = null, $offset = null) {
+        $groupRecords = $this->searchGroups($filter, $attr, $limit, $offset);
+
+        $listOfDNs = array_reduce($groupRecords, function ($listOfDNs, $entry) {
+            $listOfDNs[] = $entry['dn'][0];
+            return $listOfDNs;
+        }, []);
+        $idsByDn = $this->groupMapper->getListOfIdsByDn($listOfDNs);
+
+        array_walk($groupRecords, function ($record) use ($idsByDn) {
+            $newlyMapped = false;
+            $gid = $uidsByDn[$record['dn'][0]] ?? null;
+            if ($gid === null) {
+                $gid = $this->dn2ocname($record['dn'][0], null, false, $newlyMapped, $record);
+            }
+            if (!$newlyMapped && is_string($gid)) {
+                $this->cacheGroupExists($gid);
+            }
+        });
+        return $this->fetchList($groupRecords, $this->manyAttributes($attr));
+    }
+
+    /**
+     * @param array $list
+     * @param bool $manyAttributes
+     * @return array
+     */
+    private function fetchList($list, $manyAttributes) {
+        if (is_array($list)) {
+            if ($manyAttributes) {
+                return $list;
+            } else {
+                $list = array_reduce($list, function ($carry, $item) {
+                    $attribute = array_keys($item)[0];
+                    $carry[] = $item[$attribute][0];
+                    return $carry;
+                }, []);
+                return array_unique($list, SORT_LOCALE_STRING);
+            }
+        }
+
+        //error cause actually, maybe throw an exception in future.
+        return [];
+    }
+
+    /**
+     * @throws ServerNotAvailableException
+     */
+    public function searchUsers(string $filter, array $attr = null, int $limit = null, int $offset = null): array {
+        $result = [];
+        foreach ($this->connection->ldapBaseUsers as $base) {
+            $result = array_merge($result, $this->search($filter, $base, $attr, $limit, $offset));
+        }
+        return $result;
+    }
+
+    /**
+     * @param string $filter
+     * @param string|string[] $attr
+     * @param int $limit
+     * @param int $offset
+     * @return false|int
+     * @throws ServerNotAvailableException
+     */
+    public function countUsers($filter, $attr = ['dn'], $limit = null, $offset = null) {
+        $result = false;
+        foreach ($this->connection->ldapBaseUsers as $base) {
+            $count = $this->count($filter, [$base], $attr, $limit, $offset);
+            $result = is_int($count) ? (int)$result + $count : $result;
+        }
+        return $result;
+    }
+
+    /**
+     * executes an LDAP search, optimized for Groups
+     *
+     * @param string $filter the LDAP filter for the search
+     * @param string|string[] $attr optional, when a certain attribute shall be filtered out
+     * @param integer $limit
+     * @param integer $offset
+     * @return array with the search result
+     *
+     * Executes an LDAP search
+     * @throws ServerNotAvailableException
+     */
+    public function searchGroups($filter, $attr = null, $limit = null, $offset = null) {
+        $result = [];
+        foreach ($this->connection->ldapBaseGroups as $base) {
+            $result = array_merge($result, $this->search($filter, $base, $attr, $limit, $offset));
+        }
+        return $result;
+    }
+
+    /**
+     * returns the number of available groups
+     *
+     * @param string $filter the LDAP search filter
+     * @param string[] $attr optional
+     * @param int|null $limit
+     * @param int|null $offset
+     * @return int|bool
+     * @throws ServerNotAvailableException
+     */
+    public function countGroups($filter, $attr = ['dn'], $limit = null, $offset = null) {
+        $result = false;
+        foreach ($this->connection->ldapBaseGroups as $base) {
+            $count = $this->count($filter, [$base], $attr, $limit, $offset);
+            $result = is_int($count) ? (int)$result + $count : $result;
+        }
+        return $result;
+    }
+
+    /**
+     * returns the number of available objects on the base DN
+     *
+     * @param int|null $limit
+     * @param int|null $offset
+     * @return int|bool
+     * @throws ServerNotAvailableException
+     */
+    public function countObjects($limit = null, $offset = null) {
+        $result = false;
+        foreach ($this->connection->ldapBase as $base) {
+            $count = $this->count('objectclass=*', [$base], ['dn'], $limit, $offset);
+            $result = is_int($count) ? (int)$result + $count : $result;
+        }
+        return $result;
+    }
+
+    /**
+     * Returns the LDAP handler
+     *
+     * @throws \OC\ServerNotAvailableException
+     */
+
+    /**
+     * @return mixed
+     * @throws \OC\ServerNotAvailableException
+     */
+    private function invokeLDAPMethod() {
+        $arguments = func_get_args();
+        $command = array_shift($arguments);
+        $cr = array_shift($arguments);
+        if (!method_exists($this->ldap, $command)) {
+            return null;
+        }
+        array_unshift($arguments, $cr);
+        // php no longer supports call-time pass-by-reference
+        // thus cannot support controlPagedResultResponse as the third argument
+        // is a reference
+        $doMethod = function () use ($command, &$arguments) {
+            if ($command == 'controlPagedResultResponse') {
+                throw new \InvalidArgumentException('Invoker does not support controlPagedResultResponse, call LDAP Wrapper directly instead.');
+            } else {
+                return call_user_func_array([$this->ldap, $command], $arguments);
+            }
+        };
+        try {
+            $ret = $doMethod();
+        } catch (ServerNotAvailableException $e) {
+            /* Server connection lost, attempt to reestablish it
 			 * Maybe implement exponential backoff?
 			 * This was enough to get solr indexer working which has large delays between LDAP fetches.
 			 */
-			\OCP\Util::writeLog('user_ldap', "Connection lost on $command, attempting to reestablish.", ILogger::DEBUG);
-			$this->connection->resetConnectionResource();
-			$cr = $this->connection->getConnectionResource();
-
-			if (!$this->ldap->isResource($cr)) {
-				// Seems like we didn't find any resource.
-				\OCP\Util::writeLog('user_ldap', "Could not $command, because resource is missing.", ILogger::DEBUG);
-				throw $e;
-			}
-
-			$arguments[0] = $cr;
-			$ret = $doMethod();
-		}
-		return $ret;
-	}
-
-	/**
-	 * retrieved. Results will according to the order in the array.
-	 *
-	 * @param string $filter
-	 * @param string $base
-	 * @param string[] $attr
-	 * @param int|null $limit optional, maximum results to be counted
-	 * @param int|null $offset optional, a starting point
-	 * @return array|false array with the search result as first value and pagedSearchOK as
-	 * second | false if not successful
-	 * @throws ServerNotAvailableException
-	 */
-	private function executeSearch(
-		string $filter,
-		string $base,
-		?array &$attr,
-		?int $limit,
-		?int $offset
-	) {
-		// See if we have a resource, in case not cancel with message
-		$cr = $this->connection->getConnectionResource();
-		if (!$this->ldap->isResource($cr)) {
-			// Seems like we didn't find any resource.
-			// Return an empty array just like before.
-			\OCP\Util::writeLog('user_ldap', 'Could not search, because resource is missing.', ILogger::DEBUG);
-			return false;
-		}
-
-		//check whether paged search should be attempted
-		$pagedSearchOK = $this->initPagedSearch($filter, $base, $attr, (int)$limit, (int)$offset);
-
-		$sr = $this->invokeLDAPMethod('search', $cr, $base, $filter, $attr);
-		// cannot use $cr anymore, might have changed in the previous call!
-		$error = $this->ldap->errno($this->connection->getConnectionResource());
-		if (!$this->ldap->isResource($sr) || $error !== 0) {
-			\OCP\Util::writeLog('user_ldap', 'Attempt for Paging?  ' . print_r($pagedSearchOK, true), ILogger::ERROR);
-			return false;
-		}
-
-		return [$sr, $pagedSearchOK];
-	}
-
-	/**
-	 * processes an LDAP paged search operation
-	 *
-	 * @param resource $sr the array containing the LDAP search resources
-	 * @param int $foundItems number of results in the single search operation
-	 * @param int $limit maximum results to be counted
-	 * @param bool $pagedSearchOK whether a paged search has been executed
-	 * @param bool $skipHandling required for paged search when cookies to
-	 * prior results need to be gained
-	 * @return bool cookie validity, true if we have more pages, false otherwise.
-	 * @throws ServerNotAvailableException
-	 */
-	private function processPagedSearchStatus(
-		$sr,
-		int $foundItems,
-		int $limit,
-		bool $pagedSearchOK,
-		bool $skipHandling
-	): bool {
-		$cookie = null;
-		if ($pagedSearchOK) {
-			$cr = $this->connection->getConnectionResource();
-			if ($this->ldap->controlPagedResultResponse($cr, $sr, $cookie)) {
-				$this->lastCookie = $cookie;
-			}
-
-			//browsing through prior pages to get the cookie for the new one
-			if ($skipHandling) {
-				return false;
-			}
-			// if count is bigger, then the server does not support
-			// paged search. Instead, he did a normal search. We set a
-			// flag here, so the callee knows how to deal with it.
-			if ($foundItems <= $limit) {
-				$this->pagedSearchedSuccessful = true;
-			}
-		} else {
-			if (!is_null($limit) && (int)$this->connection->ldapPagingSize !== 0) {
-				\OC::$server->getLogger()->debug(
-					'Paged search was not available',
-					['app' => 'user_ldap']
-				);
-			}
-		}
-		/* ++ Fixing RHDS searches with pages with zero results ++
+            \OCP\Util::writeLog('user_ldap', "Connection lost on $command, attempting to reestablish.", ILogger::DEBUG);
+            $this->connection->resetConnectionResource();
+            $cr = $this->connection->getConnectionResource();
+
+            if (!$this->ldap->isResource($cr)) {
+                // Seems like we didn't find any resource.
+                \OCP\Util::writeLog('user_ldap', "Could not $command, because resource is missing.", ILogger::DEBUG);
+                throw $e;
+            }
+
+            $arguments[0] = $cr;
+            $ret = $doMethod();
+        }
+        return $ret;
+    }
+
+    /**
+     * retrieved. Results will according to the order in the array.
+     *
+     * @param string $filter
+     * @param string $base
+     * @param string[] $attr
+     * @param int|null $limit optional, maximum results to be counted
+     * @param int|null $offset optional, a starting point
+     * @return array|false array with the search result as first value and pagedSearchOK as
+     * second | false if not successful
+     * @throws ServerNotAvailableException
+     */
+    private function executeSearch(
+        string $filter,
+        string $base,
+        ?array &$attr,
+        ?int $limit,
+        ?int $offset
+    ) {
+        // See if we have a resource, in case not cancel with message
+        $cr = $this->connection->getConnectionResource();
+        if (!$this->ldap->isResource($cr)) {
+            // Seems like we didn't find any resource.
+            // Return an empty array just like before.
+            \OCP\Util::writeLog('user_ldap', 'Could not search, because resource is missing.', ILogger::DEBUG);
+            return false;
+        }
+
+        //check whether paged search should be attempted
+        $pagedSearchOK = $this->initPagedSearch($filter, $base, $attr, (int)$limit, (int)$offset);
+
+        $sr = $this->invokeLDAPMethod('search', $cr, $base, $filter, $attr);
+        // cannot use $cr anymore, might have changed in the previous call!
+        $error = $this->ldap->errno($this->connection->getConnectionResource());
+        if (!$this->ldap->isResource($sr) || $error !== 0) {
+            \OCP\Util::writeLog('user_ldap', 'Attempt for Paging?  ' . print_r($pagedSearchOK, true), ILogger::ERROR);
+            return false;
+        }
+
+        return [$sr, $pagedSearchOK];
+    }
+
+    /**
+     * processes an LDAP paged search operation
+     *
+     * @param resource $sr the array containing the LDAP search resources
+     * @param int $foundItems number of results in the single search operation
+     * @param int $limit maximum results to be counted
+     * @param bool $pagedSearchOK whether a paged search has been executed
+     * @param bool $skipHandling required for paged search when cookies to
+     * prior results need to be gained
+     * @return bool cookie validity, true if we have more pages, false otherwise.
+     * @throws ServerNotAvailableException
+     */
+    private function processPagedSearchStatus(
+        $sr,
+        int $foundItems,
+        int $limit,
+        bool $pagedSearchOK,
+        bool $skipHandling
+    ): bool {
+        $cookie = null;
+        if ($pagedSearchOK) {
+            $cr = $this->connection->getConnectionResource();
+            if ($this->ldap->controlPagedResultResponse($cr, $sr, $cookie)) {
+                $this->lastCookie = $cookie;
+            }
+
+            //browsing through prior pages to get the cookie for the new one
+            if ($skipHandling) {
+                return false;
+            }
+            // if count is bigger, then the server does not support
+            // paged search. Instead, he did a normal search. We set a
+            // flag here, so the callee knows how to deal with it.
+            if ($foundItems <= $limit) {
+                $this->pagedSearchedSuccessful = true;
+            }
+        } else {
+            if (!is_null($limit) && (int)$this->connection->ldapPagingSize !== 0) {
+                \OC::$server->getLogger()->debug(
+                    'Paged search was not available',
+                    ['app' => 'user_ldap']
+                );
+            }
+        }
+        /* ++ Fixing RHDS searches with pages with zero results ++
 		 * Return cookie status. If we don't have more pages, with RHDS
 		 * cookie is null, with openldap cookie is an empty string and
 		 * to 386ds '0' is a valid cookie. Even if $iFoundItems == 0
 		 */
-		return !empty($cookie) || $cookie === '0';
-	}
-
-	/**
-	 * executes an LDAP search, but counts the results only
-	 *
-	 * @param string $filter the LDAP filter for the search
-	 * @param array $bases an array containing the LDAP subtree(s) that shall be searched
-	 * @param string|string[] $attr optional, array, one or more attributes that shall be
-	 * retrieved. Results will according to the order in the array.
-	 * @param int $limit optional, maximum results to be counted
-	 * @param int $offset optional, a starting point
-	 * @param bool $skipHandling indicates whether the pages search operation is
-	 * completed
-	 * @return int|false Integer or false if the search could not be initialized
-	 * @throws ServerNotAvailableException
-	 */
-	private function count(
-		string $filter,
-		array $bases,
-		$attr = null,
-		?int $limit = null,
-		?int $offset = null,
-		bool $skipHandling = false
-	) {
-		\OC::$server->getLogger()->debug('Count filter: {filter}', [
-			'app' => 'user_ldap',
-			'filter' => $filter
-		]);
-
-		if (!is_null($attr) && !is_array($attr)) {
-			$attr = [mb_strtolower($attr, 'UTF-8')];
-		}
-
-		$limitPerPage = (int)$this->connection->ldapPagingSize;
-		if (!is_null($limit) && $limit < $limitPerPage && $limit > 0) {
-			$limitPerPage = $limit;
-		}
-
-		$counter = 0;
-		$count = null;
-		$this->connection->getConnectionResource();
-
-		foreach ($bases as $base) {
-			do {
-				$search = $this->executeSearch($filter, $base, $attr, $limitPerPage, $offset);
-				if ($search === false) {
-					return $counter > 0 ? $counter : false;
-				}
-				list($sr, $pagedSearchOK) = $search;
-
-				/* ++ Fixing RHDS searches with pages with zero results ++
+        return !empty($cookie) || $cookie === '0';
+    }
+
+    /**
+     * executes an LDAP search, but counts the results only
+     *
+     * @param string $filter the LDAP filter for the search
+     * @param array $bases an array containing the LDAP subtree(s) that shall be searched
+     * @param string|string[] $attr optional, array, one or more attributes that shall be
+     * retrieved. Results will according to the order in the array.
+     * @param int $limit optional, maximum results to be counted
+     * @param int $offset optional, a starting point
+     * @param bool $skipHandling indicates whether the pages search operation is
+     * completed
+     * @return int|false Integer or false if the search could not be initialized
+     * @throws ServerNotAvailableException
+     */
+    private function count(
+        string $filter,
+        array $bases,
+        $attr = null,
+        ?int $limit = null,
+        ?int $offset = null,
+        bool $skipHandling = false
+    ) {
+        \OC::$server->getLogger()->debug('Count filter: {filter}', [
+            'app' => 'user_ldap',
+            'filter' => $filter
+        ]);
+
+        if (!is_null($attr) && !is_array($attr)) {
+            $attr = [mb_strtolower($attr, 'UTF-8')];
+        }
+
+        $limitPerPage = (int)$this->connection->ldapPagingSize;
+        if (!is_null($limit) && $limit < $limitPerPage && $limit > 0) {
+            $limitPerPage = $limit;
+        }
+
+        $counter = 0;
+        $count = null;
+        $this->connection->getConnectionResource();
+
+        foreach ($bases as $base) {
+            do {
+                $search = $this->executeSearch($filter, $base, $attr, $limitPerPage, $offset);
+                if ($search === false) {
+                    return $counter > 0 ? $counter : false;
+                }
+                list($sr, $pagedSearchOK) = $search;
+
+                /* ++ Fixing RHDS searches with pages with zero results ++
 				 * countEntriesInSearchResults() method signature changed
 				 * by removing $limit and &$hasHitLimit parameters
 				 */
-				$count = $this->countEntriesInSearchResults($sr);
-				$counter += $count;
+                $count = $this->countEntriesInSearchResults($sr);
+                $counter += $count;
 
-				$hasMorePages = $this->processPagedSearchStatus($sr, $count, $limitPerPage, $pagedSearchOK, $skipHandling);
-				$offset += $limitPerPage;
-				/* ++ Fixing RHDS searches with pages with zero results ++
+                $hasMorePages = $this->processPagedSearchStatus($sr, $count, $limitPerPage, $pagedSearchOK, $skipHandling);
+                $offset += $limitPerPage;
+                /* ++ Fixing RHDS searches with pages with zero results ++
 				 * Continue now depends on $hasMorePages value
 				 */
-				$continue = $pagedSearchOK && $hasMorePages;
-			} while ($continue && (is_null($limit) || $limit <= 0 || $limit > $counter));
-		}
-
-		return $counter;
-	}
-
-	/**
-	 * @param resource $sr
-	 * @return int
-	 * @throws ServerNotAvailableException
-	 */
-	private function countEntriesInSearchResults($sr): int {
-		return (int)$this->invokeLDAPMethod('countEntries', $this->connection->getConnectionResource(), $sr);
-	}
-
-	/**
-	 * Executes an LDAP search
-	 *
-	 * @throws ServerNotAvailableException
-	 */
-	public function search(
-		string $filter,
-		string $base,
-		?array $attr = null,
-		?int $limit = null,
-		?int $offset = null,
-		bool $skipHandling = false
-	): array {
-		$limitPerPage = (int)$this->connection->ldapPagingSize;
-		if (!is_null($limit) && $limit < $limitPerPage && $limit > 0) {
-			$limitPerPage = $limit;
-		}
-
-		if (!is_null($attr) && !is_array($attr)) {
-			$attr = [mb_strtolower($attr, 'UTF-8')];
-		}
-
-		/* ++ Fixing RHDS searches with pages with zero results ++
+                $continue = $pagedSearchOK && $hasMorePages;
+            } while ($continue && (is_null($limit) || $limit <= 0 || $limit > $counter));
+        }
+
+        return $counter;
+    }
+
+    /**
+     * @param resource $sr
+     * @return int
+     * @throws ServerNotAvailableException
+     */
+    private function countEntriesInSearchResults($sr): int {
+        return (int)$this->invokeLDAPMethod('countEntries', $this->connection->getConnectionResource(), $sr);
+    }
+
+    /**
+     * Executes an LDAP search
+     *
+     * @throws ServerNotAvailableException
+     */
+    public function search(
+        string $filter,
+        string $base,
+        ?array $attr = null,
+        ?int $limit = null,
+        ?int $offset = null,
+        bool $skipHandling = false
+    ): array {
+        $limitPerPage = (int)$this->connection->ldapPagingSize;
+        if (!is_null($limit) && $limit < $limitPerPage && $limit > 0) {
+            $limitPerPage = $limit;
+        }
+
+        if (!is_null($attr) && !is_array($attr)) {
+            $attr = [mb_strtolower($attr, 'UTF-8')];
+        }
+
+        /* ++ Fixing RHDS searches with pages with zero results ++
 		 * As we can have pages with zero results and/or pages with less
 		 * than $limit results but with a still valid server 'cookie',
 		 * loops through until we get $continue equals true and
 		 * $findings['count'] < $limit
 		 */
-		$findings = [];
-		$savedoffset = $offset;
-		$iFoundItems = 0;
-
-		do {
-			$search = $this->executeSearch($filter, $base, $attr, $limitPerPage, $offset);
-			if ($search === false) {
-				return [];
-			}
-			list($sr, $pagedSearchOK) = $search;
-			$cr = $this->connection->getConnectionResource();
-
-			if ($skipHandling) {
-				//i.e. result do not need to be fetched, we just need the cookie
-				//thus pass 1 or any other value as $iFoundItems because it is not
-				//used
-				$this->processPagedSearchStatus($sr, 1, $limitPerPage, $pagedSearchOK, $skipHandling);
-				return [];
-			}
-
-			$findings = array_merge($findings, $this->invokeLDAPMethod('getEntries', $cr, $sr));
-			$iFoundItems = max($iFoundItems, $findings['count']);
-			unset($findings['count']);
-
-			$continue = $this->processPagedSearchStatus($sr, $iFoundItems, $limitPerPage, $pagedSearchOK, $skipHandling);
-			$offset += $limitPerPage;
-		} while ($continue && $pagedSearchOK && ($limit === null || count($findings) < $limit));
-
-		// resetting offset
-		$offset = $savedoffset;
-
-		// if we're here, probably no connection resource is returned.
-		// to make Nextcloud behave nicely, we simply give back an empty array.
-		if (is_null($findings)) {
-			return [];
-		}
-
-		if (!is_null($attr)) {
-			$selection = [];
-			$i = 0;
-			foreach ($findings as $item) {
-				if (!is_array($item)) {
-					continue;
-				}
-				$item = \OCP\Util::mb_array_change_key_case($item, MB_CASE_LOWER, 'UTF-8');
-				foreach ($attr as $key) {
-					if (isset($item[$key])) {
-						if (is_array($item[$key]) && isset($item[$key]['count'])) {
-							unset($item[$key]['count']);
-						}
-						if ($key !== 'dn') {
-							if ($this->resemblesDN($key)) {
-								$selection[$i][$key] = $this->helper->sanitizeDN($item[$key]);
-							} elseif ($key === 'objectguid' || $key === 'guid') {
-								$selection[$i][$key] = [$this->convertObjectGUID2Str($item[$key][0])];
-							} else {
-								$selection[$i][$key] = $item[$key];
-							}
-						} else {
-							$selection[$i][$key] = [$this->helper->sanitizeDN($item[$key])];
-						}
-					}
-				}
-				$i++;
-			}
-			$findings = $selection;
-		}
-		//we slice the findings, when
-		//a) paged search unsuccessful, though attempted
-		//b) no paged search, but limit set
-		if ((!$this->getPagedSearchResultState()
-				&& $pagedSearchOK)
-			|| (
-				!$pagedSearchOK
-				&& !is_null($limit)
-			)
-		) {
-			$findings = array_slice($findings, (int)$offset, $limit);
-		}
-		return $findings;
-	}
-
-	/**
-	 * @param string $name
-	 * @return string
-	 * @throws \InvalidArgumentException
-	 */
-	public function sanitizeUsername($name) {
-		$name = trim($name);
-
-		if ($this->connection->ldapIgnoreNamingRules) {
-			return $name;
-		}
-
-		// Transliteration to ASCII
-		$transliterated = @iconv('UTF-8', 'ASCII//TRANSLIT', $name);
-		if ($transliterated !== false) {
-			// depending on system config iconv can work or not
-			$name = $transliterated;
-		}
-
-		// Replacements
-		$name = str_replace(' ', '_', $name);
-
-		// Every remaining disallowed characters will be removed
-		$name = preg_replace('/[^a-zA-Z0-9_.@-]/u', '', $name);
-
-		if ($name === '') {
-			throw new \InvalidArgumentException('provided name template for username does not contain any allowed characters');
-		}
-
-		return $name;
-	}
-
-	/**
-	 * escapes (user provided) parts for LDAP filter
-	 *
-	 * @param string $input , the provided value
-	 * @param bool $allowAsterisk whether in * at the beginning should be preserved
-	 * @return string the escaped string
-	 */
-	public function escapeFilterPart($input, $allowAsterisk = false): string {
-		$asterisk = '';
-		if ($allowAsterisk && strlen($input) > 0 && $input[0] === '*') {
-			$asterisk = '*';
-			$input = mb_substr($input, 1, null, 'UTF-8');
-		}
-		$search = ['*', '\\', '(', ')'];
-		$replace = ['\\*', '\\\\', '\\(', '\\)'];
-		return $asterisk . str_replace($search, $replace, $input);
-	}
-
-	/**
-	 * combines the input filters with AND
-	 *
-	 * @param string[] $filters the filters to connect
-	 * @return string the combined filter
-	 */
-	public function combineFilterWithAnd($filters): string {
-		return $this->combineFilter($filters, '&');
-	}
-
-	/**
-	 * combines the input filters with OR
-	 *
-	 * @param string[] $filters the filters to connect
-	 * @return string the combined filter
-	 * Combines Filter arguments with OR
-	 */
-	public function combineFilterWithOr($filters) {
-		return $this->combineFilter($filters, '|');
-	}
-
-	/**
-	 * combines the input filters with given operator
-	 *
-	 * @param string[] $filters the filters to connect
-	 * @param string $operator either & or |
-	 * @return string the combined filter
-	 */
-	private function combineFilter($filters, $operator) {
-		$combinedFilter = '(' . $operator;
-		foreach ($filters as $filter) {
-			if ($filter !== '' && $filter[0] !== '(') {
-				$filter = '(' . $filter . ')';
-			}
-			$combinedFilter .= $filter;
-		}
-		$combinedFilter .= ')';
-		return $combinedFilter;
-	}
-
-	/**
-	 * creates a filter part for to perform search for users
-	 *
-	 * @param string $search the search term
-	 * @return string the final filter part to use in LDAP searches
-	 */
-	public function getFilterPartForUserSearch($search) {
-		return $this->getFilterPartForSearch($search,
-			$this->connection->ldapAttributesForUserSearch,
-			$this->connection->ldapUserDisplayName);
-	}
-
-	/**
-	 * creates a filter part for to perform search for groups
-	 *
-	 * @param string $search the search term
-	 * @return string the final filter part to use in LDAP searches
-	 */
-	public function getFilterPartForGroupSearch($search) {
-		return $this->getFilterPartForSearch($search,
-			$this->connection->ldapAttributesForGroupSearch,
-			$this->connection->ldapGroupDisplayName);
-	}
-
-	/**
-	 * creates a filter part for searches by splitting up the given search
-	 * string into single words
-	 *
-	 * @param string $search the search term
-	 * @param string[] $searchAttributes needs to have at least two attributes,
-	 * otherwise it does not make sense :)
-	 * @return string the final filter part to use in LDAP searches
-	 * @throws DomainException
-	 */
-	private function getAdvancedFilterPartForSearch($search, $searchAttributes) {
-		if (!is_array($searchAttributes) || count($searchAttributes) < 2) {
-			throw new DomainException('searchAttributes must be an array with at least two string');
-		}
-		$searchWords = explode(' ', trim($search));
-		$wordFilters = [];
-		foreach ($searchWords as $word) {
-			$word = $this->prepareSearchTerm($word);
-			//every word needs to appear at least once
-			$wordMatchOneAttrFilters = [];
-			foreach ($searchAttributes as $attr) {
-				$wordMatchOneAttrFilters[] = $attr . '=' . $word;
-			}
-			$wordFilters[] = $this->combineFilterWithOr($wordMatchOneAttrFilters);
-		}
-		return $this->combineFilterWithAnd($wordFilters);
-	}
-
-	/**
-	 * creates a filter part for searches
-	 *
-	 * @param string $search the search term
-	 * @param string[]|null $searchAttributes
-	 * @param string $fallbackAttribute a fallback attribute in case the user
-	 * did not define search attributes. Typically the display name attribute.
-	 * @return string the final filter part to use in LDAP searches
-	 */
-	private function getFilterPartForSearch($search, $searchAttributes, $fallbackAttribute) {
-		$filter = [];
-		$haveMultiSearchAttributes = (is_array($searchAttributes) && count($searchAttributes) > 0);
-		if ($haveMultiSearchAttributes && strpos(trim($search), ' ') !== false) {
-			try {
-				return $this->getAdvancedFilterPartForSearch($search, $searchAttributes);
-			} catch (DomainException $e) {
-				// Creating advanced filter for search failed, falling back to simple method. Edge case, but valid.
-			}
-		}
-
-		$search = $this->prepareSearchTerm($search);
-		if (!is_array($searchAttributes) || count($searchAttributes) === 0) {
-			if ($fallbackAttribute === '') {
-				return '';
-			}
-			$filter[] = $fallbackAttribute . '=' . $search;
-		} else {
-			foreach ($searchAttributes as $attribute) {
-				$filter[] = $attribute . '=' . $search;
-			}
-		}
-		if (count($filter) === 1) {
-			return '(' . $filter[0] . ')';
-		}
-		return $this->combineFilterWithOr($filter);
-	}
-
-	/**
-	 * returns the search term depending on whether we are allowed
-	 * list users found by ldap with the current input appended by
-	 * a *
-	 *
-	 * @return string
-	 */
-	private function prepareSearchTerm($term) {
-		$config = \OC::$server->getConfig();
-
-		$allowEnum = $config->getAppValue('core', 'shareapi_allow_share_dialog_user_enumeration', 'yes');
-
-		$result = $term;
-		if ($term === '') {
-			$result = '*';
-		} elseif ($allowEnum !== 'no') {
-			$result = $term . '*';
-		}
-		return $result;
-	}
-
-	/**
-	 * returns the filter used for counting users
-	 *
-	 * @return string
-	 */
-	public function getFilterForUserCount() {
-		$filter = $this->combineFilterWithAnd([
-			$this->connection->ldapUserFilter,
-			$this->connection->ldapUserDisplayName . '=*'
-		]);
-
-		return $filter;
-	}
-
-	/**
-	 * @param string $name
-	 * @param string $password
-	 * @return bool
-	 */
-	public function areCredentialsValid($name, $password) {
-		$name = $this->helper->DNasBaseParameter($name);
-		$testConnection = clone $this->connection;
-		$credentials = [
-			'ldapAgentName' => $name,
-			'ldapAgentPassword' => $password
-		];
-		if (!$testConnection->setConfiguration($credentials)) {
-			return false;
-		}
-		return $testConnection->bind();
-	}
-
-	/**
-	 * reverse lookup of a DN given a known UUID
-	 *
-	 * @param string $uuid
-	 * @return string
-	 * @throws \Exception
-	 */
-	public function getUserDnByUuid($uuid) {
-		$uuidOverride = $this->connection->ldapExpertUUIDUserAttr;
-		$filter = $this->connection->ldapUserFilter;
-		$bases = $this->connection->ldapBaseUsers;
-
-		if ($this->connection->ldapUuidUserAttribute === 'auto' && $uuidOverride === '') {
-			// Sacrebleu! The UUID attribute is unknown :( We need first an
-			// existing DN to be able to reliably detect it.
-			foreach ($bases as $base) {
-				$result = $this->search($filter, $base, ['dn'], 1);
-				if (!isset($result[0]) || !isset($result[0]['dn'])) {
-					continue;
-				}
-				$dn = $result[0]['dn'][0];
-				if ($hasFound = $this->detectUuidAttribute($dn, true)) {
-					break;
-				}
-			}
-			if (!isset($hasFound) || !$hasFound) {
-				throw new \Exception('Cannot determine UUID attribute');
-			}
-		} else {
-			// The UUID attribute is either known or an override is given.
-			// By calling this method we ensure that $this->connection->$uuidAttr
-			// is definitely set
-			if (!$this->detectUuidAttribute('', true)) {
-				throw new \Exception('Cannot determine UUID attribute');
-			}
-		}
-
-		$uuidAttr = $this->connection->ldapUuidUserAttribute;
-		if ($uuidAttr === 'guid' || $uuidAttr === 'objectguid') {
-			$uuid = $this->formatGuid2ForFilterUser($uuid);
-		}
-
-		$filter = $uuidAttr . '=' . $uuid;
-		$result = $this->searchUsers($filter, ['dn'], 2);
-		if (is_array($result) && isset($result[0]) && isset($result[0]['dn']) && count($result) === 1) {
-			// we put the count into account to make sure that this is
-			// really unique
-			return $result[0]['dn'][0];
-		}
-
-		throw new \Exception('Cannot determine UUID attribute');
-	}
-
-	/**
-	 * auto-detects the directory's UUID attribute
-	 *
-	 * @param string $dn a known DN used to check against
-	 * @param bool $isUser
-	 * @param bool $force the detection should be run, even if it is not set to auto
-	 * @param array|null $ldapRecord
-	 * @return bool true on success, false otherwise
-	 * @throws ServerNotAvailableException
-	 */
-	private function detectUuidAttribute($dn, $isUser = true, $force = false, array $ldapRecord = null) {
-		if ($isUser) {
-			$uuidAttr = 'ldapUuidUserAttribute';
-			$uuidOverride = $this->connection->ldapExpertUUIDUserAttr;
-		} else {
-			$uuidAttr = 'ldapUuidGroupAttribute';
-			$uuidOverride = $this->connection->ldapExpertUUIDGroupAttr;
-		}
-
-		if (!$force) {
-			if ($this->connection->$uuidAttr !== 'auto') {
-				return true;
-			} elseif (is_string($uuidOverride) && trim($uuidOverride) !== '') {
-				$this->connection->$uuidAttr = $uuidOverride;
-				return true;
-			}
-
-			$attribute = $this->connection->getFromCache($uuidAttr);
-			if (!$attribute === null) {
-				$this->connection->$uuidAttr = $attribute;
-				return true;
-			}
-		}
-
-		foreach (self::UUID_ATTRIBUTES as $attribute) {
-			if ($ldapRecord !== null) {
-				// we have the info from LDAP already, we don't need to talk to the server again
-				if (isset($ldapRecord[$attribute])) {
-					$this->connection->$uuidAttr = $attribute;
-					return true;
-				}
-			}
-
-			$value = $this->readAttribute($dn, $attribute);
-			if (is_array($value) && isset($value[0]) && !empty($value[0])) {
-				\OC::$server->getLogger()->debug(
-					'Setting {attribute} as {subject}',
-					[
-						'app' => 'user_ldap',
-						'attribute' => $attribute,
-						'subject' => $uuidAttr
-					]
-				);
-				$this->connection->$uuidAttr = $attribute;
-				$this->connection->writeToCache($uuidAttr, $attribute);
-				return true;
-			}
-		}
-		\OC::$server->getLogger()->debug('Could not autodetect the UUID attribute', ['app' => 'user_ldap']);
-
-		return false;
-	}
-
-	/**
-	 * @param string $dn
-	 * @param bool $isUser
-	 * @param null $ldapRecord
-	 * @return bool|string
-	 * @throws ServerNotAvailableException
-	 */
-	public function getUUID($dn, $isUser = true, $ldapRecord = null) {
-		if ($isUser) {
-			$uuidAttr = 'ldapUuidUserAttribute';
-			$uuidOverride = $this->connection->ldapExpertUUIDUserAttr;
-		} else {
-			$uuidAttr = 'ldapUuidGroupAttribute';
-			$uuidOverride = $this->connection->ldapExpertUUIDGroupAttr;
-		}
-
-		$uuid = false;
-		if ($this->detectUuidAttribute($dn, $isUser, false, $ldapRecord)) {
-			$attr = $this->connection->$uuidAttr;
-			$uuid = isset($ldapRecord[$attr]) ? $ldapRecord[$attr] : $this->readAttribute($dn, $attr);
-			if (!is_array($uuid)
-				&& $uuidOverride !== ''
-				&& $this->detectUuidAttribute($dn, $isUser, true, $ldapRecord)) {
-				$uuid = isset($ldapRecord[$this->connection->$uuidAttr])
-					? $ldapRecord[$this->connection->$uuidAttr]
-					: $this->readAttribute($dn, $this->connection->$uuidAttr);
-			}
-			if (is_array($uuid) && isset($uuid[0]) && !empty($uuid[0])) {
-				$uuid = $uuid[0];
-			}
-		}
-
-		return $uuid;
-	}
-
-	/**
-	 * converts a binary ObjectGUID into a string representation
-	 *
-	 * @param string $oguid the ObjectGUID in it's binary form as retrieved from AD
-	 * @return string
-	 * @link https://www.php.net/manual/en/function.ldap-get-values-len.php#73198
-	 */
-	private function convertObjectGUID2Str($oguid) {
-		$hex_guid = bin2hex($oguid);
-		$hex_guid_to_guid_str = '';
-		for ($k = 1; $k <= 4; ++$k) {
-			$hex_guid_to_guid_str .= substr($hex_guid, 8 - 2 * $k, 2);
-		}
-		$hex_guid_to_guid_str .= '-';
-		for ($k = 1; $k <= 2; ++$k) {
-			$hex_guid_to_guid_str .= substr($hex_guid, 12 - 2 * $k, 2);
-		}
-		$hex_guid_to_guid_str .= '-';
-		for ($k = 1; $k <= 2; ++$k) {
-			$hex_guid_to_guid_str .= substr($hex_guid, 16 - 2 * $k, 2);
-		}
-		$hex_guid_to_guid_str .= '-' . substr($hex_guid, 16, 4);
-		$hex_guid_to_guid_str .= '-' . substr($hex_guid, 20);
-
-		return strtoupper($hex_guid_to_guid_str);
-	}
-
-	/**
-	 * the first three blocks of the string-converted GUID happen to be in
-	 * reverse order. In order to use it in a filter, this needs to be
-	 * corrected. Furthermore the dashes need to be replaced and \\ preprended
-	 * to every two hax figures.
-	 *
-	 * If an invalid string is passed, it will be returned without change.
-	 *
-	 * @param string $guid
-	 * @return string
-	 */
-	public function formatGuid2ForFilterUser($guid) {
-		if (!is_string($guid)) {
-			throw new \InvalidArgumentException('String expected');
-		}
-		$blocks = explode('-', $guid);
-		if (count($blocks) !== 5) {
-			/*
+        $findings = [];
+        $savedoffset = $offset;
+        $iFoundItems = 0;
+
+        do {
+            $search = $this->executeSearch($filter, $base, $attr, $limitPerPage, $offset);
+            if ($search === false) {
+                return [];
+            }
+            list($sr, $pagedSearchOK) = $search;
+            $cr = $this->connection->getConnectionResource();
+
+            if ($skipHandling) {
+                //i.e. result do not need to be fetched, we just need the cookie
+                //thus pass 1 or any other value as $iFoundItems because it is not
+                //used
+                $this->processPagedSearchStatus($sr, 1, $limitPerPage, $pagedSearchOK, $skipHandling);
+                return [];
+            }
+
+            $findings = array_merge($findings, $this->invokeLDAPMethod('getEntries', $cr, $sr));
+            $iFoundItems = max($iFoundItems, $findings['count']);
+            unset($findings['count']);
+
+            $continue = $this->processPagedSearchStatus($sr, $iFoundItems, $limitPerPage, $pagedSearchOK, $skipHandling);
+            $offset += $limitPerPage;
+        } while ($continue && $pagedSearchOK && ($limit === null || count($findings) < $limit));
+
+        // resetting offset
+        $offset = $savedoffset;
+
+        // if we're here, probably no connection resource is returned.
+        // to make Nextcloud behave nicely, we simply give back an empty array.
+        if (is_null($findings)) {
+            return [];
+        }
+
+        if (!is_null($attr)) {
+            $selection = [];
+            $i = 0;
+            foreach ($findings as $item) {
+                if (!is_array($item)) {
+                    continue;
+                }
+                $item = \OCP\Util::mb_array_change_key_case($item, MB_CASE_LOWER, 'UTF-8');
+                foreach ($attr as $key) {
+                    if (isset($item[$key])) {
+                        if (is_array($item[$key]) && isset($item[$key]['count'])) {
+                            unset($item[$key]['count']);
+                        }
+                        if ($key !== 'dn') {
+                            if ($this->resemblesDN($key)) {
+                                $selection[$i][$key] = $this->helper->sanitizeDN($item[$key]);
+                            } elseif ($key === 'objectguid' || $key === 'guid') {
+                                $selection[$i][$key] = [$this->convertObjectGUID2Str($item[$key][0])];
+                            } else {
+                                $selection[$i][$key] = $item[$key];
+                            }
+                        } else {
+                            $selection[$i][$key] = [$this->helper->sanitizeDN($item[$key])];
+                        }
+                    }
+                }
+                $i++;
+            }
+            $findings = $selection;
+        }
+        //we slice the findings, when
+        //a) paged search unsuccessful, though attempted
+        //b) no paged search, but limit set
+        if ((!$this->getPagedSearchResultState()
+                && $pagedSearchOK)
+            || (
+                !$pagedSearchOK
+                && !is_null($limit)
+            )
+        ) {
+            $findings = array_slice($findings, (int)$offset, $limit);
+        }
+        return $findings;
+    }
+
+    /**
+     * @param string $name
+     * @return string
+     * @throws \InvalidArgumentException
+     */
+    public function sanitizeUsername($name) {
+        $name = trim($name);
+
+        if ($this->connection->ldapIgnoreNamingRules) {
+            return $name;
+        }
+
+        // Transliteration to ASCII
+        $transliterated = @iconv('UTF-8', 'ASCII//TRANSLIT', $name);
+        if ($transliterated !== false) {
+            // depending on system config iconv can work or not
+            $name = $transliterated;
+        }
+
+        // Replacements
+        $name = str_replace(' ', '_', $name);
+
+        // Every remaining disallowed characters will be removed
+        $name = preg_replace('/[^a-zA-Z0-9_.@-]/u', '', $name);
+
+        if ($name === '') {
+            throw new \InvalidArgumentException('provided name template for username does not contain any allowed characters');
+        }
+
+        return $name;
+    }
+
+    /**
+     * escapes (user provided) parts for LDAP filter
+     *
+     * @param string $input , the provided value
+     * @param bool $allowAsterisk whether in * at the beginning should be preserved
+     * @return string the escaped string
+     */
+    public function escapeFilterPart($input, $allowAsterisk = false): string {
+        $asterisk = '';
+        if ($allowAsterisk && strlen($input) > 0 && $input[0] === '*') {
+            $asterisk = '*';
+            $input = mb_substr($input, 1, null, 'UTF-8');
+        }
+        $search = ['*', '\\', '(', ')'];
+        $replace = ['\\*', '\\\\', '\\(', '\\)'];
+        return $asterisk . str_replace($search, $replace, $input);
+    }
+
+    /**
+     * combines the input filters with AND
+     *
+     * @param string[] $filters the filters to connect
+     * @return string the combined filter
+     */
+    public function combineFilterWithAnd($filters): string {
+        return $this->combineFilter($filters, '&');
+    }
+
+    /**
+     * combines the input filters with OR
+     *
+     * @param string[] $filters the filters to connect
+     * @return string the combined filter
+     * Combines Filter arguments with OR
+     */
+    public function combineFilterWithOr($filters) {
+        return $this->combineFilter($filters, '|');
+    }
+
+    /**
+     * combines the input filters with given operator
+     *
+     * @param string[] $filters the filters to connect
+     * @param string $operator either & or |
+     * @return string the combined filter
+     */
+    private function combineFilter($filters, $operator) {
+        $combinedFilter = '(' . $operator;
+        foreach ($filters as $filter) {
+            if ($filter !== '' && $filter[0] !== '(') {
+                $filter = '(' . $filter . ')';
+            }
+            $combinedFilter .= $filter;
+        }
+        $combinedFilter .= ')';
+        return $combinedFilter;
+    }
+
+    /**
+     * creates a filter part for to perform search for users
+     *
+     * @param string $search the search term
+     * @return string the final filter part to use in LDAP searches
+     */
+    public function getFilterPartForUserSearch($search) {
+        return $this->getFilterPartForSearch($search,
+            $this->connection->ldapAttributesForUserSearch,
+            $this->connection->ldapUserDisplayName);
+    }
+
+    /**
+     * creates a filter part for to perform search for groups
+     *
+     * @param string $search the search term
+     * @return string the final filter part to use in LDAP searches
+     */
+    public function getFilterPartForGroupSearch($search) {
+        return $this->getFilterPartForSearch($search,
+            $this->connection->ldapAttributesForGroupSearch,
+            $this->connection->ldapGroupDisplayName);
+    }
+
+    /**
+     * creates a filter part for searches by splitting up the given search
+     * string into single words
+     *
+     * @param string $search the search term
+     * @param string[] $searchAttributes needs to have at least two attributes,
+     * otherwise it does not make sense :)
+     * @return string the final filter part to use in LDAP searches
+     * @throws DomainException
+     */
+    private function getAdvancedFilterPartForSearch($search, $searchAttributes) {
+        if (!is_array($searchAttributes) || count($searchAttributes) < 2) {
+            throw new DomainException('searchAttributes must be an array with at least two string');
+        }
+        $searchWords = explode(' ', trim($search));
+        $wordFilters = [];
+        foreach ($searchWords as $word) {
+            $word = $this->prepareSearchTerm($word);
+            //every word needs to appear at least once
+            $wordMatchOneAttrFilters = [];
+            foreach ($searchAttributes as $attr) {
+                $wordMatchOneAttrFilters[] = $attr . '=' . $word;
+            }
+            $wordFilters[] = $this->combineFilterWithOr($wordMatchOneAttrFilters);
+        }
+        return $this->combineFilterWithAnd($wordFilters);
+    }
+
+    /**
+     * creates a filter part for searches
+     *
+     * @param string $search the search term
+     * @param string[]|null $searchAttributes
+     * @param string $fallbackAttribute a fallback attribute in case the user
+     * did not define search attributes. Typically the display name attribute.
+     * @return string the final filter part to use in LDAP searches
+     */
+    private function getFilterPartForSearch($search, $searchAttributes, $fallbackAttribute) {
+        $filter = [];
+        $haveMultiSearchAttributes = (is_array($searchAttributes) && count($searchAttributes) > 0);
+        if ($haveMultiSearchAttributes && strpos(trim($search), ' ') !== false) {
+            try {
+                return $this->getAdvancedFilterPartForSearch($search, $searchAttributes);
+            } catch (DomainException $e) {
+                // Creating advanced filter for search failed, falling back to simple method. Edge case, but valid.
+            }
+        }
+
+        $search = $this->prepareSearchTerm($search);
+        if (!is_array($searchAttributes) || count($searchAttributes) === 0) {
+            if ($fallbackAttribute === '') {
+                return '';
+            }
+            $filter[] = $fallbackAttribute . '=' . $search;
+        } else {
+            foreach ($searchAttributes as $attribute) {
+                $filter[] = $attribute . '=' . $search;
+            }
+        }
+        if (count($filter) === 1) {
+            return '(' . $filter[0] . ')';
+        }
+        return $this->combineFilterWithOr($filter);
+    }
+
+    /**
+     * returns the search term depending on whether we are allowed
+     * list users found by ldap with the current input appended by
+     * a *
+     *
+     * @return string
+     */
+    private function prepareSearchTerm($term) {
+        $config = \OC::$server->getConfig();
+
+        $allowEnum = $config->getAppValue('core', 'shareapi_allow_share_dialog_user_enumeration', 'yes');
+
+        $result = $term;
+        if ($term === '') {
+            $result = '*';
+        } elseif ($allowEnum !== 'no') {
+            $result = $term . '*';
+        }
+        return $result;
+    }
+
+    /**
+     * returns the filter used for counting users
+     *
+     * @return string
+     */
+    public function getFilterForUserCount() {
+        $filter = $this->combineFilterWithAnd([
+            $this->connection->ldapUserFilter,
+            $this->connection->ldapUserDisplayName . '=*'
+        ]);
+
+        return $filter;
+    }
+
+    /**
+     * @param string $name
+     * @param string $password
+     * @return bool
+     */
+    public function areCredentialsValid($name, $password) {
+        $name = $this->helper->DNasBaseParameter($name);
+        $testConnection = clone $this->connection;
+        $credentials = [
+            'ldapAgentName' => $name,
+            'ldapAgentPassword' => $password
+        ];
+        if (!$testConnection->setConfiguration($credentials)) {
+            return false;
+        }
+        return $testConnection->bind();
+    }
+
+    /**
+     * reverse lookup of a DN given a known UUID
+     *
+     * @param string $uuid
+     * @return string
+     * @throws \Exception
+     */
+    public function getUserDnByUuid($uuid) {
+        $uuidOverride = $this->connection->ldapExpertUUIDUserAttr;
+        $filter = $this->connection->ldapUserFilter;
+        $bases = $this->connection->ldapBaseUsers;
+
+        if ($this->connection->ldapUuidUserAttribute === 'auto' && $uuidOverride === '') {
+            // Sacrebleu! The UUID attribute is unknown :( We need first an
+            // existing DN to be able to reliably detect it.
+            foreach ($bases as $base) {
+                $result = $this->search($filter, $base, ['dn'], 1);
+                if (!isset($result[0]) || !isset($result[0]['dn'])) {
+                    continue;
+                }
+                $dn = $result[0]['dn'][0];
+                if ($hasFound = $this->detectUuidAttribute($dn, true)) {
+                    break;
+                }
+            }
+            if (!isset($hasFound) || !$hasFound) {
+                throw new \Exception('Cannot determine UUID attribute');
+            }
+        } else {
+            // The UUID attribute is either known or an override is given.
+            // By calling this method we ensure that $this->connection->$uuidAttr
+            // is definitely set
+            if (!$this->detectUuidAttribute('', true)) {
+                throw new \Exception('Cannot determine UUID attribute');
+            }
+        }
+
+        $uuidAttr = $this->connection->ldapUuidUserAttribute;
+        if ($uuidAttr === 'guid' || $uuidAttr === 'objectguid') {
+            $uuid = $this->formatGuid2ForFilterUser($uuid);
+        }
+
+        $filter = $uuidAttr . '=' . $uuid;
+        $result = $this->searchUsers($filter, ['dn'], 2);
+        if (is_array($result) && isset($result[0]) && isset($result[0]['dn']) && count($result) === 1) {
+            // we put the count into account to make sure that this is
+            // really unique
+            return $result[0]['dn'][0];
+        }
+
+        throw new \Exception('Cannot determine UUID attribute');
+    }
+
+    /**
+     * auto-detects the directory's UUID attribute
+     *
+     * @param string $dn a known DN used to check against
+     * @param bool $isUser
+     * @param bool $force the detection should be run, even if it is not set to auto
+     * @param array|null $ldapRecord
+     * @return bool true on success, false otherwise
+     * @throws ServerNotAvailableException
+     */
+    private function detectUuidAttribute($dn, $isUser = true, $force = false, array $ldapRecord = null) {
+        if ($isUser) {
+            $uuidAttr = 'ldapUuidUserAttribute';
+            $uuidOverride = $this->connection->ldapExpertUUIDUserAttr;
+        } else {
+            $uuidAttr = 'ldapUuidGroupAttribute';
+            $uuidOverride = $this->connection->ldapExpertUUIDGroupAttr;
+        }
+
+        if (!$force) {
+            if ($this->connection->$uuidAttr !== 'auto') {
+                return true;
+            } elseif (is_string($uuidOverride) && trim($uuidOverride) !== '') {
+                $this->connection->$uuidAttr = $uuidOverride;
+                return true;
+            }
+
+            $attribute = $this->connection->getFromCache($uuidAttr);
+            if (!$attribute === null) {
+                $this->connection->$uuidAttr = $attribute;
+                return true;
+            }
+        }
+
+        foreach (self::UUID_ATTRIBUTES as $attribute) {
+            if ($ldapRecord !== null) {
+                // we have the info from LDAP already, we don't need to talk to the server again
+                if (isset($ldapRecord[$attribute])) {
+                    $this->connection->$uuidAttr = $attribute;
+                    return true;
+                }
+            }
+
+            $value = $this->readAttribute($dn, $attribute);
+            if (is_array($value) && isset($value[0]) && !empty($value[0])) {
+                \OC::$server->getLogger()->debug(
+                    'Setting {attribute} as {subject}',
+                    [
+                        'app' => 'user_ldap',
+                        'attribute' => $attribute,
+                        'subject' => $uuidAttr
+                    ]
+                );
+                $this->connection->$uuidAttr = $attribute;
+                $this->connection->writeToCache($uuidAttr, $attribute);
+                return true;
+            }
+        }
+        \OC::$server->getLogger()->debug('Could not autodetect the UUID attribute', ['app' => 'user_ldap']);
+
+        return false;
+    }
+
+    /**
+     * @param string $dn
+     * @param bool $isUser
+     * @param null $ldapRecord
+     * @return bool|string
+     * @throws ServerNotAvailableException
+     */
+    public function getUUID($dn, $isUser = true, $ldapRecord = null) {
+        if ($isUser) {
+            $uuidAttr = 'ldapUuidUserAttribute';
+            $uuidOverride = $this->connection->ldapExpertUUIDUserAttr;
+        } else {
+            $uuidAttr = 'ldapUuidGroupAttribute';
+            $uuidOverride = $this->connection->ldapExpertUUIDGroupAttr;
+        }
+
+        $uuid = false;
+        if ($this->detectUuidAttribute($dn, $isUser, false, $ldapRecord)) {
+            $attr = $this->connection->$uuidAttr;
+            $uuid = isset($ldapRecord[$attr]) ? $ldapRecord[$attr] : $this->readAttribute($dn, $attr);
+            if (!is_array($uuid)
+                && $uuidOverride !== ''
+                && $this->detectUuidAttribute($dn, $isUser, true, $ldapRecord)) {
+                $uuid = isset($ldapRecord[$this->connection->$uuidAttr])
+                    ? $ldapRecord[$this->connection->$uuidAttr]
+                    : $this->readAttribute($dn, $this->connection->$uuidAttr);
+            }
+            if (is_array($uuid) && isset($uuid[0]) && !empty($uuid[0])) {
+                $uuid = $uuid[0];
+            }
+        }
+
+        return $uuid;
+    }
+
+    /**
+     * converts a binary ObjectGUID into a string representation
+     *
+     * @param string $oguid the ObjectGUID in it's binary form as retrieved from AD
+     * @return string
+     * @link https://www.php.net/manual/en/function.ldap-get-values-len.php#73198
+     */
+    private function convertObjectGUID2Str($oguid) {
+        $hex_guid = bin2hex($oguid);
+        $hex_guid_to_guid_str = '';
+        for ($k = 1; $k <= 4; ++$k) {
+            $hex_guid_to_guid_str .= substr($hex_guid, 8 - 2 * $k, 2);
+        }
+        $hex_guid_to_guid_str .= '-';
+        for ($k = 1; $k <= 2; ++$k) {
+            $hex_guid_to_guid_str .= substr($hex_guid, 12 - 2 * $k, 2);
+        }
+        $hex_guid_to_guid_str .= '-';
+        for ($k = 1; $k <= 2; ++$k) {
+            $hex_guid_to_guid_str .= substr($hex_guid, 16 - 2 * $k, 2);
+        }
+        $hex_guid_to_guid_str .= '-' . substr($hex_guid, 16, 4);
+        $hex_guid_to_guid_str .= '-' . substr($hex_guid, 20);
+
+        return strtoupper($hex_guid_to_guid_str);
+    }
+
+    /**
+     * the first three blocks of the string-converted GUID happen to be in
+     * reverse order. In order to use it in a filter, this needs to be
+     * corrected. Furthermore the dashes need to be replaced and \\ preprended
+     * to every two hax figures.
+     *
+     * If an invalid string is passed, it will be returned without change.
+     *
+     * @param string $guid
+     * @return string
+     */
+    public function formatGuid2ForFilterUser($guid) {
+        if (!is_string($guid)) {
+            throw new \InvalidArgumentException('String expected');
+        }
+        $blocks = explode('-', $guid);
+        if (count($blocks) !== 5) {
+            /*
 			 * Why not throw an Exception instead? This method is a utility
 			 * called only when trying to figure out whether a "missing" known
 			 * LDAP user was or was not renamed on the LDAP server. And this
@@ -1831,246 +1831,246 @@  discard block
 block discarded – undo
 			 * an exception here would kill the experience for a valid, acting
 			 * user. Instead we write a log message.
 			 */
-			\OC::$server->getLogger()->info(
-				'Passed string does not resemble a valid GUID. Known UUID ' .
-				'({uuid}) probably does not match UUID configuration.',
-				['app' => 'user_ldap', 'uuid' => $guid]
-			);
-			return $guid;
-		}
-		for ($i = 0; $i < 3; $i++) {
-			$pairs = str_split($blocks[$i], 2);
-			$pairs = array_reverse($pairs);
-			$blocks[$i] = implode('', $pairs);
-		}
-		for ($i = 0; $i < 5; $i++) {
-			$pairs = str_split($blocks[$i], 2);
-			$blocks[$i] = '\\' . implode('\\', $pairs);
-		}
-		return implode('', $blocks);
-	}
-
-	/**
-	 * gets a SID of the domain of the given dn
-	 *
-	 * @param string $dn
-	 * @return string|bool
-	 * @throws ServerNotAvailableException
-	 */
-	public function getSID($dn) {
-		$domainDN = $this->getDomainDNFromDN($dn);
-		$cacheKey = 'getSID-' . $domainDN;
-		$sid = $this->connection->getFromCache($cacheKey);
-		if (!is_null($sid)) {
-			return $sid;
-		}
-
-		$objectSid = $this->readAttribute($domainDN, 'objectsid');
-		if (!is_array($objectSid) || empty($objectSid)) {
-			$this->connection->writeToCache($cacheKey, false);
-			return false;
-		}
-		$domainObjectSid = $this->convertSID2Str($objectSid[0]);
-		$this->connection->writeToCache($cacheKey, $domainObjectSid);
-
-		return $domainObjectSid;
-	}
-
-	/**
-	 * converts a binary SID into a string representation
-	 *
-	 * @param string $sid
-	 * @return string
-	 */
-	public function convertSID2Str($sid) {
-		// The format of a SID binary string is as follows:
-		// 1 byte for the revision level
-		// 1 byte for the number n of variable sub-ids
-		// 6 bytes for identifier authority value
-		// n*4 bytes for n sub-ids
-		//
-		// Example: 010400000000000515000000a681e50e4d6c6c2bca32055f
-		//  Legend: RRNNAAAAAAAAAAAA11111111222222223333333344444444
-		$revision = ord($sid[0]);
-		$numberSubID = ord($sid[1]);
-
-		$subIdStart = 8; // 1 + 1 + 6
-		$subIdLength = 4;
-		if (strlen($sid) !== $subIdStart + $subIdLength * $numberSubID) {
-			// Incorrect number of bytes present.
-			return '';
-		}
-
-		// 6 bytes = 48 bits can be represented using floats without loss of
-		// precision (see https://gist.github.com/bantu/886ac680b0aef5812f71)
-		$iav = number_format(hexdec(bin2hex(substr($sid, 2, 6))), 0, '', '');
-
-		$subIDs = [];
-		for ($i = 0; $i < $numberSubID; $i++) {
-			$subID = unpack('V', substr($sid, $subIdStart + $subIdLength * $i, $subIdLength));
-			$subIDs[] = sprintf('%u', $subID[1]);
-		}
-
-		// Result for example above: S-1-5-21-249921958-728525901-1594176202
-		return sprintf('S-%d-%s-%s', $revision, $iav, implode('-', $subIDs));
-	}
-
-	/**
-	 * checks if the given DN is part of the given base DN(s)
-	 *
-	 * @param string $dn the DN
-	 * @param string[] $bases array containing the allowed base DN or DNs
-	 * @return bool
-	 */
-	public function isDNPartOfBase($dn, $bases) {
-		$belongsToBase = false;
-		$bases = $this->helper->sanitizeDN($bases);
-
-		foreach ($bases as $base) {
-			$belongsToBase = true;
-			if (mb_strripos($dn, $base, 0, 'UTF-8') !== (mb_strlen($dn, 'UTF-8') - mb_strlen($base, 'UTF-8'))) {
-				$belongsToBase = false;
-			}
-			if ($belongsToBase) {
-				break;
-			}
-		}
-		return $belongsToBase;
-	}
-
-	/**
-	 * resets a running Paged Search operation
-	 *
-	 * @throws ServerNotAvailableException
-	 */
-	private function abandonPagedSearch() {
-		if ($this->lastCookie === '') {
-			return;
-		}
-		$cr = $this->connection->getConnectionResource();
-		$this->invokeLDAPMethod('controlPagedResult', $cr, 0, false);
-		$this->getPagedSearchResultState();
-		$this->lastCookie = '';
-	}
-
-	/**
-	 * checks whether an LDAP paged search operation has more pages that can be
-	 * retrieved, typically when offset and limit are provided.
-	 *
-	 * Be very careful to use it: the last cookie value, which is inspected, can
-	 * be reset by other operations. Best, call it immediately after a search(),
-	 * searchUsers() or searchGroups() call. count-methods are probably safe as
-	 * well. Don't rely on it with any fetchList-method.
-	 *
-	 * @return bool
-	 */
-	public function hasMoreResults() {
-		if (empty($this->lastCookie) && $this->lastCookie !== '0') {
-			// as in RFC 2696, when all results are returned, the cookie will
-			// be empty.
-			return false;
-		}
-
-		return true;
-	}
-
-	/**
-	 * Check whether the most recent paged search was successful. It flushed the state var. Use it always after a possible paged search.
-	 *
-	 * @return boolean|null true on success, null or false otherwise
-	 */
-	public function getPagedSearchResultState() {
-		$result = $this->pagedSearchedSuccessful;
-		$this->pagedSearchedSuccessful = null;
-		return $result;
-	}
-
-	/**
-	 * Prepares a paged search, if possible
-	 *
-	 * @param string $filter the LDAP filter for the search
-	 * @param string[] $bases an array containing the LDAP subtree(s) that shall be searched
-	 * @param string[] $attr optional, when a certain attribute shall be filtered outside
-	 * @param int $limit
-	 * @param int $offset
-	 * @return bool|true
-	 * @throws ServerNotAvailableException
-	 */
-	private function initPagedSearch(
-		string $filter,
-		string $base,
-		?array $attr,
-		int $limit,
-		int $offset
-	): bool {
-		$pagedSearchOK = false;
-		if ($limit !== 0) {
-			\OC::$server->getLogger()->debug(
-				'initializing paged search for filter {filter}, base {base}, attr {attr}, limit {limit}, offset {offset}',
-				[
-					'app' => 'user_ldap',
-					'filter' => $filter,
-					'base' => $base,
-					'attr' => $attr,
-					'limit' => $limit,
-					'offset' => $offset
-				]
-			);
-			//get the cookie from the search for the previous search, required by LDAP
-			if (empty($this->lastCookie) && $this->lastCookie !== "0" && ($offset > 0)) {
-				// no cookie known from a potential previous search. We need
-				// to start from 0 to come to the desired page. cookie value
-				// of '0' is valid, because 389ds
-				$reOffset = ($offset - $limit) < 0 ? 0 : $offset - $limit;
-				$this->search($filter, $base, $attr, $limit, $reOffset, true);
-				if (!$this->hasMoreResults()) {
-					// when the cookie is reset with != 0 offset, there are no further
-					// results, so stop.
-					return false;
-				}
-			}
-			if ($this->lastCookie !== '' && $offset === 0) {
-				//since offset = 0, this is a new search. We abandon other searches that might be ongoing.
-				$this->abandonPagedSearch();
-			}
-			$pagedSearchOK = true === $this->invokeLDAPMethod(
-					'controlPagedResult', $this->connection->getConnectionResource(), $limit, false
-				);
-			if ($pagedSearchOK) {
-				\OC::$server->getLogger()->debug('Ready for a paged search', ['app' => 'user_ldap']);
-			}
-			/* ++ Fixing RHDS searches with pages with zero results ++
+            \OC::$server->getLogger()->info(
+                'Passed string does not resemble a valid GUID. Known UUID ' .
+                '({uuid}) probably does not match UUID configuration.',
+                ['app' => 'user_ldap', 'uuid' => $guid]
+            );
+            return $guid;
+        }
+        for ($i = 0; $i < 3; $i++) {
+            $pairs = str_split($blocks[$i], 2);
+            $pairs = array_reverse($pairs);
+            $blocks[$i] = implode('', $pairs);
+        }
+        for ($i = 0; $i < 5; $i++) {
+            $pairs = str_split($blocks[$i], 2);
+            $blocks[$i] = '\\' . implode('\\', $pairs);
+        }
+        return implode('', $blocks);
+    }
+
+    /**
+     * gets a SID of the domain of the given dn
+     *
+     * @param string $dn
+     * @return string|bool
+     * @throws ServerNotAvailableException
+     */
+    public function getSID($dn) {
+        $domainDN = $this->getDomainDNFromDN($dn);
+        $cacheKey = 'getSID-' . $domainDN;
+        $sid = $this->connection->getFromCache($cacheKey);
+        if (!is_null($sid)) {
+            return $sid;
+        }
+
+        $objectSid = $this->readAttribute($domainDN, 'objectsid');
+        if (!is_array($objectSid) || empty($objectSid)) {
+            $this->connection->writeToCache($cacheKey, false);
+            return false;
+        }
+        $domainObjectSid = $this->convertSID2Str($objectSid[0]);
+        $this->connection->writeToCache($cacheKey, $domainObjectSid);
+
+        return $domainObjectSid;
+    }
+
+    /**
+     * converts a binary SID into a string representation
+     *
+     * @param string $sid
+     * @return string
+     */
+    public function convertSID2Str($sid) {
+        // The format of a SID binary string is as follows:
+        // 1 byte for the revision level
+        // 1 byte for the number n of variable sub-ids
+        // 6 bytes for identifier authority value
+        // n*4 bytes for n sub-ids
+        //
+        // Example: 010400000000000515000000a681e50e4d6c6c2bca32055f
+        //  Legend: RRNNAAAAAAAAAAAA11111111222222223333333344444444
+        $revision = ord($sid[0]);
+        $numberSubID = ord($sid[1]);
+
+        $subIdStart = 8; // 1 + 1 + 6
+        $subIdLength = 4;
+        if (strlen($sid) !== $subIdStart + $subIdLength * $numberSubID) {
+            // Incorrect number of bytes present.
+            return '';
+        }
+
+        // 6 bytes = 48 bits can be represented using floats without loss of
+        // precision (see https://gist.github.com/bantu/886ac680b0aef5812f71)
+        $iav = number_format(hexdec(bin2hex(substr($sid, 2, 6))), 0, '', '');
+
+        $subIDs = [];
+        for ($i = 0; $i < $numberSubID; $i++) {
+            $subID = unpack('V', substr($sid, $subIdStart + $subIdLength * $i, $subIdLength));
+            $subIDs[] = sprintf('%u', $subID[1]);
+        }
+
+        // Result for example above: S-1-5-21-249921958-728525901-1594176202
+        return sprintf('S-%d-%s-%s', $revision, $iav, implode('-', $subIDs));
+    }
+
+    /**
+     * checks if the given DN is part of the given base DN(s)
+     *
+     * @param string $dn the DN
+     * @param string[] $bases array containing the allowed base DN or DNs
+     * @return bool
+     */
+    public function isDNPartOfBase($dn, $bases) {
+        $belongsToBase = false;
+        $bases = $this->helper->sanitizeDN($bases);
+
+        foreach ($bases as $base) {
+            $belongsToBase = true;
+            if (mb_strripos($dn, $base, 0, 'UTF-8') !== (mb_strlen($dn, 'UTF-8') - mb_strlen($base, 'UTF-8'))) {
+                $belongsToBase = false;
+            }
+            if ($belongsToBase) {
+                break;
+            }
+        }
+        return $belongsToBase;
+    }
+
+    /**
+     * resets a running Paged Search operation
+     *
+     * @throws ServerNotAvailableException
+     */
+    private function abandonPagedSearch() {
+        if ($this->lastCookie === '') {
+            return;
+        }
+        $cr = $this->connection->getConnectionResource();
+        $this->invokeLDAPMethod('controlPagedResult', $cr, 0, false);
+        $this->getPagedSearchResultState();
+        $this->lastCookie = '';
+    }
+
+    /**
+     * checks whether an LDAP paged search operation has more pages that can be
+     * retrieved, typically when offset and limit are provided.
+     *
+     * Be very careful to use it: the last cookie value, which is inspected, can
+     * be reset by other operations. Best, call it immediately after a search(),
+     * searchUsers() or searchGroups() call. count-methods are probably safe as
+     * well. Don't rely on it with any fetchList-method.
+     *
+     * @return bool
+     */
+    public function hasMoreResults() {
+        if (empty($this->lastCookie) && $this->lastCookie !== '0') {
+            // as in RFC 2696, when all results are returned, the cookie will
+            // be empty.
+            return false;
+        }
+
+        return true;
+    }
+
+    /**
+     * Check whether the most recent paged search was successful. It flushed the state var. Use it always after a possible paged search.
+     *
+     * @return boolean|null true on success, null or false otherwise
+     */
+    public function getPagedSearchResultState() {
+        $result = $this->pagedSearchedSuccessful;
+        $this->pagedSearchedSuccessful = null;
+        return $result;
+    }
+
+    /**
+     * Prepares a paged search, if possible
+     *
+     * @param string $filter the LDAP filter for the search
+     * @param string[] $bases an array containing the LDAP subtree(s) that shall be searched
+     * @param string[] $attr optional, when a certain attribute shall be filtered outside
+     * @param int $limit
+     * @param int $offset
+     * @return bool|true
+     * @throws ServerNotAvailableException
+     */
+    private function initPagedSearch(
+        string $filter,
+        string $base,
+        ?array $attr,
+        int $limit,
+        int $offset
+    ): bool {
+        $pagedSearchOK = false;
+        if ($limit !== 0) {
+            \OC::$server->getLogger()->debug(
+                'initializing paged search for filter {filter}, base {base}, attr {attr}, limit {limit}, offset {offset}',
+                [
+                    'app' => 'user_ldap',
+                    'filter' => $filter,
+                    'base' => $base,
+                    'attr' => $attr,
+                    'limit' => $limit,
+                    'offset' => $offset
+                ]
+            );
+            //get the cookie from the search for the previous search, required by LDAP
+            if (empty($this->lastCookie) && $this->lastCookie !== "0" && ($offset > 0)) {
+                // no cookie known from a potential previous search. We need
+                // to start from 0 to come to the desired page. cookie value
+                // of '0' is valid, because 389ds
+                $reOffset = ($offset - $limit) < 0 ? 0 : $offset - $limit;
+                $this->search($filter, $base, $attr, $limit, $reOffset, true);
+                if (!$this->hasMoreResults()) {
+                    // when the cookie is reset with != 0 offset, there are no further
+                    // results, so stop.
+                    return false;
+                }
+            }
+            if ($this->lastCookie !== '' && $offset === 0) {
+                //since offset = 0, this is a new search. We abandon other searches that might be ongoing.
+                $this->abandonPagedSearch();
+            }
+            $pagedSearchOK = true === $this->invokeLDAPMethod(
+                    'controlPagedResult', $this->connection->getConnectionResource(), $limit, false
+                );
+            if ($pagedSearchOK) {
+                \OC::$server->getLogger()->debug('Ready for a paged search', ['app' => 'user_ldap']);
+            }
+            /* ++ Fixing RHDS searches with pages with zero results ++
 			 * We coudn't get paged searches working with our RHDS for login ($limit = 0),
 			 * due to pages with zero results.
 			 * So we added "&& !empty($this->lastCookie)" to this test to ignore pagination
 			 * if we don't have a previous paged search.
 			 */
-		} elseif ($limit === 0 && !empty($this->lastCookie)) {
-			// a search without limit was requested. However, if we do use
-			// Paged Search once, we always must do it. This requires us to
-			// initialize it with the configured page size.
-			$this->abandonPagedSearch();
-			// in case someone set it to 0 … use 500, otherwise no results will
-			// be returned.
-			$pageSize = (int)$this->connection->ldapPagingSize > 0 ? (int)$this->connection->ldapPagingSize : 500;
-			$pagedSearchOK = $this->invokeLDAPMethod('controlPagedResult',
-				$this->connection->getConnectionResource(),
-				$pageSize, false);
-		}
-
-		return $pagedSearchOK;
-	}
-
-	/**
-	 * Is more than one $attr used for search?
-	 *
-	 * @param string|string[]|null $attr
-	 * @return bool
-	 */
-	private function manyAttributes($attr): bool {
-		if (\is_array($attr)) {
-			return \count($attr) > 1;
-		}
-		return false;
-	}
+        } elseif ($limit === 0 && !empty($this->lastCookie)) {
+            // a search without limit was requested. However, if we do use
+            // Paged Search once, we always must do it. This requires us to
+            // initialize it with the configured page size.
+            $this->abandonPagedSearch();
+            // in case someone set it to 0 … use 500, otherwise no results will
+            // be returned.
+            $pageSize = (int)$this->connection->ldapPagingSize > 0 ? (int)$this->connection->ldapPagingSize : 500;
+            $pagedSearchOK = $this->invokeLDAPMethod('controlPagedResult',
+                $this->connection->getConnectionResource(),
+                $pageSize, false);
+        }
+
+        return $pagedSearchOK;
+    }
+
+    /**
+     * Is more than one $attr used for search?
+     *
+     * @param string|string[]|null $attr
+     * @return bool
+     */
+    private function manyAttributes($attr): bool {
+        if (\is_array($attr)) {
+            return \count($attr) > 1;
+        }
+        return false;
+    }
 }

Please login to merge, or discard this patch.

apps/user_ldap/lib/LDAP.php 1 patch

Indentation +383 added lines, -383 removed lines patch added patch discarded remove patch

@@ -39,387 +39,387 @@
 block discarded – undo
 use OCA\User_LDAP\PagedResults\Php73;
 
 class LDAP implements ILDAPWrapper {
-	protected $curFunc = '';
-	protected $curArgs = [];
-
-	/** @var IAdapter */
-	protected $pagedResultsAdapter;
-
-	public function __construct() {
-		if (version_compare(PHP_VERSION, '7.3', '<') === true) {
-			$this->pagedResultsAdapter = new Php54();
-		} else {
-			$this->pagedResultsAdapter = new Php73();
-		}
-	}
-
-	/**
-	 * @param resource $link
-	 * @param string $dn
-	 * @param string $password
-	 * @return bool|mixed
-	 */
-	public function bind($link, $dn, $password) {
-		return $this->invokeLDAPMethod('bind', $link, $dn, $password);
-	}
-
-	/**
-	 * @param string $host
-	 * @param string $port
-	 * @return mixed
-	 */
-	public function connect($host, $port) {
-		if (strpos($host, '://') === false) {
-			$host = 'ldap://' . $host;
-		}
-		if (strpos($host, ':', strpos($host, '://') + 1) === false) {
-			//ldap_connect ignores port parameter when URLs are passed
-			$host .= ':' . $port;
-		}
-		return $this->invokeLDAPMethod('connect', $host);
-	}
-
-	public function controlPagedResultResponse($link, $result, &$cookie): bool {
-		$this->preFunctionCall(
-			$this->pagedResultsAdapter->getResponseCallFunc(),
-			$this->pagedResultsAdapter->getResponseCallArgs([$link, $result, &$cookie])
-		);
-
-		$result = $this->pagedResultsAdapter->responseCall($link);
-		$cookie = $this->pagedResultsAdapter->getCookie($link);
-
-		if ($this->isResultFalse($result)) {
-			$this->postFunctionCall();
-		}
-
-		return $result;
-	}
-
-	/**
-	 * @param LDAP $link
-	 * @param int $pageSize
-	 * @param bool $isCritical
-	 * @return mixed|true
-	 */
-	public function controlPagedResult($link, $pageSize, $isCritical) {
-		$fn = $this->pagedResultsAdapter->getRequestCallFunc();
-		$this->pagedResultsAdapter->setRequestParameters($link, $pageSize, $isCritical);
-		if ($fn === null) {
-			return true;
-		}
-
-		$this->preFunctionCall($fn, $this->pagedResultsAdapter->getRequestCallArgs($link));
-		$result = $this->pagedResultsAdapter->requestCall($link);
-
-		if ($this->isResultFalse($result)) {
-			$this->postFunctionCall();
-		}
-
-		return $result;
-	}
-
-	/**
-	 * @param LDAP $link
-	 * @param LDAP $result
-	 * @return mixed
-	 */
-	public function countEntries($link, $result) {
-		return $this->invokeLDAPMethod('count_entries', $link, $result);
-	}
-
-	/**
-	 * @param LDAP $link
-	 * @return integer
-	 */
-	public function errno($link) {
-		return $this->invokeLDAPMethod('errno', $link);
-	}
-
-	/**
-	 * @param LDAP $link
-	 * @return string
-	 */
-	public function error($link) {
-		return $this->invokeLDAPMethod('error', $link);
-	}
-
-	/**
-	 * Splits DN into its component parts
-	 * @param string $dn
-	 * @param int @withAttrib
-	 * @return array|false
-	 * @link https://www.php.net/manual/en/function.ldap-explode-dn.php
-	 */
-	public function explodeDN($dn, $withAttrib) {
-		return $this->invokeLDAPMethod('explode_dn', $dn, $withAttrib);
-	}
-
-	/**
-	 * @param LDAP $link
-	 * @param LDAP $result
-	 * @return mixed
-	 */
-	public function firstEntry($link, $result) {
-		return $this->invokeLDAPMethod('first_entry', $link, $result);
-	}
-
-	/**
-	 * @param LDAP $link
-	 * @param LDAP $result
-	 * @return array|mixed
-	 */
-	public function getAttributes($link, $result) {
-		return $this->invokeLDAPMethod('get_attributes', $link, $result);
-	}
-
-	/**
-	 * @param LDAP $link
-	 * @param LDAP $result
-	 * @return mixed|string
-	 */
-	public function getDN($link, $result) {
-		return $this->invokeLDAPMethod('get_dn', $link, $result);
-	}
-
-	/**
-	 * @param LDAP $link
-	 * @param LDAP $result
-	 * @return array|mixed
-	 */
-	public function getEntries($link, $result) {
-		return $this->invokeLDAPMethod('get_entries', $link, $result);
-	}
-
-	/**
-	 * @param LDAP $link
-	 * @param resource $result
-	 * @return mixed
-	 */
-	public function nextEntry($link, $result) {
-		return $this->invokeLDAPMethod('next_entry', $link, $result);
-	}
-
-	/**
-	 * @param LDAP $link
-	 * @param string $baseDN
-	 * @param string $filter
-	 * @param array $attr
-	 * @return mixed
-	 */
-	public function read($link, $baseDN, $filter, $attr) {
-		$this->pagedResultsAdapter->setReadArgs($link, $baseDN, $filter, $attr);
-		return $this->invokeLDAPMethod('read', ...$this->pagedResultsAdapter->getReadArgs($link));
-	}
-
-	/**
-	 * @param LDAP $link
-	 * @param string[] $baseDN
-	 * @param string $filter
-	 * @param array $attr
-	 * @param int $attrsOnly
-	 * @param int $limit
-	 * @return mixed
-	 * @throws \Exception
-	 */
-	public function search($link, $baseDN, $filter, $attr, $attrsOnly = 0, $limit = 0) {
-		$oldHandler = set_error_handler(function ($no, $message, $file, $line) use (&$oldHandler) {
-			if (strpos($message, 'Partial search results returned: Sizelimit exceeded') !== false) {
-				return true;
-			}
-			$oldHandler($no, $message, $file, $line);
-			return true;
-		});
-		try {
-			$this->pagedResultsAdapter->setSearchArgs($link, $baseDN, $filter, $attr, $attrsOnly, $limit);
-			$result = $this->invokeLDAPMethod('search', ...$this->pagedResultsAdapter->getSearchArgs($link));
-
-			restore_error_handler();
-			return $result;
-		} catch (\Exception $e) {
-			restore_error_handler();
-			throw $e;
-		}
-	}
-
-	/**
-	 * @param LDAP $link
-	 * @param string $userDN
-	 * @param string $password
-	 * @return bool
-	 */
-	public function modReplace($link, $userDN, $password) {
-		return $this->invokeLDAPMethod('mod_replace', $link, $userDN, ['userPassword' => $password]);
-	}
-
-	/**
-	 * @param LDAP $link
-	 * @param string $userDN
-	 * @param string $oldPassword
-	 * @param string $password
-	 * @return bool
-	 */
-	public function exopPasswd($link, $userDN, $oldPassword, $password) {
-		return $this->invokeLDAPMethod('exop_passwd', $link, $userDN, $oldPassword, $password);
-	}
-
-	/**
-	 * @param LDAP $link
-	 * @param string $option
-	 * @param int $value
-	 * @return bool|mixed
-	 */
-	public function setOption($link, $option, $value) {
-		return $this->invokeLDAPMethod('set_option', $link, $option, $value);
-	}
-
-	/**
-	 * @param LDAP $link
-	 * @return mixed|true
-	 */
-	public function startTls($link) {
-		return $this->invokeLDAPMethod('start_tls', $link);
-	}
-
-	/**
-	 * @param resource $link
-	 * @return bool|mixed
-	 */
-	public function unbind($link) {
-		return $this->invokeLDAPMethod('unbind', $link);
-	}
-
-	/**
-	 * Checks whether the server supports LDAP
-	 * @return boolean if it the case, false otherwise
-	 * */
-	public function areLDAPFunctionsAvailable() {
-		return function_exists('ldap_connect');
-	}
-
-	/**
-	 * Checks whether the submitted parameter is a resource
-	 * @param Resource $resource the resource variable to check
-	 * @return bool true if it is a resource, false otherwise
-	 */
-	public function isResource($resource) {
-		return is_resource($resource);
-	}
-
-	/**
-	 * Checks whether the return value from LDAP is wrong or not.
-	 *
-	 * When using ldap_search we provide an array, in case multiple bases are
-	 * configured. Thus, we need to check the array elements.
-	 *
-	 * @param $result
-	 * @return bool
-	 */
-	protected function isResultFalse($result) {
-		if ($result === false) {
-			return true;
-		}
-
-		if ($this->curFunc === 'ldap_search' && is_array($result)) {
-			foreach ($result as $singleResult) {
-				if ($singleResult === false) {
-					return true;
-				}
-			}
-		}
-
-		return false;
-	}
-
-	/**
-	 * @return mixed
-	 */
-	protected function invokeLDAPMethod() {
-		$arguments = func_get_args();
-		$func = 'ldap_' . array_shift($arguments);
-		if (function_exists($func)) {
-			$this->preFunctionCall($func, $arguments);
-			$result = call_user_func_array($func, $arguments);
-			if ($this->isResultFalse($result)) {
-				$this->postFunctionCall();
-			}
-			return $result;
-		}
-		return null;
-	}
-
-	/**
-	 * @param string $functionName
-	 * @param array $args
-	 */
-	private function preFunctionCall($functionName, $args) {
-		$this->curFunc = $functionName;
-		$this->curArgs = $args;
-	}
-
-	/**
-	 * Analyzes the returned LDAP error and acts accordingly if not 0
-	 *
-	 * @param resource $resource the LDAP Connection resource
-	 * @throws ConstraintViolationException
-	 * @throws ServerNotAvailableException
-	 * @throws \Exception
-	 */
-	private function processLDAPError($resource) {
-		$errorCode = ldap_errno($resource);
-		if ($errorCode === 0) {
-			return;
-		}
-		$errorMsg = ldap_error($resource);
-
-		if ($this->curFunc === 'ldap_get_entries'
-			&& $errorCode === -4) {
-		} elseif ($errorCode === 32) {
-			//for now
-		} elseif ($errorCode === 10) {
-			//referrals, we switch them off, but then there is AD :)
-		} elseif ($errorCode === -1) {
-			throw new ServerNotAvailableException('Lost connection to LDAP server.');
-		} elseif ($errorCode === 52) {
-			throw new ServerNotAvailableException('LDAP server is shutting down.');
-		} elseif ($errorCode === 48) {
-			throw new \Exception('LDAP authentication method rejected', $errorCode);
-		} elseif ($errorCode === 1) {
-			throw new \Exception('LDAP Operations error', $errorCode);
-		} elseif ($errorCode === 19) {
-			ldap_get_option($this->curArgs[0], LDAP_OPT_ERROR_STRING, $extended_error);
-			throw new ConstraintViolationException(!empty($extended_error)?$extended_error:$errorMsg, $errorCode);
-		} else {
-			\OC::$server->getLogger()->debug('LDAP error {message} ({code}) after calling {func}', [
-				'app' => 'user_ldap',
-				'message' => $errorMsg,
-				'code' => $errorCode,
-				'func' => $this->curFunc,
-			]);
-		}
-	}
-
-	/**
-	 * Called after an ldap method is run to act on LDAP error if necessary
-	 * @throw \Exception
-	 */
-	private function postFunctionCall() {
-		if ($this->isResource($this->curArgs[0])) {
-			$resource = $this->curArgs[0];
-		} elseif (
-			   $this->curFunc === 'ldap_search'
-			&& is_array($this->curArgs[0])
-			&& $this->isResource($this->curArgs[0][0])
-		) {
-			// we use always the same LDAP connection resource, is enough to
-			// take the first one.
-			$resource = $this->curArgs[0][0];
-		} else {
-			return;
-		}
-
-		$this->processLDAPError($resource);
-
-		$this->curFunc = '';
-		$this->curArgs = [];
-	}
+    protected $curFunc = '';
+    protected $curArgs = [];
+
+    /** @var IAdapter */
+    protected $pagedResultsAdapter;
+
+    public function __construct() {
+        if (version_compare(PHP_VERSION, '7.3', '<') === true) {
+            $this->pagedResultsAdapter = new Php54();
+        } else {
+            $this->pagedResultsAdapter = new Php73();
+        }
+    }
+
+    /**
+     * @param resource $link
+     * @param string $dn
+     * @param string $password
+     * @return bool|mixed
+     */
+    public function bind($link, $dn, $password) {
+        return $this->invokeLDAPMethod('bind', $link, $dn, $password);
+    }
+
+    /**
+     * @param string $host
+     * @param string $port
+     * @return mixed
+     */
+    public function connect($host, $port) {
+        if (strpos($host, '://') === false) {
+            $host = 'ldap://' . $host;
+        }
+        if (strpos($host, ':', strpos($host, '://') + 1) === false) {
+            //ldap_connect ignores port parameter when URLs are passed
+            $host .= ':' . $port;
+        }
+        return $this->invokeLDAPMethod('connect', $host);
+    }
+
+    public function controlPagedResultResponse($link, $result, &$cookie): bool {
+        $this->preFunctionCall(
+            $this->pagedResultsAdapter->getResponseCallFunc(),
+            $this->pagedResultsAdapter->getResponseCallArgs([$link, $result, &$cookie])
+        );
+
+        $result = $this->pagedResultsAdapter->responseCall($link);
+        $cookie = $this->pagedResultsAdapter->getCookie($link);
+
+        if ($this->isResultFalse($result)) {
+            $this->postFunctionCall();
+        }
+
+        return $result;
+    }
+
+    /**
+     * @param LDAP $link
+     * @param int $pageSize
+     * @param bool $isCritical
+     * @return mixed|true
+     */
+    public function controlPagedResult($link, $pageSize, $isCritical) {
+        $fn = $this->pagedResultsAdapter->getRequestCallFunc();
+        $this->pagedResultsAdapter->setRequestParameters($link, $pageSize, $isCritical);
+        if ($fn === null) {
+            return true;
+        }
+
+        $this->preFunctionCall($fn, $this->pagedResultsAdapter->getRequestCallArgs($link));
+        $result = $this->pagedResultsAdapter->requestCall($link);
+
+        if ($this->isResultFalse($result)) {
+            $this->postFunctionCall();
+        }
+
+        return $result;
+    }
+
+    /**
+     * @param LDAP $link
+     * @param LDAP $result
+     * @return mixed
+     */
+    public function countEntries($link, $result) {
+        return $this->invokeLDAPMethod('count_entries', $link, $result);
+    }
+
+    /**
+     * @param LDAP $link
+     * @return integer
+     */
+    public function errno($link) {
+        return $this->invokeLDAPMethod('errno', $link);
+    }
+
+    /**
+     * @param LDAP $link
+     * @return string
+     */
+    public function error($link) {
+        return $this->invokeLDAPMethod('error', $link);
+    }
+
+    /**
+     * Splits DN into its component parts
+     * @param string $dn
+     * @param int @withAttrib
+     * @return array|false
+     * @link https://www.php.net/manual/en/function.ldap-explode-dn.php
+     */
+    public function explodeDN($dn, $withAttrib) {
+        return $this->invokeLDAPMethod('explode_dn', $dn, $withAttrib);
+    }
+
+    /**
+     * @param LDAP $link
+     * @param LDAP $result
+     * @return mixed
+     */
+    public function firstEntry($link, $result) {
+        return $this->invokeLDAPMethod('first_entry', $link, $result);
+    }
+
+    /**
+     * @param LDAP $link
+     * @param LDAP $result
+     * @return array|mixed
+     */
+    public function getAttributes($link, $result) {
+        return $this->invokeLDAPMethod('get_attributes', $link, $result);
+    }
+
+    /**
+     * @param LDAP $link
+     * @param LDAP $result
+     * @return mixed|string
+     */
+    public function getDN($link, $result) {
+        return $this->invokeLDAPMethod('get_dn', $link, $result);
+    }
+
+    /**
+     * @param LDAP $link
+     * @param LDAP $result
+     * @return array|mixed
+     */
+    public function getEntries($link, $result) {
+        return $this->invokeLDAPMethod('get_entries', $link, $result);
+    }
+
+    /**
+     * @param LDAP $link
+     * @param resource $result
+     * @return mixed
+     */
+    public function nextEntry($link, $result) {
+        return $this->invokeLDAPMethod('next_entry', $link, $result);
+    }
+
+    /**
+     * @param LDAP $link
+     * @param string $baseDN
+     * @param string $filter
+     * @param array $attr
+     * @return mixed
+     */
+    public function read($link, $baseDN, $filter, $attr) {
+        $this->pagedResultsAdapter->setReadArgs($link, $baseDN, $filter, $attr);
+        return $this->invokeLDAPMethod('read', ...$this->pagedResultsAdapter->getReadArgs($link));
+    }
+
+    /**
+     * @param LDAP $link
+     * @param string[] $baseDN
+     * @param string $filter
+     * @param array $attr
+     * @param int $attrsOnly
+     * @param int $limit
+     * @return mixed
+     * @throws \Exception
+     */
+    public function search($link, $baseDN, $filter, $attr, $attrsOnly = 0, $limit = 0) {
+        $oldHandler = set_error_handler(function ($no, $message, $file, $line) use (&$oldHandler) {
+            if (strpos($message, 'Partial search results returned: Sizelimit exceeded') !== false) {
+                return true;
+            }
+            $oldHandler($no, $message, $file, $line);
+            return true;
+        });
+        try {
+            $this->pagedResultsAdapter->setSearchArgs($link, $baseDN, $filter, $attr, $attrsOnly, $limit);
+            $result = $this->invokeLDAPMethod('search', ...$this->pagedResultsAdapter->getSearchArgs($link));
+
+            restore_error_handler();
+            return $result;
+        } catch (\Exception $e) {
+            restore_error_handler();
+            throw $e;
+        }
+    }
+
+    /**
+     * @param LDAP $link
+     * @param string $userDN
+     * @param string $password
+     * @return bool
+     */
+    public function modReplace($link, $userDN, $password) {
+        return $this->invokeLDAPMethod('mod_replace', $link, $userDN, ['userPassword' => $password]);
+    }
+
+    /**
+     * @param LDAP $link
+     * @param string $userDN
+     * @param string $oldPassword
+     * @param string $password
+     * @return bool
+     */
+    public function exopPasswd($link, $userDN, $oldPassword, $password) {
+        return $this->invokeLDAPMethod('exop_passwd', $link, $userDN, $oldPassword, $password);
+    }
+
+    /**
+     * @param LDAP $link
+     * @param string $option
+     * @param int $value
+     * @return bool|mixed
+     */
+    public function setOption($link, $option, $value) {
+        return $this->invokeLDAPMethod('set_option', $link, $option, $value);
+    }
+
+    /**
+     * @param LDAP $link
+     * @return mixed|true
+     */
+    public function startTls($link) {
+        return $this->invokeLDAPMethod('start_tls', $link);
+    }
+
+    /**
+     * @param resource $link
+     * @return bool|mixed
+     */
+    public function unbind($link) {
+        return $this->invokeLDAPMethod('unbind', $link);
+    }
+
+    /**
+     * Checks whether the server supports LDAP
+     * @return boolean if it the case, false otherwise
+     * */
+    public function areLDAPFunctionsAvailable() {
+        return function_exists('ldap_connect');
+    }
+
+    /**
+     * Checks whether the submitted parameter is a resource
+     * @param Resource $resource the resource variable to check
+     * @return bool true if it is a resource, false otherwise
+     */
+    public function isResource($resource) {
+        return is_resource($resource);
+    }
+
+    /**
+     * Checks whether the return value from LDAP is wrong or not.
+     *
+     * When using ldap_search we provide an array, in case multiple bases are
+     * configured. Thus, we need to check the array elements.
+     *
+     * @param $result
+     * @return bool
+     */
+    protected function isResultFalse($result) {
+        if ($result === false) {
+            return true;
+        }
+
+        if ($this->curFunc === 'ldap_search' && is_array($result)) {
+            foreach ($result as $singleResult) {
+                if ($singleResult === false) {
+                    return true;
+                }
+            }
+        }
+
+        return false;
+    }
+
+    /**
+     * @return mixed
+     */
+    protected function invokeLDAPMethod() {
+        $arguments = func_get_args();
+        $func = 'ldap_' . array_shift($arguments);
+        if (function_exists($func)) {
+            $this->preFunctionCall($func, $arguments);
+            $result = call_user_func_array($func, $arguments);
+            if ($this->isResultFalse($result)) {
+                $this->postFunctionCall();
+            }
+            return $result;
+        }
+        return null;
+    }
+
+    /**
+     * @param string $functionName
+     * @param array $args
+     */
+    private function preFunctionCall($functionName, $args) {
+        $this->curFunc = $functionName;
+        $this->curArgs = $args;
+    }
+
+    /**
+     * Analyzes the returned LDAP error and acts accordingly if not 0
+     *
+     * @param resource $resource the LDAP Connection resource
+     * @throws ConstraintViolationException
+     * @throws ServerNotAvailableException
+     * @throws \Exception
+     */
+    private function processLDAPError($resource) {
+        $errorCode = ldap_errno($resource);
+        if ($errorCode === 0) {
+            return;
+        }
+        $errorMsg = ldap_error($resource);
+
+        if ($this->curFunc === 'ldap_get_entries'
+            && $errorCode === -4) {
+        } elseif ($errorCode === 32) {
+            //for now
+        } elseif ($errorCode === 10) {
+            //referrals, we switch them off, but then there is AD :)
+        } elseif ($errorCode === -1) {
+            throw new ServerNotAvailableException('Lost connection to LDAP server.');
+        } elseif ($errorCode === 52) {
+            throw new ServerNotAvailableException('LDAP server is shutting down.');
+        } elseif ($errorCode === 48) {
+            throw new \Exception('LDAP authentication method rejected', $errorCode);
+        } elseif ($errorCode === 1) {
+            throw new \Exception('LDAP Operations error', $errorCode);
+        } elseif ($errorCode === 19) {
+            ldap_get_option($this->curArgs[0], LDAP_OPT_ERROR_STRING, $extended_error);
+            throw new ConstraintViolationException(!empty($extended_error)?$extended_error:$errorMsg, $errorCode);
+        } else {
+            \OC::$server->getLogger()->debug('LDAP error {message} ({code}) after calling {func}', [
+                'app' => 'user_ldap',
+                'message' => $errorMsg,
+                'code' => $errorCode,
+                'func' => $this->curFunc,
+            ]);
+        }
+    }
+
+    /**
+     * Called after an ldap method is run to act on LDAP error if necessary
+     * @throw \Exception
+     */
+    private function postFunctionCall() {
+        if ($this->isResource($this->curArgs[0])) {
+            $resource = $this->curArgs[0];
+        } elseif (
+                $this->curFunc === 'ldap_search'
+            && is_array($this->curArgs[0])
+            && $this->isResource($this->curArgs[0][0])
+        ) {
+            // we use always the same LDAP connection resource, is enough to
+            // take the first one.
+            $resource = $this->curArgs[0][0];
+        } else {
+            return;
+        }
+
+        $this->processLDAPError($resource);
+
+        $this->curFunc = '';
+        $this->curArgs = [];
+    }
 }

Please login to merge, or discard this patch.

		@@ -45,243 +45,243 @@
		block discarded – undo
45	45
46	46	class ScanAppData extends Base {
47	47
48		- /** @var IRootFolder */
49		- protected $root;
50		- /** @var IConfig */
51		- protected $config;
52		- /** @var float */
53		- protected $execTime = 0;
54		- /** @var int */
55		- protected $foldersCounter = 0;
56		- /** @var int */
57		- protected $filesCounter = 0;
58		-
59		- public function __construct(IRootFolder $rootFolder, IConfig $config) {
60		- parent::__construct();
61		-
62		- $this->root = $rootFolder;
63		- $this->config = $config;
64		- }
65		-
66		- protected function configure() {
67		- parent::configure();
68		-
69		- $this
70		- ->setName('files:scan-app-data')
71		- ->setDescription('rescan the AppData folder');
72		-
73		- $this->addArgument('folder', InputArgument::OPTIONAL, 'The appdata subfolder to scan', '');
74		- }
75		-
76		- public function checkScanWarning($fullPath, OutputInterface $output) {
77		- $normalizedPath = basename(\OC\Files\Filesystem::normalizePath($fullPath));
78		- $path = basename($fullPath);
79		-
80		- if ($normalizedPath !== $path) {
81		- $output->writeln("\t<error>Entry \"" . $fullPath . '" will not be accessible due to incompatible encoding</error>');
82		- }
83		- }
84		-
85		- protected function scanFiles(OutputInterface $output, string $folder): int {
86		- try {
87		- $appData = $this->getAppDataFolder();
88		- } catch (NotFoundException $e) {
89		- $output->writeln('<error>NoAppData folder found</error>');
90		- return 1;
91		- }
92		-
93		- if ($folder !== '') {
94		- try {
95		- $appData = $appData->get($folder);
96		- } catch (NotFoundException $e) {
97		- $output->writeln('<error>Could not find folder: ' . $folder . '</error>');
98		- return 1;
99		- }
100		- }
101		-
102		- $connection = $this->reconnectToDatabase($output);
103		- $scanner = new \OC\Files\Utils\Scanner(null, $connection, \OC::$server->query(IEventDispatcher::class), \OC::$server->getLogger());
104		-
105		- # check on each file/folder if there was a user interrupt (ctrl-c) and throw an exception
106		- $scanner->listen('\OC\Files\Utils\Scanner', 'scanFile', function ($path) use ($output) {
107		- $output->writeln("\tFile <info>$path</info>", OutputInterface::VERBOSITY_VERBOSE);
108		- ++$this->filesCounter;
109		- $this->abortIfInterrupted();
110		- });
111		-
112		- $scanner->listen('\OC\Files\Utils\Scanner', 'scanFolder', function ($path) use ($output) {
113		- $output->writeln("\tFolder <info>$path</info>", OutputInterface::VERBOSITY_VERBOSE);
114		- ++$this->foldersCounter;
115		- $this->abortIfInterrupted();
116		- });
117		-
118		- $scanner->listen('\OC\Files\Utils\Scanner', 'StorageNotAvailable', function (StorageNotAvailableException $e) use ($output) {
119		- $output->writeln('Error while scanning, storage not available (' . $e->getMessage() . ')', OutputInterface::VERBOSITY_VERBOSE);
120		- });
121		-
122		- $scanner->listen('\OC\Files\Utils\Scanner', 'scanFile', function ($path) use ($output) {
123		- $this->checkScanWarning($path, $output);
124		- });
125		-
126		- $scanner->listen('\OC\Files\Utils\Scanner', 'scanFolder', function ($path) use ($output) {
127		- $this->checkScanWarning($path, $output);
128		- });
129		-
130		- try {
131		- $scanner->scan($appData->getPath());
132		- } catch (ForbiddenException $e) {
133		- $output->writeln('<error>Storage not writable</error>');
134		- $output->writeln('<info>Make sure you\'re running the scan command only as the user the web server runs as</info>');
135		- return 1;
136		- } catch (InterruptedException $e) {
137		- # exit the function if ctrl-c has been pressed
138		- $output->writeln('<info>Interrupted by user</info>');
139		- return 1;
140		- } catch (NotFoundException $e) {
141		- $output->writeln('<error>Path not found: ' . $e->getMessage() . '</error>');
142		- return 1;
143		- } catch (\Exception $e) {
144		- $output->writeln('<error>Exception during scan: ' . $e->getMessage() . '</error>');
145		- $output->writeln('<error>' . $e->getTraceAsString() . '</error>');
146		- return 1;
147		- }
148		-
149		- return 0;
150		- }
151		-
152		-
153		- protected function execute(InputInterface $input, OutputInterface $output): int {
154		- # restrict the verbosity level to VERBOSITY_VERBOSE
155		- if ($output->getVerbosity() > OutputInterface::VERBOSITY_VERBOSE) {
156		- $output->setVerbosity(OutputInterface::VERBOSITY_VERBOSE);
157		- }
158		-
159		- $output->writeln('Scanning AppData for files');
160		- $output->writeln('');
161		-
162		- $folder = $input->getArgument('folder');
163		-
164		- $this->initTools();
165		-
166		- $exitCode = $this->scanFiles($output, $folder);
167		- if ($exitCode === 0) {
168		- $this->presentStats($output);
169		- }
170		- return $exitCode;
171		- }
172		-
173		- /**
174		- * Initialises some useful tools for the Command
175		- */
176		- protected function initTools() {
177		- // Start the timer
178		- $this->execTime = -microtime(true);
179		- // Convert PHP errors to exceptions
180		- set_error_handler([$this, 'exceptionErrorHandler'], E_ALL);
181		- }
182		-
183		- /**
184		- * Processes PHP errors as exceptions in order to be able to keep track of problems
185		- *
186		- * @see https://www.php.net/manual/en/function.set-error-handler.php
187		- *
188		- * @param int $severity the level of the error raised
189		- * @param string $message
190		- * @param string $file the filename that the error was raised in
191		- * @param int $line the line number the error was raised
192		- *
193		- * @throws \ErrorException
194		- */
195		- public function exceptionErrorHandler($severity, $message, $file, $line) {
196		- if (!(error_reporting() & $severity)) {
197		- // This error code is not included in error_reporting
198		- return;
199		- }
200		- throw new \ErrorException($message, 0, $severity, $file, $line);
201		- }
202		-
203		- /**
204		- * @param OutputInterface $output
205		- */
206		- protected function presentStats(OutputInterface $output) {
207		- // Stop the timer
208		- $this->execTime += microtime(true);
209		-
210		- $headers = [
211		- 'Folders', 'Files', 'Elapsed time'
212		- ];
213		-
214		- $this->showSummary($headers, null, $output);
215		- }
216		-
217		- /**
218		- * Shows a summary of operations
219		- *
220		- * @param string[] $headers
221		- * @param string[] $rows
222		- * @param OutputInterface $output
223		- */
224		- protected function showSummary($headers, $rows, OutputInterface $output) {
225		- $niceDate = $this->formatExecTime();
226		- if (!$rows) {
227		- $rows = [
228		- $this->foldersCounter,
229		- $this->filesCounter,
230		- $niceDate,
231		- ];
232		- }
233		- $table = new Table($output);
234		- $table
235		- ->setHeaders($headers)
236		- ->setRows([$rows]);
237		- $table->render();
238		- }
239		-
240		-
241		- /**
242		- * Formats microtime into a human readable format
243		- *
244		- * @return string
245		- */
246		- protected function formatExecTime() {
247		- $secs = round($this->execTime);
248		- # convert seconds into HH:MM:SS form
249		- return sprintf('%02d:%02d:%02d', ($secs / 3600), ($secs / 60 % 60), $secs % 60);
250		- }
251		-
252		- /**
253		- * @return \OCP\IDBConnection
254		- */
255		- protected function reconnectToDatabase(OutputInterface $output) {
256		- /** @var Connection \| IDBConnection $connection*/
257		- $connection = \OC::$server->getDatabaseConnection();
258		- try {
259		- $connection->close();
260		- } catch (\Exception $ex) {
261		- $output->writeln("<info>Error while disconnecting from database: {$ex->getMessage()}</info>");
262		- }
263		- while (!$connection->isConnected()) {
264		- try {
265		- $connection->connect();
266		- } catch (\Exception $ex) {
267		- $output->writeln("<info>Error while re-connecting to database: {$ex->getMessage()}</info>");
268		- sleep(60);
269		- }
270		- }
271		- return $connection;
272		- }
273		-
274		- /**
275		- * @return \OCP\Files\Folder
276		- * @throws NotFoundException
277		- */
278		- private function getAppDataFolder() {
279		- $instanceId = $this->config->getSystemValue('instanceid', null);
280		-
281		- if ($instanceId === null) {
282		- throw new NotFoundException();
283		- }
284		-
285		- return $this->root->get('appdata_'.$instanceId);
286		- }
	48	+ /** @var IRootFolder */
	49	+ protected $root;
	50	+ /** @var IConfig */
	51	+ protected $config;
	52	+ /** @var float */
	53	+ protected $execTime = 0;
	54	+ /** @var int */
	55	+ protected $foldersCounter = 0;
	56	+ /** @var int */
	57	+ protected $filesCounter = 0;
	58	+
	59	+ public function __construct(IRootFolder $rootFolder, IConfig $config) {
	60	+ parent::__construct();
	61	+
	62	+ $this->root = $rootFolder;
	63	+ $this->config = $config;
	64	+ }
	65	+
	66	+ protected function configure() {
	67	+ parent::configure();
	68	+
	69	+ $this
	70	+ ->setName('files:scan-app-data')
	71	+ ->setDescription('rescan the AppData folder');
	72	+
	73	+ $this->addArgument('folder', InputArgument::OPTIONAL, 'The appdata subfolder to scan', '');
	74	+ }
	75	+
	76	+ public function checkScanWarning($fullPath, OutputInterface $output) {
	77	+ $normalizedPath = basename(\OC\Files\Filesystem::normalizePath($fullPath));
	78	+ $path = basename($fullPath);
	79	+
	80	+ if ($normalizedPath !== $path) {
	81	+ $output->writeln("\t<error>Entry \"" . $fullPath . '" will not be accessible due to incompatible encoding</error>');
	82	+ }
	83	+ }
	84	+
	85	+ protected function scanFiles(OutputInterface $output, string $folder): int {
	86	+ try {
	87	+ $appData = $this->getAppDataFolder();
	88	+ } catch (NotFoundException $e) {
	89	+ $output->writeln('<error>NoAppData folder found</error>');
	90	+ return 1;
	91	+ }
	92	+
	93	+ if ($folder !== '') {
	94	+ try {
	95	+ $appData = $appData->get($folder);
	96	+ } catch (NotFoundException $e) {
	97	+ $output->writeln('<error>Could not find folder: ' . $folder . '</error>');
	98	+ return 1;
	99	+ }
	100	+ }
	101	+
	102	+ $connection = $this->reconnectToDatabase($output);
	103	+ $scanner = new \OC\Files\Utils\Scanner(null, $connection, \OC::$server->query(IEventDispatcher::class), \OC::$server->getLogger());
	104	+
	105	+ # check on each file/folder if there was a user interrupt (ctrl-c) and throw an exception
	106	+ $scanner->listen('\OC\Files\Utils\Scanner', 'scanFile', function ($path) use ($output) {
	107	+ $output->writeln("\tFile <info>$path</info>", OutputInterface::VERBOSITY_VERBOSE);
	108	+ ++$this->filesCounter;
	109	+ $this->abortIfInterrupted();
	110	+ });
	111	+
	112	+ $scanner->listen('\OC\Files\Utils\Scanner', 'scanFolder', function ($path) use ($output) {
	113	+ $output->writeln("\tFolder <info>$path</info>", OutputInterface::VERBOSITY_VERBOSE);
	114	+ ++$this->foldersCounter;
	115	+ $this->abortIfInterrupted();
	116	+ });
	117	+
	118	+ $scanner->listen('\OC\Files\Utils\Scanner', 'StorageNotAvailable', function (StorageNotAvailableException $e) use ($output) {
	119	+ $output->writeln('Error while scanning, storage not available (' . $e->getMessage() . ')', OutputInterface::VERBOSITY_VERBOSE);
	120	+ });
	121	+
	122	+ $scanner->listen('\OC\Files\Utils\Scanner', 'scanFile', function ($path) use ($output) {
	123	+ $this->checkScanWarning($path, $output);
	124	+ });
	125	+
	126	+ $scanner->listen('\OC\Files\Utils\Scanner', 'scanFolder', function ($path) use ($output) {
	127	+ $this->checkScanWarning($path, $output);
	128	+ });
	129	+
	130	+ try {
	131	+ $scanner->scan($appData->getPath());
	132	+ } catch (ForbiddenException $e) {
	133	+ $output->writeln('<error>Storage not writable</error>');
	134	+ $output->writeln('<info>Make sure you\'re running the scan command only as the user the web server runs as</info>');
	135	+ return 1;
	136	+ } catch (InterruptedException $e) {
	137	+ # exit the function if ctrl-c has been pressed
	138	+ $output->writeln('<info>Interrupted by user</info>');
	139	+ return 1;
	140	+ } catch (NotFoundException $e) {
	141	+ $output->writeln('<error>Path not found: ' . $e->getMessage() . '</error>');
	142	+ return 1;
	143	+ } catch (\Exception $e) {
	144	+ $output->writeln('<error>Exception during scan: ' . $e->getMessage() . '</error>');
	145	+ $output->writeln('<error>' . $e->getTraceAsString() . '</error>');
	146	+ return 1;
	147	+ }
	148	+
	149	+ return 0;
	150	+ }
	151	+
	152	+
	153	+ protected function execute(InputInterface $input, OutputInterface $output): int {
	154	+ # restrict the verbosity level to VERBOSITY_VERBOSE
	155	+ if ($output->getVerbosity() > OutputInterface::VERBOSITY_VERBOSE) {
	156	+ $output->setVerbosity(OutputInterface::VERBOSITY_VERBOSE);
	157	+ }
	158	+
	159	+ $output->writeln('Scanning AppData for files');
	160	+ $output->writeln('');
	161	+
	162	+ $folder = $input->getArgument('folder');
	163	+
	164	+ $this->initTools();
	165	+
	166	+ $exitCode = $this->scanFiles($output, $folder);
	167	+ if ($exitCode === 0) {
	168	+ $this->presentStats($output);
	169	+ }
	170	+ return $exitCode;
	171	+ }
	172	+
	173	+ /**
	174	+ * Initialises some useful tools for the Command
	175	+ */
	176	+ protected function initTools() {
	177	+ // Start the timer
	178	+ $this->execTime = -microtime(true);
	179	+ // Convert PHP errors to exceptions
	180	+ set_error_handler([$this, 'exceptionErrorHandler'], E_ALL);
	181	+ }
	182	+
	183	+ /**
	184	+ * Processes PHP errors as exceptions in order to be able to keep track of problems
	185	+ *
	186	+ * @see https://www.php.net/manual/en/function.set-error-handler.php
	187	+ *
	188	+ * @param int $severity the level of the error raised
	189	+ * @param string $message
	190	+ * @param string $file the filename that the error was raised in
	191	+ * @param int $line the line number the error was raised
	192	+ *
	193	+ * @throws \ErrorException
	194	+ */
	195	+ public function exceptionErrorHandler($severity, $message, $file, $line) {
	196	+ if (!(error_reporting() & $severity)) {
	197	+ // This error code is not included in error_reporting
	198	+ return;
	199	+ }
	200	+ throw new \ErrorException($message, 0, $severity, $file, $line);
	201	+ }
	202	+
	203	+ /**
	204	+ * @param OutputInterface $output
	205	+ */
	206	+ protected function presentStats(OutputInterface $output) {
	207	+ // Stop the timer
	208	+ $this->execTime += microtime(true);
	209	+
	210	+ $headers = [
	211	+ 'Folders', 'Files', 'Elapsed time'
	212	+ ];
	213	+
	214	+ $this->showSummary($headers, null, $output);
	215	+ }
	216	+
	217	+ /**
	218	+ * Shows a summary of operations
	219	+ *
	220	+ * @param string[] $headers
	221	+ * @param string[] $rows
	222	+ * @param OutputInterface $output
	223	+ */
	224	+ protected function showSummary($headers, $rows, OutputInterface $output) {
	225	+ $niceDate = $this->formatExecTime();
	226	+ if (!$rows) {
	227	+ $rows = [
	228	+ $this->foldersCounter,
	229	+ $this->filesCounter,
	230	+ $niceDate,
	231	+ ];
	232	+ }
	233	+ $table = new Table($output);
	234	+ $table
	235	+ ->setHeaders($headers)
	236	+ ->setRows([$rows]);
	237	+ $table->render();
	238	+ }
	239	+
	240	+
	241	+ /**
	242	+ * Formats microtime into a human readable format
	243	+ *
	244	+ * @return string
	245	+ */
	246	+ protected function formatExecTime() {
	247	+ $secs = round($this->execTime);
	248	+ # convert seconds into HH:MM:SS form
	249	+ return sprintf('%02d:%02d:%02d', ($secs / 3600), ($secs / 60 % 60), $secs % 60);
	250	+ }
	251	+
	252	+ /**
	253	+ * @return \OCP\IDBConnection
	254	+ */
	255	+ protected function reconnectToDatabase(OutputInterface $output) {
	256	+ /** @var Connection \| IDBConnection $connection*/
	257	+ $connection = \OC::$server->getDatabaseConnection();
	258	+ try {
	259	+ $connection->close();
	260	+ } catch (\Exception $ex) {
	261	+ $output->writeln("<info>Error while disconnecting from database: {$ex->getMessage()}</info>");
	262	+ }
	263	+ while (!$connection->isConnected()) {
	264	+ try {
	265	+ $connection->connect();
	266	+ } catch (\Exception $ex) {
	267	+ $output->writeln("<info>Error while re-connecting to database: {$ex->getMessage()}</info>");
	268	+ sleep(60);
	269	+ }
	270	+ }
	271	+ return $connection;
	272	+ }
	273	+
	274	+ /**
	275	+ * @return \OCP\Files\Folder
	276	+ * @throws NotFoundException
	277	+ */
	278	+ private function getAppDataFolder() {
	279	+ $instanceId = $this->config->getSystemValue('instanceid', null);
	280	+
	281	+ if ($instanceId === null) {
	282	+ throw new NotFoundException();
	283	+ }
	284	+
	285	+ return $this->root->get('appdata_'.$instanceId);
	286	+ }
287	287	}

		@@ -52,275 +52,275 @@
		block discarded – undo
52	52
53	53	class Scan extends Base {
54	54
55		- /** @var IUserManager $userManager */
56		- private $userManager;
57		- /** @var float */
58		- protected $execTime = 0;
59		- /** @var int */
60		- protected $foldersCounter = 0;
61		- /** @var int */
62		- protected $filesCounter = 0;
63		-
64		- public function __construct(IUserManager $userManager) {
65		- $this->userManager = $userManager;
66		- parent::__construct();
67		- }
68		-
69		- protected function configure() {
70		- parent::configure();
71		-
72		- $this
73		- ->setName('files:scan')
74		- ->setDescription('rescan filesystem')
75		- ->addArgument(
76		- 'user_id',
77		- InputArgument::OPTIONAL \| InputArgument::IS_ARRAY,
78		- 'will rescan all files of the given user(s)'
79		- )
80		- ->addOption(
81		- 'path',
82		- 'p',
83		- InputArgument::OPTIONAL,
84		- 'limit rescan to this path, eg. --path="/alice/files/Music", the user_id is determined by the path and the user_id parameter and --all are ignored'
85		- )
86		- ->addOption(
87		- 'all',
88		- null,
89		- InputOption::VALUE_NONE,
90		- 'will rescan all files of all known users'
91		- )->addOption(
92		- 'unscanned',
93		- null,
94		- InputOption::VALUE_NONE,
95		- 'only scan files which are marked as not fully scanned'
96		- )->addOption(
97		- 'shallow',
98		- null,
99		- InputOption::VALUE_NONE,
100		- 'do not scan folders recursively'
101		- )->addOption(
102		- 'home-only',
103		- null,
104		- InputOption::VALUE_NONE,
105		- 'only scan the home storage, ignoring any mounted external storage or share'
106		- );
107		- }
108		-
109		- public function checkScanWarning($fullPath, OutputInterface $output) {
110		- $normalizedPath = basename(\OC\Files\Filesystem::normalizePath($fullPath));
111		- $path = basename($fullPath);
112		-
113		- if ($normalizedPath !== $path) {
114		- $output->writeln("\t<error>Entry \"" . $fullPath . '" will not be accessible due to incompatible encoding</error>');
115		- }
116		- }
117		-
118		- protected function scanFiles($user, $path, OutputInterface $output, $backgroundScan = false, $recursive = true, $homeOnly = false) {
119		- $connection = $this->reconnectToDatabase($output);
120		- $scanner = new \OC\Files\Utils\Scanner($user, $connection, \OC::$server->query(IEventDispatcher::class), \OC::$server->getLogger());
121		-
122		- # check on each file/folder if there was a user interrupt (ctrl-c) and throw an exception
123		-
124		- $scanner->listen('\OC\Files\Utils\Scanner', 'scanFile', function ($path) use ($output) {
125		- $output->writeln("\tFile\t<info>$path</info>", OutputInterface::VERBOSITY_VERBOSE);
126		- ++$this->filesCounter;
127		- $this->abortIfInterrupted();
128		- });
129		-
130		- $scanner->listen('\OC\Files\Utils\Scanner', 'scanFolder', function ($path) use ($output) {
131		- $output->writeln("\tFolder\t<info>$path</info>", OutputInterface::VERBOSITY_VERBOSE);
132		- ++$this->foldersCounter;
133		- $this->abortIfInterrupted();
134		- });
135		-
136		- $scanner->listen('\OC\Files\Utils\Scanner', 'StorageNotAvailable', function (StorageNotAvailableException $e) use ($output) {
137		- $output->writeln('Error while scanning, storage not available (' . $e->getMessage() . ')', OutputInterface::VERBOSITY_VERBOSE);
138		- });
139		-
140		- $scanner->listen('\OC\Files\Utils\Scanner', 'scanFile', function ($path) use ($output) {
141		- $this->checkScanWarning($path, $output);
142		- });
143		-
144		- $scanner->listen('\OC\Files\Utils\Scanner', 'scanFolder', function ($path) use ($output) {
145		- $this->checkScanWarning($path, $output);
146		- });
147		-
148		- try {
149		- if ($backgroundScan) {
150		- $scanner->backgroundScan($path);
151		- } else {
152		- $scanner->scan($path, $recursive, $homeOnly ? [$this, 'filterHomeMount'] : null);
153		- }
154		- } catch (ForbiddenException $e) {
155		- $output->writeln("<error>Home storage for user $user not writable</error>");
156		- $output->writeln('Make sure you\'re running the scan command only as the user the web server runs as');
157		- } catch (InterruptedException $e) {
158		- # exit the function if ctrl-c has been pressed
159		- $output->writeln('Interrupted by user');
160		- } catch (NotFoundException $e) {
161		- $output->writeln('<error>Path not found: ' . $e->getMessage() . '</error>');
162		- } catch (\Exception $e) {
163		- $output->writeln('<error>Exception during scan: ' . $e->getMessage() . '</error>');
164		- $output->writeln('<error>' . $e->getTraceAsString() . '</error>');
165		- }
166		- }
167		-
168		- public function filterHomeMount(IMountPoint $mountPoint) {
169		- // any mountpoint inside '/$user/files/'
170		- return substr_count($mountPoint->getMountPoint(), '/') <= 3;
171		- }
172		-
173		- protected function execute(InputInterface $input, OutputInterface $output): int {
174		- $inputPath = $input->getOption('path');
175		- if ($inputPath) {
176		- $inputPath = '/' . trim($inputPath, '/');
177		- list(, $user,) = explode('/', $inputPath, 3);
178		- $users = [$user];
179		- } elseif ($input->getOption('all')) {
180		- $users = $this->userManager->search('');
181		- } else {
182		- $users = $input->getArgument('user_id');
183		- }
184		-
185		- # restrict the verbosity level to VERBOSITY_VERBOSE
186		- if ($output->getVerbosity() > OutputInterface::VERBOSITY_VERBOSE) {
187		- $output->setVerbosity(OutputInterface::VERBOSITY_VERBOSE);
188		- }
189		-
190		- # check quantity of users to be process and show it on the command line
191		- $users_total = count($users);
192		- if ($users_total === 0) {
193		- $output->writeln('<error>Please specify the user id to scan, --all to scan for all users or --path=...</error>');
194		- return 1;
195		- }
196		-
197		- $this->initTools();
198		-
199		- $user_count = 0;
200		- foreach ($users as $user) {
201		- if (is_object($user)) {
202		- $user = $user->getUID();
203		- }
204		- $path = $inputPath ? $inputPath : '/' . $user;
205		- ++$user_count;
206		- if ($this->userManager->userExists($user)) {
207		- $output->writeln("Starting scan for user $user_count out of $users_total ($user)");
208		- $this->scanFiles($user, $path, $output, $input->getOption('unscanned'), !$input->getOption('shallow'), $input->getOption('home-only'));
209		- $output->writeln('', OutputInterface::VERBOSITY_VERBOSE);
210		- } else {
211		- $output->writeln("<error>Unknown user $user_count $user</error>");
212		- $output->writeln('', OutputInterface::VERBOSITY_VERBOSE);
213		- }
214		-
215		- try {
216		- $this->abortIfInterrupted();
217		- } catch (InterruptedException $e) {
218		- break;
219		- }
220		- }
221		-
222		- $this->presentStats($output);
223		- return 0;
224		- }
225		-
226		- /**
227		- * Initialises some useful tools for the Command
228		- */
229		- protected function initTools() {
230		- // Start the timer
231		- $this->execTime = -microtime(true);
232		- // Convert PHP errors to exceptions
233		- set_error_handler([$this, 'exceptionErrorHandler'], E_ALL);
234		- }
235		-
236		- /**
237		- * Processes PHP errors as exceptions in order to be able to keep track of problems
238		- *
239		- * @see https://www.php.net/manual/en/function.set-error-handler.php
240		- *
241		- * @param int $severity the level of the error raised
242		- * @param string $message
243		- * @param string $file the filename that the error was raised in
244		- * @param int $line the line number the error was raised
245		- *
246		- * @throws \ErrorException
247		- */
248		- public function exceptionErrorHandler($severity, $message, $file, $line) {
249		- if (!(error_reporting() & $severity)) {
250		- // This error code is not included in error_reporting
251		- return;
252		- }
253		- throw new \ErrorException($message, 0, $severity, $file, $line);
254		- }
255		-
256		- /**
257		- * @param OutputInterface $output
258		- */
259		- protected function presentStats(OutputInterface $output) {
260		- // Stop the timer
261		- $this->execTime += microtime(true);
262		-
263		- $headers = [
264		- 'Folders', 'Files', 'Elapsed time'
265		- ];
266		-
267		- $this->showSummary($headers, null, $output);
268		- }
269		-
270		- /**
271		- * Shows a summary of operations
272		- *
273		- * @param string[] $headers
274		- * @param string[] $rows
275		- * @param OutputInterface $output
276		- */
277		- protected function showSummary($headers, $rows, OutputInterface $output) {
278		- $niceDate = $this->formatExecTime();
279		- if (!$rows) {
280		- $rows = [
281		- $this->foldersCounter,
282		- $this->filesCounter,
283		- $niceDate,
284		- ];
285		- }
286		- $table = new Table($output);
287		- $table
288		- ->setHeaders($headers)
289		- ->setRows([$rows]);
290		- $table->render();
291		- }
292		-
293		-
294		- /**
295		- * Formats microtime into a human readable format
296		- *
297		- * @return string
298		- */
299		- protected function formatExecTime() {
300		- $secs = round($this->execTime);
301		- # convert seconds into HH:MM:SS form
302		- return sprintf('%02d:%02d:%02d', ($secs / 3600), ($secs / 60 % 60), $secs % 60);
303		- }
304		-
305		- /**
306		- * @return \OCP\IDBConnection
307		- */
308		- protected function reconnectToDatabase(OutputInterface $output) {
309		- /** @var Connection \| IDBConnection $connection */
310		- $connection = \OC::$server->getDatabaseConnection();
311		- try {
312		- $connection->close();
313		- } catch (\Exception $ex) {
314		- $output->writeln("<info>Error while disconnecting from database: {$ex->getMessage()}</info>");
315		- }
316		- while (!$connection->isConnected()) {
317		- try {
318		- $connection->connect();
319		- } catch (\Exception $ex) {
320		- $output->writeln("<info>Error while re-connecting to database: {$ex->getMessage()}</info>");
321		- sleep(60);
322		- }
323		- }
324		- return $connection;
325		- }
	55	+ /** @var IUserManager $userManager */
	56	+ private $userManager;
	57	+ /** @var float */
	58	+ protected $execTime = 0;
	59	+ /** @var int */
	60	+ protected $foldersCounter = 0;
	61	+ /** @var int */
	62	+ protected $filesCounter = 0;
	63	+
	64	+ public function __construct(IUserManager $userManager) {
	65	+ $this->userManager = $userManager;
	66	+ parent::__construct();
	67	+ }
	68	+
	69	+ protected function configure() {
	70	+ parent::configure();
	71	+
	72	+ $this
	73	+ ->setName('files:scan')
	74	+ ->setDescription('rescan filesystem')
	75	+ ->addArgument(
	76	+ 'user_id',
	77	+ InputArgument::OPTIONAL \| InputArgument::IS_ARRAY,
	78	+ 'will rescan all files of the given user(s)'
	79	+ )
	80	+ ->addOption(
	81	+ 'path',
	82	+ 'p',
	83	+ InputArgument::OPTIONAL,
	84	+ 'limit rescan to this path, eg. --path="/alice/files/Music", the user_id is determined by the path and the user_id parameter and --all are ignored'
	85	+ )
	86	+ ->addOption(
	87	+ 'all',
	88	+ null,
	89	+ InputOption::VALUE_NONE,
	90	+ 'will rescan all files of all known users'
	91	+ )->addOption(
	92	+ 'unscanned',
	93	+ null,
	94	+ InputOption::VALUE_NONE,
	95	+ 'only scan files which are marked as not fully scanned'
	96	+ )->addOption(
	97	+ 'shallow',
	98	+ null,
	99	+ InputOption::VALUE_NONE,
	100	+ 'do not scan folders recursively'
	101	+ )->addOption(
	102	+ 'home-only',
	103	+ null,
	104	+ InputOption::VALUE_NONE,
	105	+ 'only scan the home storage, ignoring any mounted external storage or share'
	106	+ );
	107	+ }
	108	+
	109	+ public function checkScanWarning($fullPath, OutputInterface $output) {
	110	+ $normalizedPath = basename(\OC\Files\Filesystem::normalizePath($fullPath));
	111	+ $path = basename($fullPath);
	112	+
	113	+ if ($normalizedPath !== $path) {
	114	+ $output->writeln("\t<error>Entry \"" . $fullPath . '" will not be accessible due to incompatible encoding</error>');
	115	+ }
	116	+ }
	117	+
	118	+ protected function scanFiles($user, $path, OutputInterface $output, $backgroundScan = false, $recursive = true, $homeOnly = false) {
	119	+ $connection = $this->reconnectToDatabase($output);
	120	+ $scanner = new \OC\Files\Utils\Scanner($user, $connection, \OC::$server->query(IEventDispatcher::class), \OC::$server->getLogger());
	121	+
	122	+ # check on each file/folder if there was a user interrupt (ctrl-c) and throw an exception
	123	+
	124	+ $scanner->listen('\OC\Files\Utils\Scanner', 'scanFile', function ($path) use ($output) {
	125	+ $output->writeln("\tFile\t<info>$path</info>", OutputInterface::VERBOSITY_VERBOSE);
	126	+ ++$this->filesCounter;
	127	+ $this->abortIfInterrupted();
	128	+ });
	129	+
	130	+ $scanner->listen('\OC\Files\Utils\Scanner', 'scanFolder', function ($path) use ($output) {
	131	+ $output->writeln("\tFolder\t<info>$path</info>", OutputInterface::VERBOSITY_VERBOSE);
	132	+ ++$this->foldersCounter;
	133	+ $this->abortIfInterrupted();
	134	+ });
	135	+
	136	+ $scanner->listen('\OC\Files\Utils\Scanner', 'StorageNotAvailable', function (StorageNotAvailableException $e) use ($output) {
	137	+ $output->writeln('Error while scanning, storage not available (' . $e->getMessage() . ')', OutputInterface::VERBOSITY_VERBOSE);
	138	+ });
	139	+
	140	+ $scanner->listen('\OC\Files\Utils\Scanner', 'scanFile', function ($path) use ($output) {
	141	+ $this->checkScanWarning($path, $output);
	142	+ });
	143	+
	144	+ $scanner->listen('\OC\Files\Utils\Scanner', 'scanFolder', function ($path) use ($output) {
	145	+ $this->checkScanWarning($path, $output);
	146	+ });
	147	+
	148	+ try {
	149	+ if ($backgroundScan) {
	150	+ $scanner->backgroundScan($path);
	151	+ } else {
	152	+ $scanner->scan($path, $recursive, $homeOnly ? [$this, 'filterHomeMount'] : null);
	153	+ }
	154	+ } catch (ForbiddenException $e) {
	155	+ $output->writeln("<error>Home storage for user $user not writable</error>");
	156	+ $output->writeln('Make sure you\'re running the scan command only as the user the web server runs as');
	157	+ } catch (InterruptedException $e) {
	158	+ # exit the function if ctrl-c has been pressed
	159	+ $output->writeln('Interrupted by user');
	160	+ } catch (NotFoundException $e) {
	161	+ $output->writeln('<error>Path not found: ' . $e->getMessage() . '</error>');
	162	+ } catch (\Exception $e) {
	163	+ $output->writeln('<error>Exception during scan: ' . $e->getMessage() . '</error>');
	164	+ $output->writeln('<error>' . $e->getTraceAsString() . '</error>');
	165	+ }
	166	+ }
	167	+
	168	+ public function filterHomeMount(IMountPoint $mountPoint) {
	169	+ // any mountpoint inside '/$user/files/'
	170	+ return substr_count($mountPoint->getMountPoint(), '/') <= 3;
	171	+ }
	172	+
	173	+ protected function execute(InputInterface $input, OutputInterface $output): int {
	174	+ $inputPath = $input->getOption('path');
	175	+ if ($inputPath) {
	176	+ $inputPath = '/' . trim($inputPath, '/');
	177	+ list(, $user,) = explode('/', $inputPath, 3);
	178	+ $users = [$user];
	179	+ } elseif ($input->getOption('all')) {
	180	+ $users = $this->userManager->search('');
	181	+ } else {
	182	+ $users = $input->getArgument('user_id');
	183	+ }
	184	+
	185	+ # restrict the verbosity level to VERBOSITY_VERBOSE
	186	+ if ($output->getVerbosity() > OutputInterface::VERBOSITY_VERBOSE) {
	187	+ $output->setVerbosity(OutputInterface::VERBOSITY_VERBOSE);
	188	+ }
	189	+
	190	+ # check quantity of users to be process and show it on the command line
	191	+ $users_total = count($users);
	192	+ if ($users_total === 0) {
	193	+ $output->writeln('<error>Please specify the user id to scan, --all to scan for all users or --path=...</error>');
	194	+ return 1;
	195	+ }
	196	+
	197	+ $this->initTools();
	198	+
	199	+ $user_count = 0;
	200	+ foreach ($users as $user) {
	201	+ if (is_object($user)) {
	202	+ $user = $user->getUID();
	203	+ }
	204	+ $path = $inputPath ? $inputPath : '/' . $user;
	205	+ ++$user_count;
	206	+ if ($this->userManager->userExists($user)) {
	207	+ $output->writeln("Starting scan for user $user_count out of $users_total ($user)");
	208	+ $this->scanFiles($user, $path, $output, $input->getOption('unscanned'), !$input->getOption('shallow'), $input->getOption('home-only'));
	209	+ $output->writeln('', OutputInterface::VERBOSITY_VERBOSE);
	210	+ } else {
	211	+ $output->writeln("<error>Unknown user $user_count $user</error>");
	212	+ $output->writeln('', OutputInterface::VERBOSITY_VERBOSE);
	213	+ }
	214	+
	215	+ try {
	216	+ $this->abortIfInterrupted();
	217	+ } catch (InterruptedException $e) {
	218	+ break;
	219	+ }
	220	+ }
	221	+
	222	+ $this->presentStats($output);
	223	+ return 0;
	224	+ }
	225	+
	226	+ /**
	227	+ * Initialises some useful tools for the Command
	228	+ */
	229	+ protected function initTools() {
	230	+ // Start the timer
	231	+ $this->execTime = -microtime(true);
	232	+ // Convert PHP errors to exceptions
	233	+ set_error_handler([$this, 'exceptionErrorHandler'], E_ALL);
	234	+ }
	235	+
	236	+ /**
	237	+ * Processes PHP errors as exceptions in order to be able to keep track of problems
	238	+ *
	239	+ * @see https://www.php.net/manual/en/function.set-error-handler.php
	240	+ *
	241	+ * @param int $severity the level of the error raised
	242	+ * @param string $message
	243	+ * @param string $file the filename that the error was raised in
	244	+ * @param int $line the line number the error was raised
	245	+ *
	246	+ * @throws \ErrorException
	247	+ */
	248	+ public function exceptionErrorHandler($severity, $message, $file, $line) {
	249	+ if (!(error_reporting() & $severity)) {
	250	+ // This error code is not included in error_reporting
	251	+ return;
	252	+ }
	253	+ throw new \ErrorException($message, 0, $severity, $file, $line);
	254	+ }
	255	+
	256	+ /**
	257	+ * @param OutputInterface $output
	258	+ */
	259	+ protected function presentStats(OutputInterface $output) {
	260	+ // Stop the timer
	261	+ $this->execTime += microtime(true);
	262	+
	263	+ $headers = [
	264	+ 'Folders', 'Files', 'Elapsed time'
	265	+ ];
	266	+
	267	+ $this->showSummary($headers, null, $output);
	268	+ }
	269	+
	270	+ /**
	271	+ * Shows a summary of operations
	272	+ *
	273	+ * @param string[] $headers
	274	+ * @param string[] $rows
	275	+ * @param OutputInterface $output
	276	+ */
	277	+ protected function showSummary($headers, $rows, OutputInterface $output) {
	278	+ $niceDate = $this->formatExecTime();
	279	+ if (!$rows) {
	280	+ $rows = [
	281	+ $this->foldersCounter,
	282	+ $this->filesCounter,
	283	+ $niceDate,
	284	+ ];
	285	+ }
	286	+ $table = new Table($output);
	287	+ $table
	288	+ ->setHeaders($headers)
	289	+ ->setRows([$rows]);
	290	+ $table->render();
	291	+ }
	292	+
	293	+
	294	+ /**
	295	+ * Formats microtime into a human readable format
	296	+ *
	297	+ * @return string
	298	+ */
	299	+ protected function formatExecTime() {
	300	+ $secs = round($this->execTime);
	301	+ # convert seconds into HH:MM:SS form
	302	+ return sprintf('%02d:%02d:%02d', ($secs / 3600), ($secs / 60 % 60), $secs % 60);
	303	+ }
	304	+
	305	+ /**
	306	+ * @return \OCP\IDBConnection
	307	+ */
	308	+ protected function reconnectToDatabase(OutputInterface $output) {
	309	+ /** @var Connection \| IDBConnection $connection */
	310	+ $connection = \OC::$server->getDatabaseConnection();
	311	+ try {
	312	+ $connection->close();
	313	+ } catch (\Exception $ex) {
	314	+ $output->writeln("<info>Error while disconnecting from database: {$ex->getMessage()}</info>");
	315	+ }
	316	+ while (!$connection->isConnected()) {
	317	+ try {
	318	+ $connection->connect();
	319	+ } catch (\Exception $ex) {
	320	+ $output->writeln("<info>Error while re-connecting to database: {$ex->getMessage()}</info>");
	321	+ sleep(60);
	322	+ }
	323	+ }
	324	+ return $connection;
	325	+ }
326	326	}

		@@ -31,185 +31,185 @@
		block discarded – undo
31	31
32	32	interface ILDAPWrapper {
33	33
34		- //LDAP functions in use
35		-
36		- /**
37		- * Bind to LDAP directory
38		- * @param resource $link LDAP link resource
39		- * @param string $dn an RDN to log in with
40		- * @param string $password the password
41		- * @return bool true on success, false otherwise
42		- *
43		- * with $dn and $password as null a anonymous bind is attempted.
44		- */
45		- public function bind($link, $dn, $password);
46		-
47		- /**
48		- * connect to an LDAP server
49		- * @param string $host The host to connect to
50		- * @param string $port The port to connect to
51		- * @return mixed a link resource on success, otherwise false
52		- */
53		- public function connect($host, $port);
54		-
55		- /**
56		- * Send LDAP pagination control
57		- * @param resource $link LDAP link resource
58		- * @param int $pageSize number of results per page
59		- * @param bool $isCritical Indicates whether the pagination is critical of not.
60		- * @param string $cookie structure sent by LDAP server
61		- * @return bool true on success, false otherwise
62		- */
63		- public function controlPagedResult($link, $pageSize, $isCritical);
64		-
65		- /**
66		- * Retrieve the LDAP pagination cookie
67		- * @param resource $link LDAP link resource
68		- * @param resource $result LDAP result resource
69		- * @param string $cookie structure sent by LDAP server
70		- * @return bool true on success, false otherwise
71		- *
72		- * Corresponds to ldap_control_paged_result_response
73		- */
74		- public function controlPagedResultResponse($link, $result, &$cookie);
75		-
76		- /**
77		- * Count the number of entries in a search
78		- * @param resource $link LDAP link resource
79		- * @param resource $result LDAP result resource
80		- * @return int\|false number of results on success, false otherwise
81		- */
82		- public function countEntries($link, $result);
83		-
84		- /**
85		- * Return the LDAP error number of the last LDAP command
86		- * @param resource $link LDAP link resource
87		- * @return int error code
88		- */
89		- public function errno($link);
90		-
91		- /**
92		- * Return the LDAP error message of the last LDAP command
93		- * @param resource $link LDAP link resource
94		- * @return string error message
95		- */
96		- public function error($link);
97		-
98		- /**
99		- * Splits DN into its component parts
100		- * @param string $dn
101		- * @param int @withAttrib
102		- * @return array\|false
103		- * @link https://www.php.net/manual/en/function.ldap-explode-dn.php
104		- */
105		- public function explodeDN($dn, $withAttrib);
106		-
107		- /**
108		- * Return first result id
109		- * @param resource $link LDAP link resource
110		- * @param resource $result LDAP result resource
111		- * @return Resource an LDAP search result resource
112		- * */
113		- public function firstEntry($link, $result);
114		-
115		- /**
116		- * Get attributes from a search result entry
117		- * @param resource $link LDAP link resource
118		- * @param resource $result LDAP result resource
119		- * @return array containing the results, false on error
120		- * */
121		- public function getAttributes($link, $result);
122		-
123		- /**
124		- * Get the DN of a result entry
125		- * @param resource $link LDAP link resource
126		- * @param resource $result LDAP result resource
127		- * @return string containing the DN, false on error
128		- */
129		- public function getDN($link, $result);
130		-
131		- /**
132		- * Get all result entries
133		- * @param resource $link LDAP link resource
134		- * @param resource $result LDAP result resource
135		- * @return array containing the results, false on error
136		- */
137		- public function getEntries($link, $result);
138		-
139		- /**
140		- * Return next result id
141		- * @param resource $link LDAP link resource
142		- * @param resource $result LDAP entry result resource
143		- * @return resource an LDAP search result resource
144		- * */
145		- public function nextEntry($link, $result);
146		-
147		- /**
148		- * Read an entry
149		- * @param resource $link LDAP link resource
150		- * @param array $baseDN The DN of the entry to read from
151		- * @param string $filter An LDAP filter
152		- * @param array $attr array of the attributes to read
153		- * @return resource an LDAP search result resource
154		- */
155		- public function read($link, $baseDN, $filter, $attr);
156		-
157		- /**
158		- * Search LDAP tree
159		- * @param resource $link LDAP link resource
160		- * @param string $baseDN The DN of the entry to read from
161		- * @param string $filter An LDAP filter
162		- * @param array $attr array of the attributes to read
163		- * @param int $attrsOnly optional, 1 if only attribute types shall be returned
164		- * @param int $limit optional, limits the result entries
165		- * @return resource\|false an LDAP search result resource, false on error
166		- */
167		- public function search($link, $baseDN, $filter, $attr, $attrsOnly = 0, $limit = 0);
168		-
169		- /**
170		- * Replace the value of a userPassword by $password
171		- * @param resource $link LDAP link resource
172		- * @param string $userDN the DN of the user whose password is to be replaced
173		- * @param string $password the new value for the userPassword
174		- * @return bool true on success, false otherwise
175		- */
176		- public function modReplace($link, $userDN, $password);
177		-
178		- /**
179		- * Sets the value of the specified option to be $value
180		- * @param resource $link LDAP link resource
181		- * @param string $option a defined LDAP Server option
182		- * @param int $value the new value for the option
183		- * @return bool true on success, false otherwise
184		- */
185		- public function setOption($link, $option, $value);
186		-
187		- /**
188		- * establish Start TLS
189		- * @param resource $link LDAP link resource
190		- * @return bool true on success, false otherwise
191		- */
192		- public function startTls($link);
193		-
194		- /**
195		- * Unbind from LDAP directory
196		- * @param resource $link LDAP link resource
197		- * @return bool true on success, false otherwise
198		- */
199		- public function unbind($link);
200		-
201		- //additional required methods in Nextcloud
202		-
203		- /**
204		- * Checks whether the server supports LDAP
205		- * @return bool true if it the case, false otherwise
206		- * */
207		- public function areLDAPFunctionsAvailable();
208		-
209		- /**
210		- * Checks whether the submitted parameter is a resource
211		- * @param resource $resource the resource variable to check
212		- * @return bool true if it is a resource, false otherwise
213		- */
214		- public function isResource($resource);
	34	+ //LDAP functions in use
	35	+
	36	+ /**
	37	+ * Bind to LDAP directory
	38	+ * @param resource $link LDAP link resource
	39	+ * @param string $dn an RDN to log in with
	40	+ * @param string $password the password
	41	+ * @return bool true on success, false otherwise
	42	+ *
	43	+ * with $dn and $password as null a anonymous bind is attempted.
	44	+ */
	45	+ public function bind($link, $dn, $password);
	46	+
	47	+ /**
	48	+ * connect to an LDAP server
	49	+ * @param string $host The host to connect to
	50	+ * @param string $port The port to connect to
	51	+ * @return mixed a link resource on success, otherwise false
	52	+ */
	53	+ public function connect($host, $port);
	54	+
	55	+ /**
	56	+ * Send LDAP pagination control
	57	+ * @param resource $link LDAP link resource
	58	+ * @param int $pageSize number of results per page
	59	+ * @param bool $isCritical Indicates whether the pagination is critical of not.
	60	+ * @param string $cookie structure sent by LDAP server
	61	+ * @return bool true on success, false otherwise
	62	+ */
	63	+ public function controlPagedResult($link, $pageSize, $isCritical);
	64	+
	65	+ /**
	66	+ * Retrieve the LDAP pagination cookie
	67	+ * @param resource $link LDAP link resource
	68	+ * @param resource $result LDAP result resource
	69	+ * @param string $cookie structure sent by LDAP server
	70	+ * @return bool true on success, false otherwise
	71	+ *
	72	+ * Corresponds to ldap_control_paged_result_response
	73	+ */
	74	+ public function controlPagedResultResponse($link, $result, &$cookie);
	75	+
	76	+ /**
	77	+ * Count the number of entries in a search
	78	+ * @param resource $link LDAP link resource
	79	+ * @param resource $result LDAP result resource
	80	+ * @return int\|false number of results on success, false otherwise
	81	+ */
	82	+ public function countEntries($link, $result);
	83	+
	84	+ /**
	85	+ * Return the LDAP error number of the last LDAP command
	86	+ * @param resource $link LDAP link resource
	87	+ * @return int error code
	88	+ */
	89	+ public function errno($link);
	90	+
	91	+ /**
	92	+ * Return the LDAP error message of the last LDAP command
	93	+ * @param resource $link LDAP link resource
	94	+ * @return string error message
	95	+ */
	96	+ public function error($link);
	97	+
	98	+ /**
	99	+ * Splits DN into its component parts
	100	+ * @param string $dn
	101	+ * @param int @withAttrib
	102	+ * @return array\|false
	103	+ * @link https://www.php.net/manual/en/function.ldap-explode-dn.php
	104	+ */
	105	+ public function explodeDN($dn, $withAttrib);
	106	+
	107	+ /**
	108	+ * Return first result id
	109	+ * @param resource $link LDAP link resource
	110	+ * @param resource $result LDAP result resource
	111	+ * @return Resource an LDAP search result resource
	112	+ * */
	113	+ public function firstEntry($link, $result);
	114	+
	115	+ /**
	116	+ * Get attributes from a search result entry
	117	+ * @param resource $link LDAP link resource
	118	+ * @param resource $result LDAP result resource
	119	+ * @return array containing the results, false on error
	120	+ * */
	121	+ public function getAttributes($link, $result);
	122	+
	123	+ /**
	124	+ * Get the DN of a result entry
	125	+ * @param resource $link LDAP link resource
	126	+ * @param resource $result LDAP result resource
	127	+ * @return string containing the DN, false on error
	128	+ */
	129	+ public function getDN($link, $result);
	130	+
	131	+ /**
	132	+ * Get all result entries
	133	+ * @param resource $link LDAP link resource
	134	+ * @param resource $result LDAP result resource
	135	+ * @return array containing the results, false on error
	136	+ */
	137	+ public function getEntries($link, $result);
	138	+
	139	+ /**
	140	+ * Return next result id
	141	+ * @param resource $link LDAP link resource
	142	+ * @param resource $result LDAP entry result resource
	143	+ * @return resource an LDAP search result resource
	144	+ * */
	145	+ public function nextEntry($link, $result);
	146	+
	147	+ /**
	148	+ * Read an entry
	149	+ * @param resource $link LDAP link resource
	150	+ * @param array $baseDN The DN of the entry to read from
	151	+ * @param string $filter An LDAP filter
	152	+ * @param array $attr array of the attributes to read
	153	+ * @return resource an LDAP search result resource
	154	+ */
	155	+ public function read($link, $baseDN, $filter, $attr);
	156	+
	157	+ /**
	158	+ * Search LDAP tree
	159	+ * @param resource $link LDAP link resource
	160	+ * @param string $baseDN The DN of the entry to read from
	161	+ * @param string $filter An LDAP filter
	162	+ * @param array $attr array of the attributes to read
	163	+ * @param int $attrsOnly optional, 1 if only attribute types shall be returned
	164	+ * @param int $limit optional, limits the result entries
	165	+ * @return resource\|false an LDAP search result resource, false on error
	166	+ */
	167	+ public function search($link, $baseDN, $filter, $attr, $attrsOnly = 0, $limit = 0);
	168	+
	169	+ /**
	170	+ * Replace the value of a userPassword by $password
	171	+ * @param resource $link LDAP link resource
	172	+ * @param string $userDN the DN of the user whose password is to be replaced
	173	+ * @param string $password the new value for the userPassword
	174	+ * @return bool true on success, false otherwise
	175	+ */
	176	+ public function modReplace($link, $userDN, $password);
	177	+
	178	+ /**
	179	+ * Sets the value of the specified option to be $value
	180	+ * @param resource $link LDAP link resource
	181	+ * @param string $option a defined LDAP Server option
	182	+ * @param int $value the new value for the option
	183	+ * @return bool true on success, false otherwise
	184	+ */
	185	+ public function setOption($link, $option, $value);
	186	+
	187	+ /**
	188	+ * establish Start TLS
	189	+ * @param resource $link LDAP link resource
	190	+ * @return bool true on success, false otherwise
	191	+ */
	192	+ public function startTls($link);
	193	+
	194	+ /**
	195	+ * Unbind from LDAP directory
	196	+ * @param resource $link LDAP link resource
	197	+ * @return bool true on success, false otherwise
	198	+ */
	199	+ public function unbind($link);
	200	+
	201	+ //additional required methods in Nextcloud
	202	+
	203	+ /**
	204	+ * Checks whether the server supports LDAP
	205	+ * @return bool true if it the case, false otherwise
	206	+ * */
	207	+ public function areLDAPFunctionsAvailable();
	208	+
	209	+ /**
	210	+ * Checks whether the submitted parameter is a resource
	211	+ * @param resource $resource the resource variable to check
	212	+ * @return bool true if it is a resource, false otherwise
	213	+ */
	214	+ public function isResource($resource);
215	215	}

nextcloud / server

Push — master ( 72fda1...adc4f1 )

Status

Category

Indentation +464 added lines, -464 removed lines patch added patch discarded remove patch

Indentation +239 added lines, -239 removed lines patch added patch discarded remove patch

Indentation +271 added lines, -271 removed lines patch added patch discarded remove patch

Indentation +181 added lines, -181 removed lines patch added patch discarded remove patch

Indentation +1975 added lines, -1975 removed lines patch added patch discarded remove patch

Indentation +383 added lines, -383 removed lines patch added patch discarded remove patch