Inspection of "Merge pull request #23700 from nextcloud/fix/noid/..." - nextcloud/server - Measure and Improve Code Quality continuously with Scrutinizer

Passed

Push — master ( ae54ae...41fe4d )

by Blizzz

created 2020-10-27 08:39 UTC

Status

Indentation +183 added lines, -183 removed lines patch added patch discarded remove patch

@@ -43,187 +43,187 @@
 block discarded – undo
  * @package OCA\User_LDAP\Jobs;
  */
 class CleanUp extends TimedJob {
-	/** @var int $limit amount of users that should be checked per run */
-	protected $limit;
-
-	/** @var int $defaultIntervalMin default interval in minutes */
-	protected $defaultIntervalMin = 51;
-
-	/** @var User_LDAP|User_Proxy $userBackend */
-	protected $userBackend;
-
-	/** @var \OCP\IConfig $ocConfig */
-	protected $ocConfig;
-
-	/** @var \OCP\IDBConnection $db */
-	protected $db;
-
-	/** @var Helper $ldapHelper */
-	protected $ldapHelper;
-
-	/** @var UserMapping */
-	protected $mapping;
-
-	/** @var DeletedUsersIndex */
-	protected $dui;
-
-	public function __construct(User_Proxy $userBackend, DeletedUsersIndex $dui) {
-		$minutes = \OC::$server->getConfig()->getSystemValue(
-			'ldapUserCleanupInterval', (string)$this->defaultIntervalMin);
-		$this->setInterval((int)$minutes * 60);
-		$this->userBackend = $userBackend;
-		$this->dui = $dui;
-	}
-
-	/**
-	 * assigns the instances passed to run() to the class properties
-	 * @param array $arguments
-	 */
-	public function setArguments($arguments) {
-		//Dependency Injection is not possible, because the constructor will
-		//only get values that are serialized to JSON. I.e. whatever we would
-		//pass in app.php we do add here, except something else is passed e.g.
-		//in tests.
-
-		if (isset($arguments['helper'])) {
-			$this->ldapHelper = $arguments['helper'];
-		} else {
-			$this->ldapHelper = new Helper(\OC::$server->getConfig());
-		}
-
-		if (isset($arguments['ocConfig'])) {
-			$this->ocConfig = $arguments['ocConfig'];
-		} else {
-			$this->ocConfig = \OC::$server->getConfig();
-		}
-
-		if (isset($arguments['userBackend'])) {
-			$this->userBackend = $arguments['userBackend'];
-		}
-
-		if (isset($arguments['db'])) {
-			$this->db = $arguments['db'];
-		} else {
-			$this->db = \OC::$server->getDatabaseConnection();
-		}
-
-		if (isset($arguments['mapping'])) {
-			$this->mapping = $arguments['mapping'];
-		} else {
-			$this->mapping = new UserMapping($this->db);
-		}
-
-		if (isset($arguments['deletedUsersIndex'])) {
-			$this->dui = $arguments['deletedUsersIndex'];
-		}
-	}
-
-	/**
-	 * makes the background job do its work
-	 * @param array $argument
-	 */
-	public function run($argument) {
-		$this->setArguments($argument);
-
-		if (!$this->isCleanUpAllowed()) {
-			return;
-		}
-		$users = $this->mapping->getList($this->getOffset(), $this->getChunkSize());
-		if (!is_array($users)) {
-			//something wrong? Let's start from the beginning next time and
-			//abort
-			$this->setOffset(true);
-			return;
-		}
-		$resetOffset = $this->isOffsetResetNecessary(count($users));
-		$this->checkUsers($users);
-		$this->setOffset($resetOffset);
-	}
-
-	/**
-	 * checks whether next run should start at 0 again
-	 * @param int $resultCount
-	 * @return bool
-	 */
-	public function isOffsetResetNecessary($resultCount) {
-		return $resultCount < $this->getChunkSize();
-	}
-
-	/**
-	 * checks whether cleaning up LDAP users is allowed
-	 * @return bool
-	 */
-	public function isCleanUpAllowed() {
-		try {
-			if ($this->ldapHelper->haveDisabledConfigurations()) {
-				return false;
-			}
-		} catch (\Exception $e) {
-			return false;
-		}
-
-		return $this->isCleanUpEnabled();
-	}
-
-	/**
-	 * checks whether clean up is enabled by configuration
-	 * @return bool
-	 */
-	private function isCleanUpEnabled() {
-		return (bool)$this->ocConfig->getSystemValue(
-			'ldapUserCleanupInterval', (string)$this->defaultIntervalMin);
-	}
-
-	/**
-	 * checks users whether they are still existing
-	 * @param array $users result from getMappedUsers()
-	 */
-	private function checkUsers(array $users) {
-		foreach ($users as $user) {
-			$this->checkUser($user);
-		}
-	}
-
-	/**
-	 * checks whether a user is still existing in LDAP
-	 * @param string[] $user
-	 */
-	private function checkUser(array $user) {
-		if ($this->userBackend->userExistsOnLDAP($user['name'])) {
-			//still available, all good
-
-			return;
-		}
-
-		$this->dui->markUser($user['name']);
-	}
-
-	/**
-	 * gets the offset to fetch users from the mappings table
-	 * @return int
-	 */
-	private function getOffset() {
-		return (int)$this->ocConfig->getAppValue('user_ldap', 'cleanUpJobOffset', 0);
-	}
-
-	/**
-	 * sets the new offset for the next run
-	 * @param bool $reset whether the offset should be set to 0
-	 */
-	public function setOffset($reset = false) {
-		$newOffset = $reset ? 0 :
-			$this->getOffset() + $this->getChunkSize();
-		$this->ocConfig->setAppValue('user_ldap', 'cleanUpJobOffset', $newOffset);
-	}
-
-	/**
-	 * returns the chunk size (limit in DB speak)
-	 * @return int
-	 */
-	public function getChunkSize() {
-		if ($this->limit === null) {
-			$this->limit = (int)$this->ocConfig->getAppValue('user_ldap', 'cleanUpJobChunkSize', 50);
-		}
-		return $this->limit;
-	}
+    /** @var int $limit amount of users that should be checked per run */
+    protected $limit;
+
+    /** @var int $defaultIntervalMin default interval in minutes */
+    protected $defaultIntervalMin = 51;
+
+    /** @var User_LDAP|User_Proxy $userBackend */
+    protected $userBackend;
+
+    /** @var \OCP\IConfig $ocConfig */
+    protected $ocConfig;
+
+    /** @var \OCP\IDBConnection $db */
+    protected $db;
+
+    /** @var Helper $ldapHelper */
+    protected $ldapHelper;
+
+    /** @var UserMapping */
+    protected $mapping;
+
+    /** @var DeletedUsersIndex */
+    protected $dui;
+
+    public function __construct(User_Proxy $userBackend, DeletedUsersIndex $dui) {
+        $minutes = \OC::$server->getConfig()->getSystemValue(
+            'ldapUserCleanupInterval', (string)$this->defaultIntervalMin);
+        $this->setInterval((int)$minutes * 60);
+        $this->userBackend = $userBackend;
+        $this->dui = $dui;
+    }
+
+    /**
+     * assigns the instances passed to run() to the class properties
+     * @param array $arguments
+     */
+    public function setArguments($arguments) {
+        //Dependency Injection is not possible, because the constructor will
+        //only get values that are serialized to JSON. I.e. whatever we would
+        //pass in app.php we do add here, except something else is passed e.g.
+        //in tests.
+
+        if (isset($arguments['helper'])) {
+            $this->ldapHelper = $arguments['helper'];
+        } else {
+            $this->ldapHelper = new Helper(\OC::$server->getConfig());
+        }
+
+        if (isset($arguments['ocConfig'])) {
+            $this->ocConfig = $arguments['ocConfig'];
+        } else {
+            $this->ocConfig = \OC::$server->getConfig();
+        }
+
+        if (isset($arguments['userBackend'])) {
+            $this->userBackend = $arguments['userBackend'];
+        }
+
+        if (isset($arguments['db'])) {
+            $this->db = $arguments['db'];
+        } else {
+            $this->db = \OC::$server->getDatabaseConnection();
+        }
+
+        if (isset($arguments['mapping'])) {
+            $this->mapping = $arguments['mapping'];
+        } else {
+            $this->mapping = new UserMapping($this->db);
+        }
+
+        if (isset($arguments['deletedUsersIndex'])) {
+            $this->dui = $arguments['deletedUsersIndex'];
+        }
+    }
+
+    /**
+     * makes the background job do its work
+     * @param array $argument
+     */
+    public function run($argument) {
+        $this->setArguments($argument);
+
+        if (!$this->isCleanUpAllowed()) {
+            return;
+        }
+        $users = $this->mapping->getList($this->getOffset(), $this->getChunkSize());
+        if (!is_array($users)) {
+            //something wrong? Let's start from the beginning next time and
+            //abort
+            $this->setOffset(true);
+            return;
+        }
+        $resetOffset = $this->isOffsetResetNecessary(count($users));
+        $this->checkUsers($users);
+        $this->setOffset($resetOffset);
+    }
+
+    /**
+     * checks whether next run should start at 0 again
+     * @param int $resultCount
+     * @return bool
+     */
+    public function isOffsetResetNecessary($resultCount) {
+        return $resultCount < $this->getChunkSize();
+    }
+
+    /**
+     * checks whether cleaning up LDAP users is allowed
+     * @return bool
+     */
+    public function isCleanUpAllowed() {
+        try {
+            if ($this->ldapHelper->haveDisabledConfigurations()) {
+                return false;
+            }
+        } catch (\Exception $e) {
+            return false;
+        }
+
+        return $this->isCleanUpEnabled();
+    }
+
+    /**
+     * checks whether clean up is enabled by configuration
+     * @return bool
+     */
+    private function isCleanUpEnabled() {
+        return (bool)$this->ocConfig->getSystemValue(
+            'ldapUserCleanupInterval', (string)$this->defaultIntervalMin);
+    }
+
+    /**
+     * checks users whether they are still existing
+     * @param array $users result from getMappedUsers()
+     */
+    private function checkUsers(array $users) {
+        foreach ($users as $user) {
+            $this->checkUser($user);
+        }
+    }
+
+    /**
+     * checks whether a user is still existing in LDAP
+     * @param string[] $user
+     */
+    private function checkUser(array $user) {
+        if ($this->userBackend->userExistsOnLDAP($user['name'])) {
+            //still available, all good
+
+            return;
+        }
+
+        $this->dui->markUser($user['name']);
+    }
+
+    /**
+     * gets the offset to fetch users from the mappings table
+     * @return int
+     */
+    private function getOffset() {
+        return (int)$this->ocConfig->getAppValue('user_ldap', 'cleanUpJobOffset', 0);
+    }
+
+    /**
+     * sets the new offset for the next run
+     * @param bool $reset whether the offset should be set to 0
+     */
+    public function setOffset($reset = false) {
+        $newOffset = $reset ? 0 :
+            $this->getOffset() + $this->getChunkSize();
+        $this->ocConfig->setAppValue('user_ldap', 'cleanUpJobOffset', $newOffset);
+    }
+
+    /**
+     * returns the chunk size (limit in DB speak)
+     * @return int
+     */
+    public function getChunkSize() {
+        if ($this->limit === null) {
+            $this->limit = (int)$this->ocConfig->getAppValue('user_ldap', 'cleanUpJobChunkSize', 50);
+        }
+        return $this->limit;
+    }
 }

Please login to merge, or discard this patch.

Spacing +7 added lines, -8 removed lines patch added patch discarded remove patch

@@ -69,8 +69,8 @@  discard block
 block discarded – undo
 
 	public function __construct(User_Proxy $userBackend, DeletedUsersIndex $dui) {
 		$minutes = \OC::$server->getConfig()->getSystemValue(
-			'ldapUserCleanupInterval', (string)$this->defaultIntervalMin);
-		$this->setInterval((int)$minutes * 60);
+			'ldapUserCleanupInterval', (string) $this->defaultIntervalMin);
+		$this->setInterval((int) $minutes * 60);
 		$this->userBackend = $userBackend;
 		$this->dui = $dui;
 	}
@@ -170,8 +170,8 @@  discard block
 block discarded – undo
 	 * @return bool
 	 */
 	private function isCleanUpEnabled() {
-		return (bool)$this->ocConfig->getSystemValue(
-			'ldapUserCleanupInterval', (string)$this->defaultIntervalMin);
+		return (bool) $this->ocConfig->getSystemValue(
+			'ldapUserCleanupInterval', (string) $this->defaultIntervalMin);
 	}
 
 	/**
@@ -203,7 +203,7 @@  discard block
 block discarded – undo
 	 * @return int
 	 */
 	private function getOffset() {
-		return (int)$this->ocConfig->getAppValue('user_ldap', 'cleanUpJobOffset', 0);
+		return (int) $this->ocConfig->getAppValue('user_ldap', 'cleanUpJobOffset', 0);
 	}
 
 	/**
@@ -211,8 +211,7 @@  discard block
 block discarded – undo
 	 * @param bool $reset whether the offset should be set to 0
 	 */
 	public function setOffset($reset = false) {
-		$newOffset = $reset ? 0 :
-			$this->getOffset() + $this->getChunkSize();
+		$newOffset = $reset ? 0 : $this->getOffset() + $this->getChunkSize();
 		$this->ocConfig->setAppValue('user_ldap', 'cleanUpJobOffset', $newOffset);
 	}
 
@@ -222,7 +221,7 @@  discard block
 block discarded – undo
 	 */
 	public function getChunkSize() {
 		if ($this->limit === null) {
-			$this->limit = (int)$this->ocConfig->getAppValue('user_ldap', 'cleanUpJobChunkSize', 50);
+			$this->limit = (int) $this->ocConfig->getAppValue('user_ldap', 'cleanUpJobChunkSize', 50);
 		}
 		return $this->limit;
 	}

Please login to merge, or discard this patch.

apps/user_ldap/lib/Jobs/Sync.php 1 patch

Indentation +329 added lines, -329 removed lines patch added patch discarded remove patch

@@ -40,333 +40,333 @@
 block discarded – undo
 use OCP\Notification\IManager;
 
 class Sync extends TimedJob {
-	public const MAX_INTERVAL = 12 * 60 * 60; // 12h
-	public const MIN_INTERVAL = 30 * 60; // 30min
-	/** @var  Helper */
-	protected $ldapHelper;
-	/** @var  LDAP */
-	protected $ldap;
-	/** @var  Manager */
-	protected $userManager;
-	/** @var UserMapping */
-	protected $mapper;
-	/** @var  IConfig */
-	protected $config;
-	/** @var  IAvatarManager */
-	protected $avatarManager;
-	/** @var  IDBConnection */
-	protected $dbc;
-	/** @var  IUserManager */
-	protected $ncUserManager;
-	/** @var  IManager */
-	protected $notificationManager;
-	/** @var ConnectionFactory */
-	protected $connectionFactory;
-	/** @var AccessFactory */
-	protected $accessFactory;
-
-	public function __construct(Manager  $userManager) {
-		$this->userManager = $userManager;
-		$this->setInterval(
-			\OC::$server->getConfig()->getAppValue(
-				'user_ldap',
-				'background_sync_interval',
-				self::MIN_INTERVAL
-			)
-		);
-	}
-
-	/**
-	 * updates the interval
-	 *
-	 * the idea is to adjust the interval depending on the amount of known users
-	 * and the attempt to update each user one day. At most it would run every
-	 * 30 minutes, and at least every 12 hours.
-	 */
-	public function updateInterval() {
-		$minPagingSize = $this->getMinPagingSize();
-		$mappedUsers = $this->mapper->count();
-
-		$runsPerDay = ($minPagingSize === 0 || $mappedUsers === 0) ? self::MAX_INTERVAL
-			: $mappedUsers / $minPagingSize;
-		$interval = floor(24 * 60 * 60 / $runsPerDay);
-		$interval = min(max($interval, self::MIN_INTERVAL), self::MAX_INTERVAL);
-
-		$this->config->setAppValue('user_ldap', 'background_sync_interval', $interval);
-	}
-
-	/**
-	 * returns the smallest configured paging size
-	 * @return int
-	 */
-	protected function getMinPagingSize() {
-		$configKeys = $this->config->getAppKeys('user_ldap');
-		$configKeys = array_filter($configKeys, function ($key) {
-			return strpos($key, 'ldap_paging_size') !== false;
-		});
-		$minPagingSize = null;
-		foreach ($configKeys as $configKey) {
-			$pagingSize = $this->config->getAppValue('user_ldap', $configKey, $minPagingSize);
-			$minPagingSize = $minPagingSize === null ? $pagingSize : min($minPagingSize, $pagingSize);
-		}
-		return (int)$minPagingSize;
-	}
-
-	/**
-	 * @param array $argument
-	 */
-	public function run($argument) {
-		$this->setArgument($argument);
-
-		$isBackgroundJobModeAjax = $this->config
-				->getAppValue('core', 'backgroundjobs_mode', 'ajax') === 'ajax';
-		if ($isBackgroundJobModeAjax) {
-			return;
-		}
-
-		$cycleData = $this->getCycle();
-		if ($cycleData === null) {
-			$cycleData = $this->determineNextCycle();
-			if ($cycleData === null) {
-				$this->updateInterval();
-				return;
-			}
-		}
-
-		if (!$this->qualifiesToRun($cycleData)) {
-			$this->updateInterval();
-			return;
-		}
-
-		try {
-			$expectMoreResults = $this->runCycle($cycleData);
-			if ($expectMoreResults) {
-				$this->increaseOffset($cycleData);
-			} else {
-				$this->determineNextCycle($cycleData);
-			}
-			$this->updateInterval();
-		} catch (ServerNotAvailableException $e) {
-			$this->determineNextCycle($cycleData);
-		}
-	}
-
-	/**
-	 * @param array $cycleData
-	 * @return bool whether more results are expected from the same configuration
-	 */
-	public function runCycle($cycleData) {
-		$connection = $this->connectionFactory->get($cycleData['prefix']);
-		$access = $this->accessFactory->get($connection);
-		$access->setUserMapper($this->mapper);
-
-		$filter = $access->combineFilterWithAnd([
-			$access->connection->ldapUserFilter,
-			$access->connection->ldapUserDisplayName . '=*',
-			$access->getFilterPartForUserSearch('')
-		]);
-		$results = $access->fetchListOfUsers(
-			$filter,
-			$access->userManager->getAttributes(),
-			$connection->ldapPagingSize,
-			$cycleData['offset'],
-			true
-		);
-
-		if ((int)$connection->ldapPagingSize === 0) {
-			return false;
-		}
-		return count($results) >= (int)$connection->ldapPagingSize;
-	}
-
-	/**
-	 * returns the info about the current cycle that should be run, if any,
-	 * otherwise null
-	 *
-	 * @return array|null
-	 */
-	public function getCycle() {
-		$prefixes = $this->ldapHelper->getServerConfigurationPrefixes(true);
-		if (count($prefixes) === 0) {
-			return null;
-		}
-
-		$cycleData = [
-			'prefix' => $this->config->getAppValue('user_ldap', 'background_sync_prefix', null),
-			'offset' => (int)$this->config->getAppValue('user_ldap', 'background_sync_offset', 0),
-		];
-
-		if (
-			$cycleData['prefix'] !== null
-			&& in_array($cycleData['prefix'], $prefixes)
-		) {
-			return $cycleData;
-		}
-
-		return null;
-	}
-
-	/**
-	 * Save the provided cycle information in the DB
-	 *
-	 * @param array $cycleData
-	 */
-	public function setCycle(array $cycleData) {
-		$this->config->setAppValue('user_ldap', 'background_sync_prefix', $cycleData['prefix']);
-		$this->config->setAppValue('user_ldap', 'background_sync_offset', $cycleData['offset']);
-	}
-
-	/**
-	 * returns data about the next cycle that should run, if any, otherwise
-	 * null. It also always goes for the next LDAP configuration!
-	 *
-	 * @param array|null $cycleData the old cycle
-	 * @return array|null
-	 */
-	public function determineNextCycle(array $cycleData = null) {
-		$prefixes = $this->ldapHelper->getServerConfigurationPrefixes(true);
-		if (count($prefixes) === 0) {
-			return null;
-		}
-
-		// get the next prefix in line and remember it
-		$oldPrefix = $cycleData === null ? null : $cycleData['prefix'];
-		$prefix = $this->getNextPrefix($oldPrefix);
-		if ($prefix === null) {
-			return null;
-		}
-		$cycleData['prefix'] = $prefix;
-		$cycleData['offset'] = 0;
-		$this->setCycle(['prefix' => $prefix, 'offset' => 0]);
-
-		return $cycleData;
-	}
-
-	/**
-	 * Checks whether the provided cycle should be run. Currently only the
-	 * last configuration change goes into account (at least one hour).
-	 *
-	 * @param $cycleData
-	 * @return bool
-	 */
-	public function qualifiesToRun($cycleData) {
-		$lastChange = $this->config->getAppValue('user_ldap', $cycleData['prefix'] . '_lastChange', 0);
-		if ((time() - $lastChange) > 60 * 30) {
-			return true;
-		}
-		return false;
-	}
-
-	/**
-	 * increases the offset of the current cycle for the next run
-	 *
-	 * @param $cycleData
-	 */
-	protected function increaseOffset($cycleData) {
-		$ldapConfig = new Configuration($cycleData['prefix']);
-		$cycleData['offset'] += (int)$ldapConfig->ldapPagingSize;
-		$this->setCycle($cycleData);
-	}
-
-	/**
-	 * determines the next configuration prefix based on the last one (if any)
-	 *
-	 * @param string|null $lastPrefix
-	 * @return string|null
-	 */
-	protected function getNextPrefix($lastPrefix) {
-		$prefixes = $this->ldapHelper->getServerConfigurationPrefixes(true);
-		$noOfPrefixes = count($prefixes);
-		if ($noOfPrefixes === 0) {
-			return null;
-		}
-		$i = $lastPrefix === null ? false : array_search($lastPrefix, $prefixes, true);
-		if ($i === false) {
-			$i = -1;
-		} else {
-			$i++;
-		}
-
-		if (!isset($prefixes[$i])) {
-			$i = 0;
-		}
-		return $prefixes[$i];
-	}
-
-	/**
-	 * "fixes" DI
-	 *
-	 * @param array $argument
-	 */
-	public function setArgument($argument) {
-		if (isset($argument['config'])) {
-			$this->config = $argument['config'];
-		} else {
-			$this->config = \OC::$server->getConfig();
-		}
-
-		if (isset($argument['helper'])) {
-			$this->ldapHelper = $argument['helper'];
-		} else {
-			$this->ldapHelper = new Helper($this->config);
-		}
-
-		if (isset($argument['ldapWrapper'])) {
-			$this->ldap = $argument['ldapWrapper'];
-		} else {
-			$this->ldap = new LDAP();
-		}
-
-		if (isset($argument['avatarManager'])) {
-			$this->avatarManager = $argument['avatarManager'];
-		} else {
-			$this->avatarManager = \OC::$server->getAvatarManager();
-		}
-
-		if (isset($argument['dbc'])) {
-			$this->dbc = $argument['dbc'];
-		} else {
-			$this->dbc = \OC::$server->getDatabaseConnection();
-		}
-
-		if (isset($argument['ncUserManager'])) {
-			$this->ncUserManager = $argument['ncUserManager'];
-		} else {
-			$this->ncUserManager = \OC::$server->getUserManager();
-		}
-
-		if (isset($argument['notificationManager'])) {
-			$this->notificationManager = $argument['notificationManager'];
-		} else {
-			$this->notificationManager = \OC::$server->getNotificationManager();
-		}
-
-		if (isset($argument['userManager'])) {
-			$this->userManager = $argument['userManager'];
-		}
-
-		if (isset($argument['mapper'])) {
-			$this->mapper = $argument['mapper'];
-		} else {
-			$this->mapper = new UserMapping($this->dbc);
-		}
-
-		if (isset($argument['connectionFactory'])) {
-			$this->connectionFactory = $argument['connectionFactory'];
-		} else {
-			$this->connectionFactory = new ConnectionFactory($this->ldap);
-		}
-
-		if (isset($argument['accessFactory'])) {
-			$this->accessFactory = $argument['accessFactory'];
-		} else {
-			$this->accessFactory = new AccessFactory(
-				$this->ldap,
-				$this->userManager,
-				$this->ldapHelper,
-				$this->config,
-				$this->ncUserManager
-			);
-		}
-	}
+    public const MAX_INTERVAL = 12 * 60 * 60; // 12h
+    public const MIN_INTERVAL = 30 * 60; // 30min
+    /** @var  Helper */
+    protected $ldapHelper;
+    /** @var  LDAP */
+    protected $ldap;
+    /** @var  Manager */
+    protected $userManager;
+    /** @var UserMapping */
+    protected $mapper;
+    /** @var  IConfig */
+    protected $config;
+    /** @var  IAvatarManager */
+    protected $avatarManager;
+    /** @var  IDBConnection */
+    protected $dbc;
+    /** @var  IUserManager */
+    protected $ncUserManager;
+    /** @var  IManager */
+    protected $notificationManager;
+    /** @var ConnectionFactory */
+    protected $connectionFactory;
+    /** @var AccessFactory */
+    protected $accessFactory;
+
+    public function __construct(Manager  $userManager) {
+        $this->userManager = $userManager;
+        $this->setInterval(
+            \OC::$server->getConfig()->getAppValue(
+                'user_ldap',
+                'background_sync_interval',
+                self::MIN_INTERVAL
+            )
+        );
+    }
+
+    /**
+     * updates the interval
+     *
+     * the idea is to adjust the interval depending on the amount of known users
+     * and the attempt to update each user one day. At most it would run every
+     * 30 minutes, and at least every 12 hours.
+     */
+    public function updateInterval() {
+        $minPagingSize = $this->getMinPagingSize();
+        $mappedUsers = $this->mapper->count();
+
+        $runsPerDay = ($minPagingSize === 0 || $mappedUsers === 0) ? self::MAX_INTERVAL
+            : $mappedUsers / $minPagingSize;
+        $interval = floor(24 * 60 * 60 / $runsPerDay);
+        $interval = min(max($interval, self::MIN_INTERVAL), self::MAX_INTERVAL);
+
+        $this->config->setAppValue('user_ldap', 'background_sync_interval', $interval);
+    }
+
+    /**
+     * returns the smallest configured paging size
+     * @return int
+     */
+    protected function getMinPagingSize() {
+        $configKeys = $this->config->getAppKeys('user_ldap');
+        $configKeys = array_filter($configKeys, function ($key) {
+            return strpos($key, 'ldap_paging_size') !== false;
+        });
+        $minPagingSize = null;
+        foreach ($configKeys as $configKey) {
+            $pagingSize = $this->config->getAppValue('user_ldap', $configKey, $minPagingSize);
+            $minPagingSize = $minPagingSize === null ? $pagingSize : min($minPagingSize, $pagingSize);
+        }
+        return (int)$minPagingSize;
+    }
+
+    /**
+     * @param array $argument
+     */
+    public function run($argument) {
+        $this->setArgument($argument);
+
+        $isBackgroundJobModeAjax = $this->config
+                ->getAppValue('core', 'backgroundjobs_mode', 'ajax') === 'ajax';
+        if ($isBackgroundJobModeAjax) {
+            return;
+        }
+
+        $cycleData = $this->getCycle();
+        if ($cycleData === null) {
+            $cycleData = $this->determineNextCycle();
+            if ($cycleData === null) {
+                $this->updateInterval();
+                return;
+            }
+        }
+
+        if (!$this->qualifiesToRun($cycleData)) {
+            $this->updateInterval();
+            return;
+        }
+
+        try {
+            $expectMoreResults = $this->runCycle($cycleData);
+            if ($expectMoreResults) {
+                $this->increaseOffset($cycleData);
+            } else {
+                $this->determineNextCycle($cycleData);
+            }
+            $this->updateInterval();
+        } catch (ServerNotAvailableException $e) {
+            $this->determineNextCycle($cycleData);
+        }
+    }
+
+    /**
+     * @param array $cycleData
+     * @return bool whether more results are expected from the same configuration
+     */
+    public function runCycle($cycleData) {
+        $connection = $this->connectionFactory->get($cycleData['prefix']);
+        $access = $this->accessFactory->get($connection);
+        $access->setUserMapper($this->mapper);
+
+        $filter = $access->combineFilterWithAnd([
+            $access->connection->ldapUserFilter,
+            $access->connection->ldapUserDisplayName . '=*',
+            $access->getFilterPartForUserSearch('')
+        ]);
+        $results = $access->fetchListOfUsers(
+            $filter,
+            $access->userManager->getAttributes(),
+            $connection->ldapPagingSize,
+            $cycleData['offset'],
+            true
+        );
+
+        if ((int)$connection->ldapPagingSize === 0) {
+            return false;
+        }
+        return count($results) >= (int)$connection->ldapPagingSize;
+    }
+
+    /**
+     * returns the info about the current cycle that should be run, if any,
+     * otherwise null
+     *
+     * @return array|null
+     */
+    public function getCycle() {
+        $prefixes = $this->ldapHelper->getServerConfigurationPrefixes(true);
+        if (count($prefixes) === 0) {
+            return null;
+        }
+
+        $cycleData = [
+            'prefix' => $this->config->getAppValue('user_ldap', 'background_sync_prefix', null),
+            'offset' => (int)$this->config->getAppValue('user_ldap', 'background_sync_offset', 0),
+        ];
+
+        if (
+            $cycleData['prefix'] !== null
+            && in_array($cycleData['prefix'], $prefixes)
+        ) {
+            return $cycleData;
+        }
+
+        return null;
+    }
+
+    /**
+     * Save the provided cycle information in the DB
+     *
+     * @param array $cycleData
+     */
+    public function setCycle(array $cycleData) {
+        $this->config->setAppValue('user_ldap', 'background_sync_prefix', $cycleData['prefix']);
+        $this->config->setAppValue('user_ldap', 'background_sync_offset', $cycleData['offset']);
+    }
+
+    /**
+     * returns data about the next cycle that should run, if any, otherwise
+     * null. It also always goes for the next LDAP configuration!
+     *
+     * @param array|null $cycleData the old cycle
+     * @return array|null
+     */
+    public function determineNextCycle(array $cycleData = null) {
+        $prefixes = $this->ldapHelper->getServerConfigurationPrefixes(true);
+        if (count($prefixes) === 0) {
+            return null;
+        }
+
+        // get the next prefix in line and remember it
+        $oldPrefix = $cycleData === null ? null : $cycleData['prefix'];
+        $prefix = $this->getNextPrefix($oldPrefix);
+        if ($prefix === null) {
+            return null;
+        }
+        $cycleData['prefix'] = $prefix;
+        $cycleData['offset'] = 0;
+        $this->setCycle(['prefix' => $prefix, 'offset' => 0]);
+
+        return $cycleData;
+    }
+
+    /**
+     * Checks whether the provided cycle should be run. Currently only the
+     * last configuration change goes into account (at least one hour).
+     *
+     * @param $cycleData
+     * @return bool
+     */
+    public function qualifiesToRun($cycleData) {
+        $lastChange = $this->config->getAppValue('user_ldap', $cycleData['prefix'] . '_lastChange', 0);
+        if ((time() - $lastChange) > 60 * 30) {
+            return true;
+        }
+        return false;
+    }
+
+    /**
+     * increases the offset of the current cycle for the next run
+     *
+     * @param $cycleData
+     */
+    protected function increaseOffset($cycleData) {
+        $ldapConfig = new Configuration($cycleData['prefix']);
+        $cycleData['offset'] += (int)$ldapConfig->ldapPagingSize;
+        $this->setCycle($cycleData);
+    }
+
+    /**
+     * determines the next configuration prefix based on the last one (if any)
+     *
+     * @param string|null $lastPrefix
+     * @return string|null
+     */
+    protected function getNextPrefix($lastPrefix) {
+        $prefixes = $this->ldapHelper->getServerConfigurationPrefixes(true);
+        $noOfPrefixes = count($prefixes);
+        if ($noOfPrefixes === 0) {
+            return null;
+        }
+        $i = $lastPrefix === null ? false : array_search($lastPrefix, $prefixes, true);
+        if ($i === false) {
+            $i = -1;
+        } else {
+            $i++;
+        }
+
+        if (!isset($prefixes[$i])) {
+            $i = 0;
+        }
+        return $prefixes[$i];
+    }
+
+    /**
+     * "fixes" DI
+     *
+     * @param array $argument
+     */
+    public function setArgument($argument) {
+        if (isset($argument['config'])) {
+            $this->config = $argument['config'];
+        } else {
+            $this->config = \OC::$server->getConfig();
+        }
+
+        if (isset($argument['helper'])) {
+            $this->ldapHelper = $argument['helper'];
+        } else {
+            $this->ldapHelper = new Helper($this->config);
+        }
+
+        if (isset($argument['ldapWrapper'])) {
+            $this->ldap = $argument['ldapWrapper'];
+        } else {
+            $this->ldap = new LDAP();
+        }
+
+        if (isset($argument['avatarManager'])) {
+            $this->avatarManager = $argument['avatarManager'];
+        } else {
+            $this->avatarManager = \OC::$server->getAvatarManager();
+        }
+
+        if (isset($argument['dbc'])) {
+            $this->dbc = $argument['dbc'];
+        } else {
+            $this->dbc = \OC::$server->getDatabaseConnection();
+        }
+
+        if (isset($argument['ncUserManager'])) {
+            $this->ncUserManager = $argument['ncUserManager'];
+        } else {
+            $this->ncUserManager = \OC::$server->getUserManager();
+        }
+
+        if (isset($argument['notificationManager'])) {
+            $this->notificationManager = $argument['notificationManager'];
+        } else {
+            $this->notificationManager = \OC::$server->getNotificationManager();
+        }
+
+        if (isset($argument['userManager'])) {
+            $this->userManager = $argument['userManager'];
+        }
+
+        if (isset($argument['mapper'])) {
+            $this->mapper = $argument['mapper'];
+        } else {
+            $this->mapper = new UserMapping($this->dbc);
+        }
+
+        if (isset($argument['connectionFactory'])) {
+            $this->connectionFactory = $argument['connectionFactory'];
+        } else {
+            $this->connectionFactory = new ConnectionFactory($this->ldap);
+        }
+
+        if (isset($argument['accessFactory'])) {
+            $this->accessFactory = $argument['accessFactory'];
+        } else {
+            $this->accessFactory = new AccessFactory(
+                $this->ldap,
+                $this->userManager,
+                $this->ldapHelper,
+                $this->config,
+                $this->ncUserManager
+            );
+        }
+    }
 }

Please login to merge, or discard this patch.

apps/user_ldap/lib/Access.php 1 patch

Indentation +1975 added lines, -1975 removed lines patch added patch discarded remove patch

@@ -65,1762 +65,1762 @@  discard block
 block discarded – undo
  * @package OCA\User_LDAP
  */
 class Access extends LDAPUtility {
-	public const UUID_ATTRIBUTES = ['entryuuid', 'nsuniqueid', 'objectguid', 'guid', 'ipauniqueid'];
-
-	/** @var \OCA\User_LDAP\Connection */
-	public $connection;
-	/** @var Manager */
-	public $userManager;
-	//never ever check this var directly, always use getPagedSearchResultState
-	protected $pagedSearchedSuccessful;
-
-	/**
-	 * @var UserMapping $userMapper
-	 */
-	protected $userMapper;
-
-	/**
-	 * @var AbstractMapping $userMapper
-	 */
-	protected $groupMapper;
-
-	/**
-	 * @var \OCA\User_LDAP\Helper
-	 */
-	private $helper;
-	/** @var IConfig */
-	private $config;
-	/** @var IUserManager */
-	private $ncUserManager;
-	/** @var string */
-	private $lastCookie = '';
-
-	public function __construct(
-		Connection $connection,
-		ILDAPWrapper $ldap,
-		Manager $userManager,
-		Helper $helper,
-		IConfig $config,
-		IUserManager $ncUserManager
-	) {
-		parent::__construct($ldap);
-		$this->connection = $connection;
-		$this->userManager = $userManager;
-		$this->userManager->setLdapAccess($this);
-		$this->helper = $helper;
-		$this->config = $config;
-		$this->ncUserManager = $ncUserManager;
-	}
-
-	/**
-	 * sets the User Mapper
-	 *
-	 * @param AbstractMapping $mapper
-	 */
-	public function setUserMapper(AbstractMapping $mapper) {
-		$this->userMapper = $mapper;
-	}
-
-	/**
-	 * @throws \Exception
-	 */
-	public function getUserMapper(): UserMapping {
-		if (is_null($this->userMapper)) {
-			throw new \Exception('UserMapper was not assigned to this Access instance.');
-		}
-		return $this->userMapper;
-	}
-
-	/**
-	 * sets the Group Mapper
-	 *
-	 * @param AbstractMapping $mapper
-	 */
-	public function setGroupMapper(AbstractMapping $mapper) {
-		$this->groupMapper = $mapper;
-	}
-
-	/**
-	 * returns the Group Mapper
-	 *
-	 * @return AbstractMapping
-	 * @throws \Exception
-	 */
-	public function getGroupMapper() {
-		if (is_null($this->groupMapper)) {
-			throw new \Exception('GroupMapper was not assigned to this Access instance.');
-		}
-		return $this->groupMapper;
-	}
-
-	/**
-	 * @return bool
-	 */
-	private function checkConnection() {
-		return ($this->connection instanceof Connection);
-	}
-
-	/**
-	 * returns the Connection instance
-	 *
-	 * @return \OCA\User_LDAP\Connection
-	 */
-	public function getConnection() {
-		return $this->connection;
-	}
-
-	/**
-	 * reads a given attribute for an LDAP record identified by a DN
-	 *
-	 * @param string $dn the record in question
-	 * @param string $attr the attribute that shall be retrieved
-	 *        if empty, just check the record's existence
-	 * @param string $filter
-	 * @return array|false an array of values on success or an empty
-	 *          array if $attr is empty, false otherwise
-	 * @throws ServerNotAvailableException
-	 */
-	public function readAttribute($dn, $attr, $filter = 'objectClass=*') {
-		if (!$this->checkConnection()) {
-			\OCP\Util::writeLog('user_ldap',
-				'No LDAP Connector assigned, access impossible for readAttribute.',
-				ILogger::WARN);
-			return false;
-		}
-		$cr = $this->connection->getConnectionResource();
-		if (!$this->ldap->isResource($cr)) {
-			//LDAP not available
-			\OCP\Util::writeLog('user_ldap', 'LDAP resource not available.', ILogger::DEBUG);
-			return false;
-		}
-		//Cancel possibly running Paged Results operation, otherwise we run in
-		//LDAP protocol errors
-		$this->abandonPagedSearch();
-		// openLDAP requires that we init a new Paged Search. Not needed by AD,
-		// but does not hurt either.
-		$pagingSize = (int)$this->connection->ldapPagingSize;
-		// 0 won't result in replies, small numbers may leave out groups
-		// (cf. #12306), 500 is default for paging and should work everywhere.
-		$maxResults = $pagingSize > 20 ? $pagingSize : 500;
-		$attr = mb_strtolower($attr, 'UTF-8');
-		// the actual read attribute later may contain parameters on a ranged
-		// request, e.g. member;range=99-199. Depends on server reply.
-		$attrToRead = $attr;
-
-		$values = [];
-		$isRangeRequest = false;
-		do {
-			$result = $this->executeRead($cr, $dn, $attrToRead, $filter, $maxResults);
-			if (is_bool($result)) {
-				// when an exists request was run and it was successful, an empty
-				// array must be returned
-				return $result ? [] : false;
-			}
-
-			if (!$isRangeRequest) {
-				$values = $this->extractAttributeValuesFromResult($result, $attr);
-				if (!empty($values)) {
-					return $values;
-				}
-			}
-
-			$isRangeRequest = false;
-			$result = $this->extractRangeData($result, $attr);
-			if (!empty($result)) {
-				$normalizedResult = $this->extractAttributeValuesFromResult(
-					[$attr => $result['values']],
-					$attr
-				);
-				$values = array_merge($values, $normalizedResult);
-
-				if ($result['rangeHigh'] === '*') {
-					// when server replies with * as high range value, there are
-					// no more results left
-					return $values;
-				} else {
-					$low = $result['rangeHigh'] + 1;
-					$attrToRead = $result['attributeName'] . ';range=' . $low . '-*';
-					$isRangeRequest = true;
-				}
-			}
-		} while ($isRangeRequest);
-
-		\OCP\Util::writeLog('user_ldap', 'Requested attribute ' . $attr . ' not found for ' . $dn, ILogger::DEBUG);
-		return false;
-	}
-
-	/**
-	 * Runs an read operation against LDAP
-	 *
-	 * @param resource $cr the LDAP connection
-	 * @param string $dn
-	 * @param string $attribute
-	 * @param string $filter
-	 * @param int $maxResults
-	 * @return array|bool false if there was any error, true if an exists check
-	 *                    was performed and the requested DN found, array with the
-	 *                    returned data on a successful usual operation
-	 * @throws ServerNotAvailableException
-	 */
-	public function executeRead($cr, $dn, $attribute, $filter, $maxResults) {
-		$this->initPagedSearch($filter, $dn, [$attribute], $maxResults, 0);
-		$dn = $this->helper->DNasBaseParameter($dn);
-		$rr = @$this->invokeLDAPMethod('read', $cr, $dn, $filter, [$attribute]);
-		if (!$this->ldap->isResource($rr)) {
-			if ($attribute !== '') {
-				//do not throw this message on userExists check, irritates
-				\OCP\Util::writeLog('user_ldap', 'readAttribute failed for DN ' . $dn, ILogger::DEBUG);
-			}
-			//in case an error occurs , e.g. object does not exist
-			return false;
-		}
-		if ($attribute === '' && ($filter === 'objectclass=*' || $this->invokeLDAPMethod('countEntries', $cr, $rr) === 1)) {
-			\OCP\Util::writeLog('user_ldap', 'readAttribute: ' . $dn . ' found', ILogger::DEBUG);
-			return true;
-		}
-		$er = $this->invokeLDAPMethod('firstEntry', $cr, $rr);
-		if (!$this->ldap->isResource($er)) {
-			//did not match the filter, return false
-			return false;
-		}
-		//LDAP attributes are not case sensitive
-		$result = \OCP\Util::mb_array_change_key_case(
-			$this->invokeLDAPMethod('getAttributes', $cr, $er), MB_CASE_LOWER, 'UTF-8');
-
-		return $result;
-	}
-
-	/**
-	 * Normalizes a result grom getAttributes(), i.e. handles DNs and binary
-	 * data if present.
-	 *
-	 * @param array $result from ILDAPWrapper::getAttributes()
-	 * @param string $attribute the attribute name that was read
-	 * @return string[]
-	 */
-	public function extractAttributeValuesFromResult($result, $attribute) {
-		$values = [];
-		if (isset($result[$attribute]) && $result[$attribute]['count'] > 0) {
-			$lowercaseAttribute = strtolower($attribute);
-			for ($i = 0; $i < $result[$attribute]['count']; $i++) {
-				if ($this->resemblesDN($attribute)) {
-					$values[] = $this->helper->sanitizeDN($result[$attribute][$i]);
-				} elseif ($lowercaseAttribute === 'objectguid' || $lowercaseAttribute === 'guid') {
-					$values[] = $this->convertObjectGUID2Str($result[$attribute][$i]);
-				} else {
-					$values[] = $result[$attribute][$i];
-				}
-			}
-		}
-		return $values;
-	}
-
-	/**
-	 * Attempts to find ranged data in a getAttribute results and extracts the
-	 * returned values as well as information on the range and full attribute
-	 * name for further processing.
-	 *
-	 * @param array $result from ILDAPWrapper::getAttributes()
-	 * @param string $attribute the attribute name that was read. Without ";range=…"
-	 * @return array If a range was detected with keys 'values', 'attributeName',
-	 *               'attributeFull' and 'rangeHigh', otherwise empty.
-	 */
-	public function extractRangeData($result, $attribute) {
-		$keys = array_keys($result);
-		foreach ($keys as $key) {
-			if ($key !== $attribute && strpos($key, $attribute) === 0) {
-				$queryData = explode(';', $key);
-				if (strpos($queryData[1], 'range=') === 0) {
-					$high = substr($queryData[1], 1 + strpos($queryData[1], '-'));
-					$data = [
-						'values' => $result[$key],
-						'attributeName' => $queryData[0],
-						'attributeFull' => $key,
-						'rangeHigh' => $high,
-					];
-					return $data;
-				}
-			}
-		}
-		return [];
-	}
-
-	/**
-	 * Set password for an LDAP user identified by a DN
-	 *
-	 * @param string $userDN the user in question
-	 * @param string $password the new password
-	 * @return bool
-	 * @throws HintException
-	 * @throws \Exception
-	 */
-	public function setPassword($userDN, $password) {
-		if ((int)$this->connection->turnOnPasswordChange !== 1) {
-			throw new \Exception('LDAP password changes are disabled.');
-		}
-		$cr = $this->connection->getConnectionResource();
-		if (!$this->ldap->isResource($cr)) {
-			//LDAP not available
-			\OCP\Util::writeLog('user_ldap', 'LDAP resource not available.', ILogger::DEBUG);
-			return false;
-		}
-		try {
-			// try PASSWD extended operation first
-			return @$this->invokeLDAPMethod('exopPasswd', $cr, $userDN, '', $password) ||
-				@$this->invokeLDAPMethod('modReplace', $cr, $userDN, $password);
-		} catch (ConstraintViolationException $e) {
-			throw new HintException('Password change rejected.', \OC::$server->getL10N('user_ldap')->t('Password change rejected. Hint: ') . $e->getMessage(), $e->getCode());
-		}
-	}
-
-	/**
-	 * checks whether the given attributes value is probably a DN
-	 *
-	 * @param string $attr the attribute in question
-	 * @return boolean if so true, otherwise false
-	 */
-	private function resemblesDN($attr) {
-		$resemblingAttributes = [
-			'dn',
-			'uniquemember',
-			'member',
-			// memberOf is an "operational" attribute, without a definition in any RFC
-			'memberof'
-		];
-		return in_array($attr, $resemblingAttributes);
-	}
-
-	/**
-	 * checks whether the given string is probably a DN
-	 *
-	 * @param string $string
-	 * @return boolean
-	 */
-	public function stringResemblesDN($string) {
-		$r = $this->ldap->explodeDN($string, 0);
-		// if exploding a DN succeeds and does not end up in
-		// an empty array except for $r[count] being 0.
-		return (is_array($r) && count($r) > 1);
-	}
-
-	/**
-	 * returns a DN-string that is cleaned from not domain parts, e.g.
-	 * cn=foo,cn=bar,dc=foobar,dc=server,dc=org
-	 * becomes dc=foobar,dc=server,dc=org
-	 *
-	 * @param string $dn
-	 * @return string
-	 */
-	public function getDomainDNFromDN($dn) {
-		$allParts = $this->ldap->explodeDN($dn, 0);
-		if ($allParts === false) {
-			//not a valid DN
-			return '';
-		}
-		$domainParts = [];
-		$dcFound = false;
-		foreach ($allParts as $part) {
-			if (!$dcFound && strpos($part, 'dc=') === 0) {
-				$dcFound = true;
-			}
-			if ($dcFound) {
-				$domainParts[] = $part;
-			}
-		}
-		return implode(',', $domainParts);
-	}
-
-	/**
-	 * returns the LDAP DN for the given internal Nextcloud name of the group
-	 *
-	 * @param string $name the Nextcloud name in question
-	 * @return string|false LDAP DN on success, otherwise false
-	 */
-	public function groupname2dn($name) {
-		return $this->groupMapper->getDNByName($name);
-	}
-
-	/**
-	 * returns the LDAP DN for the given internal Nextcloud name of the user
-	 *
-	 * @param string $name the Nextcloud name in question
-	 * @return string|false with the LDAP DN on success, otherwise false
-	 */
-	public function username2dn($name) {
-		$fdn = $this->userMapper->getDNByName($name);
-
-		//Check whether the DN belongs to the Base, to avoid issues on multi-
-		//server setups
-		if (is_string($fdn) && $this->isDNPartOfBase($fdn, $this->connection->ldapBaseUsers)) {
-			return $fdn;
-		}
-
-		return false;
-	}
-
-	/**
-	 * returns the internal Nextcloud name for the given LDAP DN of the group, false on DN outside of search DN or failure
-	 *
-	 * @param string $fdn the dn of the group object
-	 * @param string $ldapName optional, the display name of the object
-	 * @return string|false with the name to use in Nextcloud, false on DN outside of search DN
-	 * @throws \Exception
-	 */
-	public function dn2groupname($fdn, $ldapName = null) {
-		//To avoid bypassing the base DN settings under certain circumstances
-		//with the group support, check whether the provided DN matches one of
-		//the given Bases
-		if (!$this->isDNPartOfBase($fdn, $this->connection->ldapBaseGroups)) {
-			return false;
-		}
-
-		return $this->dn2ocname($fdn, $ldapName, false);
-	}
-
-	/**
-	 * returns the internal Nextcloud name for the given LDAP DN of the user, false on DN outside of search DN or failure
-	 *
-	 * @param string $dn the dn of the user object
-	 * @param string $ldapName optional, the display name of the object
-	 * @return string|false with with the name to use in Nextcloud
-	 * @throws \Exception
-	 */
-	public function dn2username($fdn, $ldapName = null) {
-		//To avoid bypassing the base DN settings under certain circumstances
-		//with the group support, check whether the provided DN matches one of
-		//the given Bases
-		if (!$this->isDNPartOfBase($fdn, $this->connection->ldapBaseUsers)) {
-			return false;
-		}
-
-		return $this->dn2ocname($fdn, $ldapName, true);
-	}
-
-	/**
-	 * returns an internal Nextcloud name for the given LDAP DN, false on DN outside of search DN
-	 *
-	 * @param string $fdn the dn of the user object
-	 * @param string|null $ldapName optional, the display name of the object
-	 * @param bool $isUser optional, whether it is a user object (otherwise group assumed)
-	 * @param bool|null $newlyMapped
-	 * @param array|null $record
-	 * @return false|string with with the name to use in Nextcloud
-	 * @throws \Exception
-	 */
-	public function dn2ocname($fdn, $ldapName = null, $isUser = true, &$newlyMapped = null, array $record = null) {
-		$newlyMapped = false;
-		if ($isUser) {
-			$mapper = $this->getUserMapper();
-			$nameAttribute = $this->connection->ldapUserDisplayName;
-			$filter = $this->connection->ldapUserFilter;
-		} else {
-			$mapper = $this->getGroupMapper();
-			$nameAttribute = $this->connection->ldapGroupDisplayName;
-			$filter = $this->connection->ldapGroupFilter;
-		}
-
-		//let's try to retrieve the Nextcloud name from the mappings table
-		$ncName = $mapper->getNameByDN($fdn);
-		if (is_string($ncName)) {
-			return $ncName;
-		}
-
-		//second try: get the UUID and check if it is known. Then, update the DN and return the name.
-		$uuid = $this->getUUID($fdn, $isUser, $record);
-		if (is_string($uuid)) {
-			$ncName = $mapper->getNameByUUID($uuid);
-			if (is_string($ncName)) {
-				$mapper->setDNbyUUID($fdn, $uuid);
-				return $ncName;
-			}
-		} else {
-			//If the UUID can't be detected something is foul.
-			\OCP\Util::writeLog('user_ldap', 'Cannot determine UUID for ' . $fdn . '. Skipping.', ILogger::INFO);
-			return false;
-		}
-
-		if (is_null($ldapName)) {
-			$ldapName = $this->readAttribute($fdn, $nameAttribute, $filter);
-			if (!isset($ldapName[0]) && empty($ldapName[0])) {
-				\OCP\Util::writeLog('user_ldap', 'No or empty name for ' . $fdn . ' with filter ' . $filter . '.', ILogger::INFO);
-				return false;
-			}
-			$ldapName = $ldapName[0];
-		}
-
-		if ($isUser) {
-			$usernameAttribute = (string)$this->connection->ldapExpertUsernameAttr;
-			if ($usernameAttribute !== '') {
-				$username = $this->readAttribute($fdn, $usernameAttribute);
-				$username = $username[0];
-			} else {
-				$username = $uuid;
-			}
-			try {
-				$intName = $this->sanitizeUsername($username);
-			} catch (\InvalidArgumentException $e) {
-				\OC::$server->getLogger()->logException($e, [
-					'app' => 'user_ldap',
-					'level' => ILogger::WARN,
-				]);
-				// we don't attempt to set a username here. We can go for
-				// for an alternative 4 digit random number as we would append
-				// otherwise, however it's likely not enough space in bigger
-				// setups, and most importantly: this is not intended.
-				return false;
-			}
-		} else {
-			$intName = $ldapName;
-		}
-
-		//a new user/group! Add it only if it doesn't conflict with other backend's users or existing groups
-		//disabling Cache is required to avoid that the new user is cached as not-existing in fooExists check
-		//NOTE: mind, disabling cache affects only this instance! Using it
-		// outside of core user management will still cache the user as non-existing.
-		$originalTTL = $this->connection->ldapCacheTTL;
-		$this->connection->setConfiguration(['ldapCacheTTL' => 0]);
-		if ($intName !== ''
-			&& (($isUser && !$this->ncUserManager->userExists($intName))
-				|| (!$isUser && !\OC::$server->getGroupManager()->groupExists($intName))
-			)
-		) {
-			$this->connection->setConfiguration(['ldapCacheTTL' => $originalTTL]);
-			$newlyMapped = $this->mapAndAnnounceIfApplicable($mapper, $fdn, $intName, $uuid, $isUser);
-			if ($newlyMapped) {
-				return $intName;
-			}
-		}
-
-		$this->connection->setConfiguration(['ldapCacheTTL' => $originalTTL]);
-		$altName = $this->createAltInternalOwnCloudName($intName, $isUser);
-		if (is_string($altName)) {
-			if ($this->mapAndAnnounceIfApplicable($mapper, $fdn, $altName, $uuid, $isUser)) {
-				$newlyMapped = true;
-				return $altName;
-			}
-		}
-
-		//if everything else did not help..
-		\OCP\Util::writeLog('user_ldap', 'Could not create unique name for ' . $fdn . '.', ILogger::INFO);
-		return false;
-	}
-
-	public function mapAndAnnounceIfApplicable(
-		AbstractMapping $mapper,
-		string $fdn,
-		string $name,
-		string $uuid,
-		bool $isUser
-	): bool {
-		if ($mapper->map($fdn, $name, $uuid)) {
-			if ($this->ncUserManager instanceof PublicEmitter && $isUser) {
-				$this->cacheUserExists($name);
-				$this->ncUserManager->emit('\OC\User', 'assignedUserId', [$name]);
-			} elseif (!$isUser) {
-				$this->cacheGroupExists($name);
-			}
-			return true;
-		}
-		return false;
-	}
-
-	/**
-	 * gives back the user names as they are used ownClod internally
-	 *
-	 * @param array $ldapUsers as returned by fetchList()
-	 * @return array an array with the user names to use in Nextcloud
-	 *
-	 * gives back the user names as they are used ownClod internally
-	 * @throws \Exception
-	 */
-	public function nextcloudUserNames($ldapUsers) {
-		return $this->ldap2NextcloudNames($ldapUsers, true);
-	}
-
-	/**
-	 * gives back the group names as they are used ownClod internally
-	 *
-	 * @param array $ldapGroups as returned by fetchList()
-	 * @return array an array with the group names to use in Nextcloud
-	 *
-	 * gives back the group names as they are used ownClod internally
-	 * @throws \Exception
-	 */
-	public function nextcloudGroupNames($ldapGroups) {
-		return $this->ldap2NextcloudNames($ldapGroups, false);
-	}
-
-	/**
-	 * @param array $ldapObjects as returned by fetchList()
-	 * @param bool $isUsers
-	 * @return array
-	 * @throws \Exception
-	 */
-	private function ldap2NextcloudNames($ldapObjects, $isUsers) {
-		if ($isUsers) {
-			$nameAttribute = $this->connection->ldapUserDisplayName;
-			$sndAttribute = $this->connection->ldapUserDisplayName2;
-		} else {
-			$nameAttribute = $this->connection->ldapGroupDisplayName;
-		}
-		$nextcloudNames = [];
-
-		foreach ($ldapObjects as $ldapObject) {
-			$nameByLDAP = null;
-			if (isset($ldapObject[$nameAttribute])
-				&& is_array($ldapObject[$nameAttribute])
-				&& isset($ldapObject[$nameAttribute][0])
-			) {
-				// might be set, but not necessarily. if so, we use it.
-				$nameByLDAP = $ldapObject[$nameAttribute][0];
-			}
-
-			$ncName = $this->dn2ocname($ldapObject['dn'][0], $nameByLDAP, $isUsers);
-			if ($ncName) {
-				$nextcloudNames[] = $ncName;
-				if ($isUsers) {
-					$this->updateUserState($ncName);
-					//cache the user names so it does not need to be retrieved
-					//again later (e.g. sharing dialogue).
-					if (is_null($nameByLDAP)) {
-						continue;
-					}
-					$sndName = isset($ldapObject[$sndAttribute][0])
-						? $ldapObject[$sndAttribute][0] : '';
-					$this->cacheUserDisplayName($ncName, $nameByLDAP, $sndName);
-				} elseif ($nameByLDAP !== null) {
-					$this->cacheGroupDisplayName($ncName, $nameByLDAP);
-				}
-			}
-		}
-		return $nextcloudNames;
-	}
-
-	/**
-	 * removes the deleted-flag of a user if it was set
-	 *
-	 * @param string $ncname
-	 * @throws \Exception
-	 */
-	public function updateUserState($ncname) {
-		$user = $this->userManager->get($ncname);
-		if ($user instanceof OfflineUser) {
-			$user->unmark();
-		}
-	}
-
-	/**
-	 * caches the user display name
-	 *
-	 * @param string $ocName the internal Nextcloud username
-	 * @param string|false $home the home directory path
-	 */
-	public function cacheUserHome($ocName, $home) {
-		$cacheKey = 'getHome' . $ocName;
-		$this->connection->writeToCache($cacheKey, $home);
-	}
-
-	/**
-	 * caches a user as existing
-	 *
-	 * @param string $ocName the internal Nextcloud username
-	 */
-	public function cacheUserExists($ocName) {
-		$this->connection->writeToCache('userExists' . $ocName, true);
-	}
-
-	/**
-	 * caches a group as existing
-	 */
-	public function cacheGroupExists(string $gid): void {
-		$this->connection->writeToCache('groupExists' . $gid, true);
-	}
-
-	/**
-	 * caches the user display name
-	 *
-	 * @param string $ocName the internal Nextcloud username
-	 * @param string $displayName the display name
-	 * @param string $displayName2 the second display name
-	 * @throws \Exception
-	 */
-	public function cacheUserDisplayName($ocName, $displayName, $displayName2 = '') {
-		$user = $this->userManager->get($ocName);
-		if ($user === null) {
-			return;
-		}
-		$displayName = $user->composeAndStoreDisplayName($displayName, $displayName2);
-		$cacheKeyTrunk = 'getDisplayName';
-		$this->connection->writeToCache($cacheKeyTrunk . $ocName, $displayName);
-	}
-
-	public function cacheGroupDisplayName(string $ncName, string $displayName): void {
-		$cacheKey = 'group_getDisplayName' . $ncName;
-		$this->connection->writeToCache($cacheKey, $displayName);
-	}
-
-	/**
-	 * creates a unique name for internal Nextcloud use for users. Don't call it directly.
-	 *
-	 * @param string $name the display name of the object
-	 * @return string|false with with the name to use in Nextcloud or false if unsuccessful
-	 *
-	 * Instead of using this method directly, call
-	 * createAltInternalOwnCloudName($name, true)
-	 */
-	private function _createAltInternalOwnCloudNameForUsers($name) {
-		$attempts = 0;
-		//while loop is just a precaution. If a name is not generated within
-		//20 attempts, something else is very wrong. Avoids infinite loop.
-		while ($attempts < 20) {
-			$altName = $name . '_' . rand(1000, 9999);
-			if (!$this->ncUserManager->userExists($altName)) {
-				return $altName;
-			}
-			$attempts++;
-		}
-		return false;
-	}
-
-	/**
-	 * creates a unique name for internal Nextcloud use for groups. Don't call it directly.
-	 *
-	 * @param string $name the display name of the object
-	 * @return string|false with with the name to use in Nextcloud or false if unsuccessful.
-	 *
-	 * Instead of using this method directly, call
-	 * createAltInternalOwnCloudName($name, false)
-	 *
-	 * Group names are also used as display names, so we do a sequential
-	 * numbering, e.g. Developers_42 when there are 41 other groups called
-	 * "Developers"
-	 */
-	private function _createAltInternalOwnCloudNameForGroups($name) {
-		$usedNames = $this->groupMapper->getNamesBySearch($name, "", '_%');
-		if (!$usedNames || count($usedNames) === 0) {
-			$lastNo = 1; //will become name_2
-		} else {
-			natsort($usedNames);
-			$lastName = array_pop($usedNames);
-			$lastNo = (int)substr($lastName, strrpos($lastName, '_') + 1);
-		}
-		$altName = $name . '_' . (string)($lastNo + 1);
-		unset($usedNames);
-
-		$attempts = 1;
-		while ($attempts < 21) {
-			// Check to be really sure it is unique
-			// while loop is just a precaution. If a name is not generated within
-			// 20 attempts, something else is very wrong. Avoids infinite loop.
-			if (!\OC::$server->getGroupManager()->groupExists($altName)) {
-				return $altName;
-			}
-			$altName = $name . '_' . ($lastNo + $attempts);
-			$attempts++;
-		}
-		return false;
-	}
-
-	/**
-	 * creates a unique name for internal Nextcloud use.
-	 *
-	 * @param string $name the display name of the object
-	 * @param boolean $isUser whether name should be created for a user (true) or a group (false)
-	 * @return string|false with with the name to use in Nextcloud or false if unsuccessful
-	 */
-	private function createAltInternalOwnCloudName($name, $isUser) {
-		$originalTTL = $this->connection->ldapCacheTTL;
-		$this->connection->setConfiguration(['ldapCacheTTL' => 0]);
-		if ($isUser) {
-			$altName = $this->_createAltInternalOwnCloudNameForUsers($name);
-		} else {
-			$altName = $this->_createAltInternalOwnCloudNameForGroups($name);
-		}
-		$this->connection->setConfiguration(['ldapCacheTTL' => $originalTTL]);
-
-		return $altName;
-	}
-
-	/**
-	 * fetches a list of users according to a provided loginName and utilizing
-	 * the login filter.
-	 */
-	public function fetchUsersByLoginName(string $loginName, array $attributes = ['dn']): array {
-		$loginName = $this->escapeFilterPart($loginName);
-		$filter = str_replace('%uid', $loginName, $this->connection->ldapLoginFilter);
-		return $this->fetchListOfUsers($filter, $attributes);
-	}
-
-	/**
-	 * counts the number of users according to a provided loginName and
-	 * utilizing the login filter.
-	 *
-	 * @param string $loginName
-	 * @return int
-	 */
-	public function countUsersByLoginName($loginName) {
-		$loginName = $this->escapeFilterPart($loginName);
-		$filter = str_replace('%uid', $loginName, $this->connection->ldapLoginFilter);
-		return $this->countUsers($filter);
-	}
-
-	/**
-	 * @throws \Exception
-	 */
-	public function fetchListOfUsers(string $filter, array $attr, int $limit = null, int $offset = null, bool $forceApplyAttributes = false): array {
-		$ldapRecords = $this->searchUsers($filter, $attr, $limit, $offset);
-		$recordsToUpdate = $ldapRecords;
-		if (!$forceApplyAttributes) {
-			$isBackgroundJobModeAjax = $this->config
-					->getAppValue('core', 'backgroundjobs_mode', 'ajax') === 'ajax';
-			$listOfDNs = array_reduce($ldapRecords, function ($listOfDNs, $entry) {
-				$listOfDNs[] = $entry['dn'][0];
-				return $listOfDNs;
-			}, []);
-			$idsByDn = $this->userMapper->getListOfIdsByDn($listOfDNs);
-			$recordsToUpdate = array_filter($ldapRecords, function ($record) use ($isBackgroundJobModeAjax, $idsByDn) {
-				$newlyMapped = false;
-				$uid = $idsByDn[$record['dn'][0]] ?? null;
-				if ($uid === null) {
-					$uid = $this->dn2ocname($record['dn'][0], null, true, $newlyMapped, $record);
-				}
-				if (is_string($uid)) {
-					$this->cacheUserExists($uid);
-				}
-				return ($uid !== false) && ($newlyMapped || $isBackgroundJobModeAjax);
-			});
-		}
-		$this->batchApplyUserAttributes($recordsToUpdate);
-		return $this->fetchList($ldapRecords, $this->manyAttributes($attr));
-	}
-
-	/**
-	 * provided with an array of LDAP user records the method will fetch the
-	 * user object and requests it to process the freshly fetched attributes and
-	 * and their values
-	 *
-	 * @param array $ldapRecords
-	 * @throws \Exception
-	 */
-	public function batchApplyUserAttributes(array $ldapRecords) {
-		$displayNameAttribute = strtolower($this->connection->ldapUserDisplayName);
-		foreach ($ldapRecords as $userRecord) {
-			if (!isset($userRecord[$displayNameAttribute])) {
-				// displayName is obligatory
-				continue;
-			}
-			$ocName = $this->dn2ocname($userRecord['dn'][0], null, true);
-			if ($ocName === false) {
-				continue;
-			}
-			$this->updateUserState($ocName);
-			$user = $this->userManager->get($ocName);
-			if ($user !== null) {
-				$user->processAttributes($userRecord);
-			} else {
-				\OC::$server->getLogger()->debug(
-					"The ldap user manager returned null for $ocName",
-					['app' => 'user_ldap']
-				);
-			}
-		}
-	}
-
-	/**
-	 * @param string $filter
-	 * @param string|string[] $attr
-	 * @param int $limit
-	 * @param int $offset
-	 * @return array
-	 */
-	public function fetchListOfGroups($filter, $attr, $limit = null, $offset = null) {
-		$groupRecords = $this->searchGroups($filter, $attr, $limit, $offset);
-
-		$listOfDNs = array_reduce($groupRecords, function ($listOfDNs, $entry) {
-			$listOfDNs[] = $entry['dn'][0];
-			return $listOfDNs;
-		}, []);
-		$idsByDn = $this->groupMapper->getListOfIdsByDn($listOfDNs);
-
-		array_walk($groupRecords, function ($record) use ($idsByDn) {
-			$newlyMapped = false;
-			$gid = $uidsByDn[$record['dn'][0]] ?? null;
-			if ($gid === null) {
-				$gid = $this->dn2ocname($record['dn'][0], null, false, $newlyMapped, $record);
-			}
-			if (!$newlyMapped && is_string($gid)) {
-				$this->cacheGroupExists($gid);
-			}
-		});
-		return $this->fetchList($groupRecords, $this->manyAttributes($attr));
-	}
-
-	/**
-	 * @param array $list
-	 * @param bool $manyAttributes
-	 * @return array
-	 */
-	private function fetchList($list, $manyAttributes) {
-		if (is_array($list)) {
-			if ($manyAttributes) {
-				return $list;
-			} else {
-				$list = array_reduce($list, function ($carry, $item) {
-					$attribute = array_keys($item)[0];
-					$carry[] = $item[$attribute][0];
-					return $carry;
-				}, []);
-				return array_unique($list, SORT_LOCALE_STRING);
-			}
-		}
-
-		//error cause actually, maybe throw an exception in future.
-		return [];
-	}
-
-	/**
-	 * @throws ServerNotAvailableException
-	 */
-	public function searchUsers(string $filter, array $attr = null, int $limit = null, int $offset = null): array {
-		$result = [];
-		foreach ($this->connection->ldapBaseUsers as $base) {
-			$result = array_merge($result, $this->search($filter, $base, $attr, $limit, $offset));
-		}
-		return $result;
-	}
-
-	/**
-	 * @param string $filter
-	 * @param string|string[] $attr
-	 * @param int $limit
-	 * @param int $offset
-	 * @return false|int
-	 * @throws ServerNotAvailableException
-	 */
-	public function countUsers($filter, $attr = ['dn'], $limit = null, $offset = null) {
-		$result = false;
-		foreach ($this->connection->ldapBaseUsers as $base) {
-			$count = $this->count($filter, [$base], $attr, $limit, $offset);
-			$result = is_int($count) ? (int)$result + $count : $result;
-		}
-		return $result;
-	}
-
-	/**
-	 * executes an LDAP search, optimized for Groups
-	 *
-	 * @param string $filter the LDAP filter for the search
-	 * @param string|string[] $attr optional, when a certain attribute shall be filtered out
-	 * @param integer $limit
-	 * @param integer $offset
-	 * @return array with the search result
-	 *
-	 * Executes an LDAP search
-	 * @throws ServerNotAvailableException
-	 */
-	public function searchGroups($filter, $attr = null, $limit = null, $offset = null) {
-		$result = [];
-		foreach ($this->connection->ldapBaseGroups as $base) {
-			$result = array_merge($result, $this->search($filter, $base, $attr, $limit, $offset));
-		}
-		return $result;
-	}
-
-	/**
-	 * returns the number of available groups
-	 *
-	 * @param string $filter the LDAP search filter
-	 * @param string[] $attr optional
-	 * @param int|null $limit
-	 * @param int|null $offset
-	 * @return int|bool
-	 * @throws ServerNotAvailableException
-	 */
-	public function countGroups($filter, $attr = ['dn'], $limit = null, $offset = null) {
-		$result = false;
-		foreach ($this->connection->ldapBaseGroups as $base) {
-			$count = $this->count($filter, [$base], $attr, $limit, $offset);
-			$result = is_int($count) ? (int)$result + $count : $result;
-		}
-		return $result;
-	}
-
-	/**
-	 * returns the number of available objects on the base DN
-	 *
-	 * @param int|null $limit
-	 * @param int|null $offset
-	 * @return int|bool
-	 * @throws ServerNotAvailableException
-	 */
-	public function countObjects($limit = null, $offset = null) {
-		$result = false;
-		foreach ($this->connection->ldapBase as $base) {
-			$count = $this->count('objectclass=*', [$base], ['dn'], $limit, $offset);
-			$result = is_int($count) ? (int)$result + $count : $result;
-		}
-		return $result;
-	}
-
-	/**
-	 * Returns the LDAP handler
-	 *
-	 * @throws \OC\ServerNotAvailableException
-	 */
-
-	/**
-	 * @return mixed
-	 * @throws \OC\ServerNotAvailableException
-	 */
-	private function invokeLDAPMethod() {
-		$arguments = func_get_args();
-		$command = array_shift($arguments);
-		$cr = array_shift($arguments);
-		if (!method_exists($this->ldap, $command)) {
-			return null;
-		}
-		array_unshift($arguments, $cr);
-		// php no longer supports call-time pass-by-reference
-		// thus cannot support controlPagedResultResponse as the third argument
-		// is a reference
-		$doMethod = function () use ($command, &$arguments) {
-			if ($command == 'controlPagedResultResponse') {
-				throw new \InvalidArgumentException('Invoker does not support controlPagedResultResponse, call LDAP Wrapper directly instead.');
-			} else {
-				return call_user_func_array([$this->ldap, $command], $arguments);
-			}
-		};
-		try {
-			$ret = $doMethod();
-		} catch (ServerNotAvailableException $e) {
-			/* Server connection lost, attempt to reestablish it
+    public const UUID_ATTRIBUTES = ['entryuuid', 'nsuniqueid', 'objectguid', 'guid', 'ipauniqueid'];
+
+    /** @var \OCA\User_LDAP\Connection */
+    public $connection;
+    /** @var Manager */
+    public $userManager;
+    //never ever check this var directly, always use getPagedSearchResultState
+    protected $pagedSearchedSuccessful;
+
+    /**
+     * @var UserMapping $userMapper
+     */
+    protected $userMapper;
+
+    /**
+     * @var AbstractMapping $userMapper
+     */
+    protected $groupMapper;
+
+    /**
+     * @var \OCA\User_LDAP\Helper
+     */
+    private $helper;
+    /** @var IConfig */
+    private $config;
+    /** @var IUserManager */
+    private $ncUserManager;
+    /** @var string */
+    private $lastCookie = '';
+
+    public function __construct(
+        Connection $connection,
+        ILDAPWrapper $ldap,
+        Manager $userManager,
+        Helper $helper,
+        IConfig $config,
+        IUserManager $ncUserManager
+    ) {
+        parent::__construct($ldap);
+        $this->connection = $connection;
+        $this->userManager = $userManager;
+        $this->userManager->setLdapAccess($this);
+        $this->helper = $helper;
+        $this->config = $config;
+        $this->ncUserManager = $ncUserManager;
+    }
+
+    /**
+     * sets the User Mapper
+     *
+     * @param AbstractMapping $mapper
+     */
+    public function setUserMapper(AbstractMapping $mapper) {
+        $this->userMapper = $mapper;
+    }
+
+    /**
+     * @throws \Exception
+     */
+    public function getUserMapper(): UserMapping {
+        if (is_null($this->userMapper)) {
+            throw new \Exception('UserMapper was not assigned to this Access instance.');
+        }
+        return $this->userMapper;
+    }
+
+    /**
+     * sets the Group Mapper
+     *
+     * @param AbstractMapping $mapper
+     */
+    public function setGroupMapper(AbstractMapping $mapper) {
+        $this->groupMapper = $mapper;
+    }
+
+    /**
+     * returns the Group Mapper
+     *
+     * @return AbstractMapping
+     * @throws \Exception
+     */
+    public function getGroupMapper() {
+        if (is_null($this->groupMapper)) {
+            throw new \Exception('GroupMapper was not assigned to this Access instance.');
+        }
+        return $this->groupMapper;
+    }
+
+    /**
+     * @return bool
+     */
+    private function checkConnection() {
+        return ($this->connection instanceof Connection);
+    }
+
+    /**
+     * returns the Connection instance
+     *
+     * @return \OCA\User_LDAP\Connection
+     */
+    public function getConnection() {
+        return $this->connection;
+    }
+
+    /**
+     * reads a given attribute for an LDAP record identified by a DN
+     *
+     * @param string $dn the record in question
+     * @param string $attr the attribute that shall be retrieved
+     *        if empty, just check the record's existence
+     * @param string $filter
+     * @return array|false an array of values on success or an empty
+     *          array if $attr is empty, false otherwise
+     * @throws ServerNotAvailableException
+     */
+    public function readAttribute($dn, $attr, $filter = 'objectClass=*') {
+        if (!$this->checkConnection()) {
+            \OCP\Util::writeLog('user_ldap',
+                'No LDAP Connector assigned, access impossible for readAttribute.',
+                ILogger::WARN);
+            return false;
+        }
+        $cr = $this->connection->getConnectionResource();
+        if (!$this->ldap->isResource($cr)) {
+            //LDAP not available
+            \OCP\Util::writeLog('user_ldap', 'LDAP resource not available.', ILogger::DEBUG);
+            return false;
+        }
+        //Cancel possibly running Paged Results operation, otherwise we run in
+        //LDAP protocol errors
+        $this->abandonPagedSearch();
+        // openLDAP requires that we init a new Paged Search. Not needed by AD,
+        // but does not hurt either.
+        $pagingSize = (int)$this->connection->ldapPagingSize;
+        // 0 won't result in replies, small numbers may leave out groups
+        // (cf. #12306), 500 is default for paging and should work everywhere.
+        $maxResults = $pagingSize > 20 ? $pagingSize : 500;
+        $attr = mb_strtolower($attr, 'UTF-8');
+        // the actual read attribute later may contain parameters on a ranged
+        // request, e.g. member;range=99-199. Depends on server reply.
+        $attrToRead = $attr;
+
+        $values = [];
+        $isRangeRequest = false;
+        do {
+            $result = $this->executeRead($cr, $dn, $attrToRead, $filter, $maxResults);
+            if (is_bool($result)) {
+                // when an exists request was run and it was successful, an empty
+                // array must be returned
+                return $result ? [] : false;
+            }
+
+            if (!$isRangeRequest) {
+                $values = $this->extractAttributeValuesFromResult($result, $attr);
+                if (!empty($values)) {
+                    return $values;
+                }
+            }
+
+            $isRangeRequest = false;
+            $result = $this->extractRangeData($result, $attr);
+            if (!empty($result)) {
+                $normalizedResult = $this->extractAttributeValuesFromResult(
+                    [$attr => $result['values']],
+                    $attr
+                );
+                $values = array_merge($values, $normalizedResult);
+
+                if ($result['rangeHigh'] === '*') {
+                    // when server replies with * as high range value, there are
+                    // no more results left
+                    return $values;
+                } else {
+                    $low = $result['rangeHigh'] + 1;
+                    $attrToRead = $result['attributeName'] . ';range=' . $low . '-*';
+                    $isRangeRequest = true;
+                }
+            }
+        } while ($isRangeRequest);
+
+        \OCP\Util::writeLog('user_ldap', 'Requested attribute ' . $attr . ' not found for ' . $dn, ILogger::DEBUG);
+        return false;
+    }
+
+    /**
+     * Runs an read operation against LDAP
+     *
+     * @param resource $cr the LDAP connection
+     * @param string $dn
+     * @param string $attribute
+     * @param string $filter
+     * @param int $maxResults
+     * @return array|bool false if there was any error, true if an exists check
+     *                    was performed and the requested DN found, array with the
+     *                    returned data on a successful usual operation
+     * @throws ServerNotAvailableException
+     */
+    public function executeRead($cr, $dn, $attribute, $filter, $maxResults) {
+        $this->initPagedSearch($filter, $dn, [$attribute], $maxResults, 0);
+        $dn = $this->helper->DNasBaseParameter($dn);
+        $rr = @$this->invokeLDAPMethod('read', $cr, $dn, $filter, [$attribute]);
+        if (!$this->ldap->isResource($rr)) {
+            if ($attribute !== '') {
+                //do not throw this message on userExists check, irritates
+                \OCP\Util::writeLog('user_ldap', 'readAttribute failed for DN ' . $dn, ILogger::DEBUG);
+            }
+            //in case an error occurs , e.g. object does not exist
+            return false;
+        }
+        if ($attribute === '' && ($filter === 'objectclass=*' || $this->invokeLDAPMethod('countEntries', $cr, $rr) === 1)) {
+            \OCP\Util::writeLog('user_ldap', 'readAttribute: ' . $dn . ' found', ILogger::DEBUG);
+            return true;
+        }
+        $er = $this->invokeLDAPMethod('firstEntry', $cr, $rr);
+        if (!$this->ldap->isResource($er)) {
+            //did not match the filter, return false
+            return false;
+        }
+        //LDAP attributes are not case sensitive
+        $result = \OCP\Util::mb_array_change_key_case(
+            $this->invokeLDAPMethod('getAttributes', $cr, $er), MB_CASE_LOWER, 'UTF-8');
+
+        return $result;
+    }
+
+    /**
+     * Normalizes a result grom getAttributes(), i.e. handles DNs and binary
+     * data if present.
+     *
+     * @param array $result from ILDAPWrapper::getAttributes()
+     * @param string $attribute the attribute name that was read
+     * @return string[]
+     */
+    public function extractAttributeValuesFromResult($result, $attribute) {
+        $values = [];
+        if (isset($result[$attribute]) && $result[$attribute]['count'] > 0) {
+            $lowercaseAttribute = strtolower($attribute);
+            for ($i = 0; $i < $result[$attribute]['count']; $i++) {
+                if ($this->resemblesDN($attribute)) {
+                    $values[] = $this->helper->sanitizeDN($result[$attribute][$i]);
+                } elseif ($lowercaseAttribute === 'objectguid' || $lowercaseAttribute === 'guid') {
+                    $values[] = $this->convertObjectGUID2Str($result[$attribute][$i]);
+                } else {
+                    $values[] = $result[$attribute][$i];
+                }
+            }
+        }
+        return $values;
+    }
+
+    /**
+     * Attempts to find ranged data in a getAttribute results and extracts the
+     * returned values as well as information on the range and full attribute
+     * name for further processing.
+     *
+     * @param array $result from ILDAPWrapper::getAttributes()
+     * @param string $attribute the attribute name that was read. Without ";range=…"
+     * @return array If a range was detected with keys 'values', 'attributeName',
+     *               'attributeFull' and 'rangeHigh', otherwise empty.
+     */
+    public function extractRangeData($result, $attribute) {
+        $keys = array_keys($result);
+        foreach ($keys as $key) {
+            if ($key !== $attribute && strpos($key, $attribute) === 0) {
+                $queryData = explode(';', $key);
+                if (strpos($queryData[1], 'range=') === 0) {
+                    $high = substr($queryData[1], 1 + strpos($queryData[1], '-'));
+                    $data = [
+                        'values' => $result[$key],
+                        'attributeName' => $queryData[0],
+                        'attributeFull' => $key,
+                        'rangeHigh' => $high,
+                    ];
+                    return $data;
+                }
+            }
+        }
+        return [];
+    }
+
+    /**
+     * Set password for an LDAP user identified by a DN
+     *
+     * @param string $userDN the user in question
+     * @param string $password the new password
+     * @return bool
+     * @throws HintException
+     * @throws \Exception
+     */
+    public function setPassword($userDN, $password) {
+        if ((int)$this->connection->turnOnPasswordChange !== 1) {
+            throw new \Exception('LDAP password changes are disabled.');
+        }
+        $cr = $this->connection->getConnectionResource();
+        if (!$this->ldap->isResource($cr)) {
+            //LDAP not available
+            \OCP\Util::writeLog('user_ldap', 'LDAP resource not available.', ILogger::DEBUG);
+            return false;
+        }
+        try {
+            // try PASSWD extended operation first
+            return @$this->invokeLDAPMethod('exopPasswd', $cr, $userDN, '', $password) ||
+                @$this->invokeLDAPMethod('modReplace', $cr, $userDN, $password);
+        } catch (ConstraintViolationException $e) {
+            throw new HintException('Password change rejected.', \OC::$server->getL10N('user_ldap')->t('Password change rejected. Hint: ') . $e->getMessage(), $e->getCode());
+        }
+    }
+
+    /**
+     * checks whether the given attributes value is probably a DN
+     *
+     * @param string $attr the attribute in question
+     * @return boolean if so true, otherwise false
+     */
+    private function resemblesDN($attr) {
+        $resemblingAttributes = [
+            'dn',
+            'uniquemember',
+            'member',
+            // memberOf is an "operational" attribute, without a definition in any RFC
+            'memberof'
+        ];
+        return in_array($attr, $resemblingAttributes);
+    }
+
+    /**
+     * checks whether the given string is probably a DN
+     *
+     * @param string $string
+     * @return boolean
+     */
+    public function stringResemblesDN($string) {
+        $r = $this->ldap->explodeDN($string, 0);
+        // if exploding a DN succeeds and does not end up in
+        // an empty array except for $r[count] being 0.
+        return (is_array($r) && count($r) > 1);
+    }
+
+    /**
+     * returns a DN-string that is cleaned from not domain parts, e.g.
+     * cn=foo,cn=bar,dc=foobar,dc=server,dc=org
+     * becomes dc=foobar,dc=server,dc=org
+     *
+     * @param string $dn
+     * @return string
+     */
+    public function getDomainDNFromDN($dn) {
+        $allParts = $this->ldap->explodeDN($dn, 0);
+        if ($allParts === false) {
+            //not a valid DN
+            return '';
+        }
+        $domainParts = [];
+        $dcFound = false;
+        foreach ($allParts as $part) {
+            if (!$dcFound && strpos($part, 'dc=') === 0) {
+                $dcFound = true;
+            }
+            if ($dcFound) {
+                $domainParts[] = $part;
+            }
+        }
+        return implode(',', $domainParts);
+    }
+
+    /**
+     * returns the LDAP DN for the given internal Nextcloud name of the group
+     *
+     * @param string $name the Nextcloud name in question
+     * @return string|false LDAP DN on success, otherwise false
+     */
+    public function groupname2dn($name) {
+        return $this->groupMapper->getDNByName($name);
+    }
+
+    /**
+     * returns the LDAP DN for the given internal Nextcloud name of the user
+     *
+     * @param string $name the Nextcloud name in question
+     * @return string|false with the LDAP DN on success, otherwise false
+     */
+    public function username2dn($name) {
+        $fdn = $this->userMapper->getDNByName($name);
+
+        //Check whether the DN belongs to the Base, to avoid issues on multi-
+        //server setups
+        if (is_string($fdn) && $this->isDNPartOfBase($fdn, $this->connection->ldapBaseUsers)) {
+            return $fdn;
+        }
+
+        return false;
+    }
+
+    /**
+     * returns the internal Nextcloud name for the given LDAP DN of the group, false on DN outside of search DN or failure
+     *
+     * @param string $fdn the dn of the group object
+     * @param string $ldapName optional, the display name of the object
+     * @return string|false with the name to use in Nextcloud, false on DN outside of search DN
+     * @throws \Exception
+     */
+    public function dn2groupname($fdn, $ldapName = null) {
+        //To avoid bypassing the base DN settings under certain circumstances
+        //with the group support, check whether the provided DN matches one of
+        //the given Bases
+        if (!$this->isDNPartOfBase($fdn, $this->connection->ldapBaseGroups)) {
+            return false;
+        }
+
+        return $this->dn2ocname($fdn, $ldapName, false);
+    }
+
+    /**
+     * returns the internal Nextcloud name for the given LDAP DN of the user, false on DN outside of search DN or failure
+     *
+     * @param string $dn the dn of the user object
+     * @param string $ldapName optional, the display name of the object
+     * @return string|false with with the name to use in Nextcloud
+     * @throws \Exception
+     */
+    public function dn2username($fdn, $ldapName = null) {
+        //To avoid bypassing the base DN settings under certain circumstances
+        //with the group support, check whether the provided DN matches one of
+        //the given Bases
+        if (!$this->isDNPartOfBase($fdn, $this->connection->ldapBaseUsers)) {
+            return false;
+        }
+
+        return $this->dn2ocname($fdn, $ldapName, true);
+    }
+
+    /**
+     * returns an internal Nextcloud name for the given LDAP DN, false on DN outside of search DN
+     *
+     * @param string $fdn the dn of the user object
+     * @param string|null $ldapName optional, the display name of the object
+     * @param bool $isUser optional, whether it is a user object (otherwise group assumed)
+     * @param bool|null $newlyMapped
+     * @param array|null $record
+     * @return false|string with with the name to use in Nextcloud
+     * @throws \Exception
+     */
+    public function dn2ocname($fdn, $ldapName = null, $isUser = true, &$newlyMapped = null, array $record = null) {
+        $newlyMapped = false;
+        if ($isUser) {
+            $mapper = $this->getUserMapper();
+            $nameAttribute = $this->connection->ldapUserDisplayName;
+            $filter = $this->connection->ldapUserFilter;
+        } else {
+            $mapper = $this->getGroupMapper();
+            $nameAttribute = $this->connection->ldapGroupDisplayName;
+            $filter = $this->connection->ldapGroupFilter;
+        }
+
+        //let's try to retrieve the Nextcloud name from the mappings table
+        $ncName = $mapper->getNameByDN($fdn);
+        if (is_string($ncName)) {
+            return $ncName;
+        }
+
+        //second try: get the UUID and check if it is known. Then, update the DN and return the name.
+        $uuid = $this->getUUID($fdn, $isUser, $record);
+        if (is_string($uuid)) {
+            $ncName = $mapper->getNameByUUID($uuid);
+            if (is_string($ncName)) {
+                $mapper->setDNbyUUID($fdn, $uuid);
+                return $ncName;
+            }
+        } else {
+            //If the UUID can't be detected something is foul.
+            \OCP\Util::writeLog('user_ldap', 'Cannot determine UUID for ' . $fdn . '. Skipping.', ILogger::INFO);
+            return false;
+        }
+
+        if (is_null($ldapName)) {
+            $ldapName = $this->readAttribute($fdn, $nameAttribute, $filter);
+            if (!isset($ldapName[0]) && empty($ldapName[0])) {
+                \OCP\Util::writeLog('user_ldap', 'No or empty name for ' . $fdn . ' with filter ' . $filter . '.', ILogger::INFO);
+                return false;
+            }
+            $ldapName = $ldapName[0];
+        }
+
+        if ($isUser) {
+            $usernameAttribute = (string)$this->connection->ldapExpertUsernameAttr;
+            if ($usernameAttribute !== '') {
+                $username = $this->readAttribute($fdn, $usernameAttribute);
+                $username = $username[0];
+            } else {
+                $username = $uuid;
+            }
+            try {
+                $intName = $this->sanitizeUsername($username);
+            } catch (\InvalidArgumentException $e) {
+                \OC::$server->getLogger()->logException($e, [
+                    'app' => 'user_ldap',
+                    'level' => ILogger::WARN,
+                ]);
+                // we don't attempt to set a username here. We can go for
+                // for an alternative 4 digit random number as we would append
+                // otherwise, however it's likely not enough space in bigger
+                // setups, and most importantly: this is not intended.
+                return false;
+            }
+        } else {
+            $intName = $ldapName;
+        }
+
+        //a new user/group! Add it only if it doesn't conflict with other backend's users or existing groups
+        //disabling Cache is required to avoid that the new user is cached as not-existing in fooExists check
+        //NOTE: mind, disabling cache affects only this instance! Using it
+        // outside of core user management will still cache the user as non-existing.
+        $originalTTL = $this->connection->ldapCacheTTL;
+        $this->connection->setConfiguration(['ldapCacheTTL' => 0]);
+        if ($intName !== ''
+            && (($isUser && !$this->ncUserManager->userExists($intName))
+                || (!$isUser && !\OC::$server->getGroupManager()->groupExists($intName))
+            )
+        ) {
+            $this->connection->setConfiguration(['ldapCacheTTL' => $originalTTL]);
+            $newlyMapped = $this->mapAndAnnounceIfApplicable($mapper, $fdn, $intName, $uuid, $isUser);
+            if ($newlyMapped) {
+                return $intName;
+            }
+        }
+
+        $this->connection->setConfiguration(['ldapCacheTTL' => $originalTTL]);
+        $altName = $this->createAltInternalOwnCloudName($intName, $isUser);
+        if (is_string($altName)) {
+            if ($this->mapAndAnnounceIfApplicable($mapper, $fdn, $altName, $uuid, $isUser)) {
+                $newlyMapped = true;
+                return $altName;
+            }
+        }
+
+        //if everything else did not help..
+        \OCP\Util::writeLog('user_ldap', 'Could not create unique name for ' . $fdn . '.', ILogger::INFO);
+        return false;
+    }
+
+    public function mapAndAnnounceIfApplicable(
+        AbstractMapping $mapper,
+        string $fdn,
+        string $name,
+        string $uuid,
+        bool $isUser
+    ): bool {
+        if ($mapper->map($fdn, $name, $uuid)) {
+            if ($this->ncUserManager instanceof PublicEmitter && $isUser) {
+                $this->cacheUserExists($name);
+                $this->ncUserManager->emit('\OC\User', 'assignedUserId', [$name]);
+            } elseif (!$isUser) {
+                $this->cacheGroupExists($name);
+            }
+            return true;
+        }
+        return false;
+    }
+
+    /**
+     * gives back the user names as they are used ownClod internally
+     *
+     * @param array $ldapUsers as returned by fetchList()
+     * @return array an array with the user names to use in Nextcloud
+     *
+     * gives back the user names as they are used ownClod internally
+     * @throws \Exception
+     */
+    public function nextcloudUserNames($ldapUsers) {
+        return $this->ldap2NextcloudNames($ldapUsers, true);
+    }
+
+    /**
+     * gives back the group names as they are used ownClod internally
+     *
+     * @param array $ldapGroups as returned by fetchList()
+     * @return array an array with the group names to use in Nextcloud
+     *
+     * gives back the group names as they are used ownClod internally
+     * @throws \Exception
+     */
+    public function nextcloudGroupNames($ldapGroups) {
+        return $this->ldap2NextcloudNames($ldapGroups, false);
+    }
+
+    /**
+     * @param array $ldapObjects as returned by fetchList()
+     * @param bool $isUsers
+     * @return array
+     * @throws \Exception
+     */
+    private function ldap2NextcloudNames($ldapObjects, $isUsers) {
+        if ($isUsers) {
+            $nameAttribute = $this->connection->ldapUserDisplayName;
+            $sndAttribute = $this->connection->ldapUserDisplayName2;
+        } else {
+            $nameAttribute = $this->connection->ldapGroupDisplayName;
+        }
+        $nextcloudNames = [];
+
+        foreach ($ldapObjects as $ldapObject) {
+            $nameByLDAP = null;
+            if (isset($ldapObject[$nameAttribute])
+                && is_array($ldapObject[$nameAttribute])
+                && isset($ldapObject[$nameAttribute][0])
+            ) {
+                // might be set, but not necessarily. if so, we use it.
+                $nameByLDAP = $ldapObject[$nameAttribute][0];
+            }
+
+            $ncName = $this->dn2ocname($ldapObject['dn'][0], $nameByLDAP, $isUsers);
+            if ($ncName) {
+                $nextcloudNames[] = $ncName;
+                if ($isUsers) {
+                    $this->updateUserState($ncName);
+                    //cache the user names so it does not need to be retrieved
+                    //again later (e.g. sharing dialogue).
+                    if (is_null($nameByLDAP)) {
+                        continue;
+                    }
+                    $sndName = isset($ldapObject[$sndAttribute][0])
+                        ? $ldapObject[$sndAttribute][0] : '';
+                    $this->cacheUserDisplayName($ncName, $nameByLDAP, $sndName);
+                } elseif ($nameByLDAP !== null) {
+                    $this->cacheGroupDisplayName($ncName, $nameByLDAP);
+                }
+            }
+        }
+        return $nextcloudNames;
+    }
+
+    /**
+     * removes the deleted-flag of a user if it was set
+     *
+     * @param string $ncname
+     * @throws \Exception
+     */
+    public function updateUserState($ncname) {
+        $user = $this->userManager->get($ncname);
+        if ($user instanceof OfflineUser) {
+            $user->unmark();
+        }
+    }
+
+    /**
+     * caches the user display name
+     *
+     * @param string $ocName the internal Nextcloud username
+     * @param string|false $home the home directory path
+     */
+    public function cacheUserHome($ocName, $home) {
+        $cacheKey = 'getHome' . $ocName;
+        $this->connection->writeToCache($cacheKey, $home);
+    }
+
+    /**
+     * caches a user as existing
+     *
+     * @param string $ocName the internal Nextcloud username
+     */
+    public function cacheUserExists($ocName) {
+        $this->connection->writeToCache('userExists' . $ocName, true);
+    }
+
+    /**
+     * caches a group as existing
+     */
+    public function cacheGroupExists(string $gid): void {
+        $this->connection->writeToCache('groupExists' . $gid, true);
+    }
+
+    /**
+     * caches the user display name
+     *
+     * @param string $ocName the internal Nextcloud username
+     * @param string $displayName the display name
+     * @param string $displayName2 the second display name
+     * @throws \Exception
+     */
+    public function cacheUserDisplayName($ocName, $displayName, $displayName2 = '') {
+        $user = $this->userManager->get($ocName);
+        if ($user === null) {
+            return;
+        }
+        $displayName = $user->composeAndStoreDisplayName($displayName, $displayName2);
+        $cacheKeyTrunk = 'getDisplayName';
+        $this->connection->writeToCache($cacheKeyTrunk . $ocName, $displayName);
+    }
+
+    public function cacheGroupDisplayName(string $ncName, string $displayName): void {
+        $cacheKey = 'group_getDisplayName' . $ncName;
+        $this->connection->writeToCache($cacheKey, $displayName);
+    }
+
+    /**
+     * creates a unique name for internal Nextcloud use for users. Don't call it directly.
+     *
+     * @param string $name the display name of the object
+     * @return string|false with with the name to use in Nextcloud or false if unsuccessful
+     *
+     * Instead of using this method directly, call
+     * createAltInternalOwnCloudName($name, true)
+     */
+    private function _createAltInternalOwnCloudNameForUsers($name) {
+        $attempts = 0;
+        //while loop is just a precaution. If a name is not generated within
+        //20 attempts, something else is very wrong. Avoids infinite loop.
+        while ($attempts < 20) {
+            $altName = $name . '_' . rand(1000, 9999);
+            if (!$this->ncUserManager->userExists($altName)) {
+                return $altName;
+            }
+            $attempts++;
+        }
+        return false;
+    }
+
+    /**
+     * creates a unique name for internal Nextcloud use for groups. Don't call it directly.
+     *
+     * @param string $name the display name of the object
+     * @return string|false with with the name to use in Nextcloud or false if unsuccessful.
+     *
+     * Instead of using this method directly, call
+     * createAltInternalOwnCloudName($name, false)
+     *
+     * Group names are also used as display names, so we do a sequential
+     * numbering, e.g. Developers_42 when there are 41 other groups called
+     * "Developers"
+     */
+    private function _createAltInternalOwnCloudNameForGroups($name) {
+        $usedNames = $this->groupMapper->getNamesBySearch($name, "", '_%');
+        if (!$usedNames || count($usedNames) === 0) {
+            $lastNo = 1; //will become name_2
+        } else {
+            natsort($usedNames);
+            $lastName = array_pop($usedNames);
+            $lastNo = (int)substr($lastName, strrpos($lastName, '_') + 1);
+        }
+        $altName = $name . '_' . (string)($lastNo + 1);
+        unset($usedNames);
+
+        $attempts = 1;
+        while ($attempts < 21) {
+            // Check to be really sure it is unique
+            // while loop is just a precaution. If a name is not generated within
+            // 20 attempts, something else is very wrong. Avoids infinite loop.
+            if (!\OC::$server->getGroupManager()->groupExists($altName)) {
+                return $altName;
+            }
+            $altName = $name . '_' . ($lastNo + $attempts);
+            $attempts++;
+        }
+        return false;
+    }
+
+    /**
+     * creates a unique name for internal Nextcloud use.
+     *
+     * @param string $name the display name of the object
+     * @param boolean $isUser whether name should be created for a user (true) or a group (false)
+     * @return string|false with with the name to use in Nextcloud or false if unsuccessful
+     */
+    private function createAltInternalOwnCloudName($name, $isUser) {
+        $originalTTL = $this->connection->ldapCacheTTL;
+        $this->connection->setConfiguration(['ldapCacheTTL' => 0]);
+        if ($isUser) {
+            $altName = $this->_createAltInternalOwnCloudNameForUsers($name);
+        } else {
+            $altName = $this->_createAltInternalOwnCloudNameForGroups($name);
+        }
+        $this->connection->setConfiguration(['ldapCacheTTL' => $originalTTL]);
+
+        return $altName;
+    }
+
+    /**
+     * fetches a list of users according to a provided loginName and utilizing
+     * the login filter.
+     */
+    public function fetchUsersByLoginName(string $loginName, array $attributes = ['dn']): array {
+        $loginName = $this->escapeFilterPart($loginName);
+        $filter = str_replace('%uid', $loginName, $this->connection->ldapLoginFilter);
+        return $this->fetchListOfUsers($filter, $attributes);
+    }
+
+    /**
+     * counts the number of users according to a provided loginName and
+     * utilizing the login filter.
+     *
+     * @param string $loginName
+     * @return int
+     */
+    public function countUsersByLoginName($loginName) {
+        $loginName = $this->escapeFilterPart($loginName);
+        $filter = str_replace('%uid', $loginName, $this->connection->ldapLoginFilter);
+        return $this->countUsers($filter);
+    }
+
+    /**
+     * @throws \Exception
+     */
+    public function fetchListOfUsers(string $filter, array $attr, int $limit = null, int $offset = null, bool $forceApplyAttributes = false): array {
+        $ldapRecords = $this->searchUsers($filter, $attr, $limit, $offset);
+        $recordsToUpdate = $ldapRecords;
+        if (!$forceApplyAttributes) {
+            $isBackgroundJobModeAjax = $this->config
+                    ->getAppValue('core', 'backgroundjobs_mode', 'ajax') === 'ajax';
+            $listOfDNs = array_reduce($ldapRecords, function ($listOfDNs, $entry) {
+                $listOfDNs[] = $entry['dn'][0];
+                return $listOfDNs;
+            }, []);
+            $idsByDn = $this->userMapper->getListOfIdsByDn($listOfDNs);
+            $recordsToUpdate = array_filter($ldapRecords, function ($record) use ($isBackgroundJobModeAjax, $idsByDn) {
+                $newlyMapped = false;
+                $uid = $idsByDn[$record['dn'][0]] ?? null;
+                if ($uid === null) {
+                    $uid = $this->dn2ocname($record['dn'][0], null, true, $newlyMapped, $record);
+                }
+                if (is_string($uid)) {
+                    $this->cacheUserExists($uid);
+                }
+                return ($uid !== false) && ($newlyMapped || $isBackgroundJobModeAjax);
+            });
+        }
+        $this->batchApplyUserAttributes($recordsToUpdate);
+        return $this->fetchList($ldapRecords, $this->manyAttributes($attr));
+    }
+
+    /**
+     * provided with an array of LDAP user records the method will fetch the
+     * user object and requests it to process the freshly fetched attributes and
+     * and their values
+     *
+     * @param array $ldapRecords
+     * @throws \Exception
+     */
+    public function batchApplyUserAttributes(array $ldapRecords) {
+        $displayNameAttribute = strtolower($this->connection->ldapUserDisplayName);
+        foreach ($ldapRecords as $userRecord) {
+            if (!isset($userRecord[$displayNameAttribute])) {
+                // displayName is obligatory
+                continue;
+            }
+            $ocName = $this->dn2ocname($userRecord['dn'][0], null, true);
+            if ($ocName === false) {
+                continue;
+            }
+            $this->updateUserState($ocName);
+            $user = $this->userManager->get($ocName);
+            if ($user !== null) {
+                $user->processAttributes($userRecord);
+            } else {
+                \OC::$server->getLogger()->debug(
+                    "The ldap user manager returned null for $ocName",
+                    ['app' => 'user_ldap']
+                );
+            }
+        }
+    }
+
+    /**
+     * @param string $filter
+     * @param string|string[] $attr
+     * @param int $limit
+     * @param int $offset
+     * @return array
+     */
+    public function fetchListOfGroups($filter, $attr, $limit = null, $offset = null) {
+        $groupRecords = $this->searchGroups($filter, $attr, $limit, $offset);
+
+        $listOfDNs = array_reduce($groupRecords, function ($listOfDNs, $entry) {
+            $listOfDNs[] = $entry['dn'][0];
+            return $listOfDNs;
+        }, []);
+        $idsByDn = $this->groupMapper->getListOfIdsByDn($listOfDNs);
+
+        array_walk($groupRecords, function ($record) use ($idsByDn) {
+            $newlyMapped = false;
+            $gid = $uidsByDn[$record['dn'][0]] ?? null;
+            if ($gid === null) {
+                $gid = $this->dn2ocname($record['dn'][0], null, false, $newlyMapped, $record);
+            }
+            if (!$newlyMapped && is_string($gid)) {
+                $this->cacheGroupExists($gid);
+            }
+        });
+        return $this->fetchList($groupRecords, $this->manyAttributes($attr));
+    }
+
+    /**
+     * @param array $list
+     * @param bool $manyAttributes
+     * @return array
+     */
+    private function fetchList($list, $manyAttributes) {
+        if (is_array($list)) {
+            if ($manyAttributes) {
+                return $list;
+            } else {
+                $list = array_reduce($list, function ($carry, $item) {
+                    $attribute = array_keys($item)[0];
+                    $carry[] = $item[$attribute][0];
+                    return $carry;
+                }, []);
+                return array_unique($list, SORT_LOCALE_STRING);
+            }
+        }
+
+        //error cause actually, maybe throw an exception in future.
+        return [];
+    }
+
+    /**
+     * @throws ServerNotAvailableException
+     */
+    public function searchUsers(string $filter, array $attr = null, int $limit = null, int $offset = null): array {
+        $result = [];
+        foreach ($this->connection->ldapBaseUsers as $base) {
+            $result = array_merge($result, $this->search($filter, $base, $attr, $limit, $offset));
+        }
+        return $result;
+    }
+
+    /**
+     * @param string $filter
+     * @param string|string[] $attr
+     * @param int $limit
+     * @param int $offset
+     * @return false|int
+     * @throws ServerNotAvailableException
+     */
+    public function countUsers($filter, $attr = ['dn'], $limit = null, $offset = null) {
+        $result = false;
+        foreach ($this->connection->ldapBaseUsers as $base) {
+            $count = $this->count($filter, [$base], $attr, $limit, $offset);
+            $result = is_int($count) ? (int)$result + $count : $result;
+        }
+        return $result;
+    }
+
+    /**
+     * executes an LDAP search, optimized for Groups
+     *
+     * @param string $filter the LDAP filter for the search
+     * @param string|string[] $attr optional, when a certain attribute shall be filtered out
+     * @param integer $limit
+     * @param integer $offset
+     * @return array with the search result
+     *
+     * Executes an LDAP search
+     * @throws ServerNotAvailableException
+     */
+    public function searchGroups($filter, $attr = null, $limit = null, $offset = null) {
+        $result = [];
+        foreach ($this->connection->ldapBaseGroups as $base) {
+            $result = array_merge($result, $this->search($filter, $base, $attr, $limit, $offset));
+        }
+        return $result;
+    }
+
+    /**
+     * returns the number of available groups
+     *
+     * @param string $filter the LDAP search filter
+     * @param string[] $attr optional
+     * @param int|null $limit
+     * @param int|null $offset
+     * @return int|bool
+     * @throws ServerNotAvailableException
+     */
+    public function countGroups($filter, $attr = ['dn'], $limit = null, $offset = null) {
+        $result = false;
+        foreach ($this->connection->ldapBaseGroups as $base) {
+            $count = $this->count($filter, [$base], $attr, $limit, $offset);
+            $result = is_int($count) ? (int)$result + $count : $result;
+        }
+        return $result;
+    }
+
+    /**
+     * returns the number of available objects on the base DN
+     *
+     * @param int|null $limit
+     * @param int|null $offset
+     * @return int|bool
+     * @throws ServerNotAvailableException
+     */
+    public function countObjects($limit = null, $offset = null) {
+        $result = false;
+        foreach ($this->connection->ldapBase as $base) {
+            $count = $this->count('objectclass=*', [$base], ['dn'], $limit, $offset);
+            $result = is_int($count) ? (int)$result + $count : $result;
+        }
+        return $result;
+    }
+
+    /**
+     * Returns the LDAP handler
+     *
+     * @throws \OC\ServerNotAvailableException
+     */
+
+    /**
+     * @return mixed
+     * @throws \OC\ServerNotAvailableException
+     */
+    private function invokeLDAPMethod() {
+        $arguments = func_get_args();
+        $command = array_shift($arguments);
+        $cr = array_shift($arguments);
+        if (!method_exists($this->ldap, $command)) {
+            return null;
+        }
+        array_unshift($arguments, $cr);
+        // php no longer supports call-time pass-by-reference
+        // thus cannot support controlPagedResultResponse as the third argument
+        // is a reference
+        $doMethod = function () use ($command, &$arguments) {
+            if ($command == 'controlPagedResultResponse') {
+                throw new \InvalidArgumentException('Invoker does not support controlPagedResultResponse, call LDAP Wrapper directly instead.');
+            } else {
+                return call_user_func_array([$this->ldap, $command], $arguments);
+            }
+        };
+        try {
+            $ret = $doMethod();
+        } catch (ServerNotAvailableException $e) {
+            /* Server connection lost, attempt to reestablish it
 			 * Maybe implement exponential backoff?
 			 * This was enough to get solr indexer working which has large delays between LDAP fetches.
 			 */
-			\OCP\Util::writeLog('user_ldap', "Connection lost on $command, attempting to reestablish.", ILogger::DEBUG);
-			$this->connection->resetConnectionResource();
-			$cr = $this->connection->getConnectionResource();
-
-			if (!$this->ldap->isResource($cr)) {
-				// Seems like we didn't find any resource.
-				\OCP\Util::writeLog('user_ldap', "Could not $command, because resource is missing.", ILogger::DEBUG);
-				throw $e;
-			}
-
-			$arguments[0] = $cr;
-			$ret = $doMethod();
-		}
-		return $ret;
-	}
-
-	/**
-	 * retrieved. Results will according to the order in the array.
-	 *
-	 * @param string $filter
-	 * @param string $base
-	 * @param string[] $attr
-	 * @param int|null $limit optional, maximum results to be counted
-	 * @param int|null $offset optional, a starting point
-	 * @return array|false array with the search result as first value and pagedSearchOK as
-	 * second | false if not successful
-	 * @throws ServerNotAvailableException
-	 */
-	private function executeSearch(
-		string $filter,
-		string $base,
-		?array &$attr,
-		?int $limit,
-		?int $offset
-	) {
-		// See if we have a resource, in case not cancel with message
-		$cr = $this->connection->getConnectionResource();
-		if (!$this->ldap->isResource($cr)) {
-			// Seems like we didn't find any resource.
-			// Return an empty array just like before.
-			\OCP\Util::writeLog('user_ldap', 'Could not search, because resource is missing.', ILogger::DEBUG);
-			return false;
-		}
-
-		//check whether paged search should be attempted
-		$pagedSearchOK = $this->initPagedSearch($filter, $base, $attr, (int)$limit, (int)$offset);
-
-		$sr = $this->invokeLDAPMethod('search', $cr, $base, $filter, $attr);
-		// cannot use $cr anymore, might have changed in the previous call!
-		$error = $this->ldap->errno($this->connection->getConnectionResource());
-		if (!$this->ldap->isResource($sr) || $error !== 0) {
-			\OCP\Util::writeLog('user_ldap', 'Attempt for Paging?  ' . print_r($pagedSearchOK, true), ILogger::ERROR);
-			return false;
-		}
-
-		return [$sr, $pagedSearchOK];
-	}
-
-	/**
-	 * processes an LDAP paged search operation
-	 *
-	 * @param resource $sr the array containing the LDAP search resources
-	 * @param int $foundItems number of results in the single search operation
-	 * @param int $limit maximum results to be counted
-	 * @param bool $pagedSearchOK whether a paged search has been executed
-	 * @param bool $skipHandling required for paged search when cookies to
-	 * prior results need to be gained
-	 * @return bool cookie validity, true if we have more pages, false otherwise.
-	 * @throws ServerNotAvailableException
-	 */
-	private function processPagedSearchStatus(
-		$sr,
-		int $foundItems,
-		int $limit,
-		bool $pagedSearchOK,
-		bool $skipHandling
-	): bool {
-		$cookie = null;
-		if ($pagedSearchOK) {
-			$cr = $this->connection->getConnectionResource();
-			if ($this->ldap->controlPagedResultResponse($cr, $sr, $cookie)) {
-				$this->lastCookie = $cookie;
-			}
-
-			//browsing through prior pages to get the cookie for the new one
-			if ($skipHandling) {
-				return false;
-			}
-			// if count is bigger, then the server does not support
-			// paged search. Instead, he did a normal search. We set a
-			// flag here, so the callee knows how to deal with it.
-			if ($foundItems <= $limit) {
-				$this->pagedSearchedSuccessful = true;
-			}
-		} else {
-			if (!is_null($limit) && (int)$this->connection->ldapPagingSize !== 0) {
-				\OC::$server->getLogger()->debug(
-					'Paged search was not available',
-					['app' => 'user_ldap']
-				);
-			}
-		}
-		/* ++ Fixing RHDS searches with pages with zero results ++
+            \OCP\Util::writeLog('user_ldap', "Connection lost on $command, attempting to reestablish.", ILogger::DEBUG);
+            $this->connection->resetConnectionResource();
+            $cr = $this->connection->getConnectionResource();
+
+            if (!$this->ldap->isResource($cr)) {
+                // Seems like we didn't find any resource.
+                \OCP\Util::writeLog('user_ldap', "Could not $command, because resource is missing.", ILogger::DEBUG);
+                throw $e;
+            }
+
+            $arguments[0] = $cr;
+            $ret = $doMethod();
+        }
+        return $ret;
+    }
+
+    /**
+     * retrieved. Results will according to the order in the array.
+     *
+     * @param string $filter
+     * @param string $base
+     * @param string[] $attr
+     * @param int|null $limit optional, maximum results to be counted
+     * @param int|null $offset optional, a starting point
+     * @return array|false array with the search result as first value and pagedSearchOK as
+     * second | false if not successful
+     * @throws ServerNotAvailableException
+     */
+    private function executeSearch(
+        string $filter,
+        string $base,
+        ?array &$attr,
+        ?int $limit,
+        ?int $offset
+    ) {
+        // See if we have a resource, in case not cancel with message
+        $cr = $this->connection->getConnectionResource();
+        if (!$this->ldap->isResource($cr)) {
+            // Seems like we didn't find any resource.
+            // Return an empty array just like before.
+            \OCP\Util::writeLog('user_ldap', 'Could not search, because resource is missing.', ILogger::DEBUG);
+            return false;
+        }
+
+        //check whether paged search should be attempted
+        $pagedSearchOK = $this->initPagedSearch($filter, $base, $attr, (int)$limit, (int)$offset);
+
+        $sr = $this->invokeLDAPMethod('search', $cr, $base, $filter, $attr);
+        // cannot use $cr anymore, might have changed in the previous call!
+        $error = $this->ldap->errno($this->connection->getConnectionResource());
+        if (!$this->ldap->isResource($sr) || $error !== 0) {
+            \OCP\Util::writeLog('user_ldap', 'Attempt for Paging?  ' . print_r($pagedSearchOK, true), ILogger::ERROR);
+            return false;
+        }
+
+        return [$sr, $pagedSearchOK];
+    }
+
+    /**
+     * processes an LDAP paged search operation
+     *
+     * @param resource $sr the array containing the LDAP search resources
+     * @param int $foundItems number of results in the single search operation
+     * @param int $limit maximum results to be counted
+     * @param bool $pagedSearchOK whether a paged search has been executed
+     * @param bool $skipHandling required for paged search when cookies to
+     * prior results need to be gained
+     * @return bool cookie validity, true if we have more pages, false otherwise.
+     * @throws ServerNotAvailableException
+     */
+    private function processPagedSearchStatus(
+        $sr,
+        int $foundItems,
+        int $limit,
+        bool $pagedSearchOK,
+        bool $skipHandling
+    ): bool {
+        $cookie = null;
+        if ($pagedSearchOK) {
+            $cr = $this->connection->getConnectionResource();
+            if ($this->ldap->controlPagedResultResponse($cr, $sr, $cookie)) {
+                $this->lastCookie = $cookie;
+            }
+
+            //browsing through prior pages to get the cookie for the new one
+            if ($skipHandling) {
+                return false;
+            }
+            // if count is bigger, then the server does not support
+            // paged search. Instead, he did a normal search. We set a
+            // flag here, so the callee knows how to deal with it.
+            if ($foundItems <= $limit) {
+                $this->pagedSearchedSuccessful = true;
+            }
+        } else {
+            if (!is_null($limit) && (int)$this->connection->ldapPagingSize !== 0) {
+                \OC::$server->getLogger()->debug(
+                    'Paged search was not available',
+                    ['app' => 'user_ldap']
+                );
+            }
+        }
+        /* ++ Fixing RHDS searches with pages with zero results ++
 		 * Return cookie status. If we don't have more pages, with RHDS
 		 * cookie is null, with openldap cookie is an empty string and
 		 * to 386ds '0' is a valid cookie. Even if $iFoundItems == 0
 		 */
-		return !empty($cookie) || $cookie === '0';
-	}
-
-	/**
-	 * executes an LDAP search, but counts the results only
-	 *
-	 * @param string $filter the LDAP filter for the search
-	 * @param array $bases an array containing the LDAP subtree(s) that shall be searched
-	 * @param string|string[] $attr optional, array, one or more attributes that shall be
-	 * retrieved. Results will according to the order in the array.
-	 * @param int $limit optional, maximum results to be counted
-	 * @param int $offset optional, a starting point
-	 * @param bool $skipHandling indicates whether the pages search operation is
-	 * completed
-	 * @return int|false Integer or false if the search could not be initialized
-	 * @throws ServerNotAvailableException
-	 */
-	private function count(
-		string $filter,
-		array $bases,
-		$attr = null,
-		?int $limit = null,
-		?int $offset = null,
-		bool $skipHandling = false
-	) {
-		\OC::$server->getLogger()->debug('Count filter: {filter}', [
-			'app' => 'user_ldap',
-			'filter' => $filter
-		]);
-
-		if (!is_null($attr) && !is_array($attr)) {
-			$attr = [mb_strtolower($attr, 'UTF-8')];
-		}
-
-		$limitPerPage = (int)$this->connection->ldapPagingSize;
-		if (!is_null($limit) && $limit < $limitPerPage && $limit > 0) {
-			$limitPerPage = $limit;
-		}
-
-		$counter = 0;
-		$count = null;
-		$this->connection->getConnectionResource();
-
-		foreach ($bases as $base) {
-			do {
-				$search = $this->executeSearch($filter, $base, $attr, $limitPerPage, $offset);
-				if ($search === false) {
-					return $counter > 0 ? $counter : false;
-				}
-				list($sr, $pagedSearchOK) = $search;
-
-				/* ++ Fixing RHDS searches with pages with zero results ++
+        return !empty($cookie) || $cookie === '0';
+    }
+
+    /**
+     * executes an LDAP search, but counts the results only
+     *
+     * @param string $filter the LDAP filter for the search
+     * @param array $bases an array containing the LDAP subtree(s) that shall be searched
+     * @param string|string[] $attr optional, array, one or more attributes that shall be
+     * retrieved. Results will according to the order in the array.
+     * @param int $limit optional, maximum results to be counted
+     * @param int $offset optional, a starting point
+     * @param bool $skipHandling indicates whether the pages search operation is
+     * completed
+     * @return int|false Integer or false if the search could not be initialized
+     * @throws ServerNotAvailableException
+     */
+    private function count(
+        string $filter,
+        array $bases,
+        $attr = null,
+        ?int $limit = null,
+        ?int $offset = null,
+        bool $skipHandling = false
+    ) {
+        \OC::$server->getLogger()->debug('Count filter: {filter}', [
+            'app' => 'user_ldap',
+            'filter' => $filter
+        ]);
+
+        if (!is_null($attr) && !is_array($attr)) {
+            $attr = [mb_strtolower($attr, 'UTF-8')];
+        }
+
+        $limitPerPage = (int)$this->connection->ldapPagingSize;
+        if (!is_null($limit) && $limit < $limitPerPage && $limit > 0) {
+            $limitPerPage = $limit;
+        }
+
+        $counter = 0;
+        $count = null;
+        $this->connection->getConnectionResource();
+
+        foreach ($bases as $base) {
+            do {
+                $search = $this->executeSearch($filter, $base, $attr, $limitPerPage, $offset);
+                if ($search === false) {
+                    return $counter > 0 ? $counter : false;
+                }
+                list($sr, $pagedSearchOK) = $search;
+
+                /* ++ Fixing RHDS searches with pages with zero results ++
 				 * countEntriesInSearchResults() method signature changed
 				 * by removing $limit and &$hasHitLimit parameters
 				 */
-				$count = $this->countEntriesInSearchResults($sr);
-				$counter += $count;
+                $count = $this->countEntriesInSearchResults($sr);
+                $counter += $count;
 
-				$hasMorePages = $this->processPagedSearchStatus($sr, $count, $limitPerPage, $pagedSearchOK, $skipHandling);
-				$offset += $limitPerPage;
-				/* ++ Fixing RHDS searches with pages with zero results ++
+                $hasMorePages = $this->processPagedSearchStatus($sr, $count, $limitPerPage, $pagedSearchOK, $skipHandling);
+                $offset += $limitPerPage;
+                /* ++ Fixing RHDS searches with pages with zero results ++
 				 * Continue now depends on $hasMorePages value
 				 */
-				$continue = $pagedSearchOK && $hasMorePages;
-			} while ($continue && (is_null($limit) || $limit <= 0 || $limit > $counter));
-		}
-
-		return $counter;
-	}
-
-	/**
-	 * @param resource $sr
-	 * @return int
-	 * @throws ServerNotAvailableException
-	 */
-	private function countEntriesInSearchResults($sr): int {
-		return (int)$this->invokeLDAPMethod('countEntries', $this->connection->getConnectionResource(), $sr);
-	}
-
-	/**
-	 * Executes an LDAP search
-	 *
-	 * @throws ServerNotAvailableException
-	 */
-	public function search(
-		string $filter,
-		string $base,
-		?array $attr = null,
-		?int $limit = null,
-		?int $offset = null,
-		bool $skipHandling = false
-	): array {
-		$limitPerPage = (int)$this->connection->ldapPagingSize;
-		if (!is_null($limit) && $limit < $limitPerPage && $limit > 0) {
-			$limitPerPage = $limit;
-		}
-
-		if (!is_null($attr) && !is_array($attr)) {
-			$attr = [mb_strtolower($attr, 'UTF-8')];
-		}
-
-		/* ++ Fixing RHDS searches with pages with zero results ++
+                $continue = $pagedSearchOK && $hasMorePages;
+            } while ($continue && (is_null($limit) || $limit <= 0 || $limit > $counter));
+        }
+
+        return $counter;
+    }
+
+    /**
+     * @param resource $sr
+     * @return int
+     * @throws ServerNotAvailableException
+     */
+    private function countEntriesInSearchResults($sr): int {
+        return (int)$this->invokeLDAPMethod('countEntries', $this->connection->getConnectionResource(), $sr);
+    }
+
+    /**
+     * Executes an LDAP search
+     *
+     * @throws ServerNotAvailableException
+     */
+    public function search(
+        string $filter,
+        string $base,
+        ?array $attr = null,
+        ?int $limit = null,
+        ?int $offset = null,
+        bool $skipHandling = false
+    ): array {
+        $limitPerPage = (int)$this->connection->ldapPagingSize;
+        if (!is_null($limit) && $limit < $limitPerPage && $limit > 0) {
+            $limitPerPage = $limit;
+        }
+
+        if (!is_null($attr) && !is_array($attr)) {
+            $attr = [mb_strtolower($attr, 'UTF-8')];
+        }
+
+        /* ++ Fixing RHDS searches with pages with zero results ++
 		 * As we can have pages with zero results and/or pages with less
 		 * than $limit results but with a still valid server 'cookie',
 		 * loops through until we get $continue equals true and
 		 * $findings['count'] < $limit
 		 */
-		$findings = [];
-		$savedoffset = $offset;
-		$iFoundItems = 0;
-
-		do {
-			$search = $this->executeSearch($filter, $base, $attr, $limitPerPage, $offset);
-			if ($search === false) {
-				return [];
-			}
-			list($sr, $pagedSearchOK) = $search;
-			$cr = $this->connection->getConnectionResource();
-
-			if ($skipHandling) {
-				//i.e. result do not need to be fetched, we just need the cookie
-				//thus pass 1 or any other value as $iFoundItems because it is not
-				//used
-				$this->processPagedSearchStatus($sr, 1, $limitPerPage, $pagedSearchOK, $skipHandling);
-				return [];
-			}
-
-			$findings = array_merge($findings, $this->invokeLDAPMethod('getEntries', $cr, $sr));
-			$iFoundItems = max($iFoundItems, $findings['count']);
-			unset($findings['count']);
-
-			$continue = $this->processPagedSearchStatus($sr, $iFoundItems, $limitPerPage, $pagedSearchOK, $skipHandling);
-			$offset += $limitPerPage;
-		} while ($continue && $pagedSearchOK && ($limit === null || count($findings) < $limit));
-
-		// resetting offset
-		$offset = $savedoffset;
-
-		// if we're here, probably no connection resource is returned.
-		// to make Nextcloud behave nicely, we simply give back an empty array.
-		if (is_null($findings)) {
-			return [];
-		}
-
-		if (!is_null($attr)) {
-			$selection = [];
-			$i = 0;
-			foreach ($findings as $item) {
-				if (!is_array($item)) {
-					continue;
-				}
-				$item = \OCP\Util::mb_array_change_key_case($item, MB_CASE_LOWER, 'UTF-8');
-				foreach ($attr as $key) {
-					if (isset($item[$key])) {
-						if (is_array($item[$key]) && isset($item[$key]['count'])) {
-							unset($item[$key]['count']);
-						}
-						if ($key !== 'dn') {
-							if ($this->resemblesDN($key)) {
-								$selection[$i][$key] = $this->helper->sanitizeDN($item[$key]);
-							} elseif ($key === 'objectguid' || $key === 'guid') {
-								$selection[$i][$key] = [$this->convertObjectGUID2Str($item[$key][0])];
-							} else {
-								$selection[$i][$key] = $item[$key];
-							}
-						} else {
-							$selection[$i][$key] = [$this->helper->sanitizeDN($item[$key])];
-						}
-					}
-				}
-				$i++;
-			}
-			$findings = $selection;
-		}
-		//we slice the findings, when
-		//a) paged search unsuccessful, though attempted
-		//b) no paged search, but limit set
-		if ((!$this->getPagedSearchResultState()
-				&& $pagedSearchOK)
-			|| (
-				!$pagedSearchOK
-				&& !is_null($limit)
-			)
-		) {
-			$findings = array_slice($findings, (int)$offset, $limit);
-		}
-		return $findings;
-	}
-
-	/**
-	 * @param string $name
-	 * @return string
-	 * @throws \InvalidArgumentException
-	 */
-	public function sanitizeUsername($name) {
-		$name = trim($name);
-
-		if ($this->connection->ldapIgnoreNamingRules) {
-			return $name;
-		}
-
-		// Transliteration to ASCII
-		$transliterated = @iconv('UTF-8', 'ASCII//TRANSLIT', $name);
-		if ($transliterated !== false) {
-			// depending on system config iconv can work or not
-			$name = $transliterated;
-		}
-
-		// Replacements
-		$name = str_replace(' ', '_', $name);
-
-		// Every remaining disallowed characters will be removed
-		$name = preg_replace('/[^a-zA-Z0-9_.@-]/u', '', $name);
-
-		if ($name === '') {
-			throw new \InvalidArgumentException('provided name template for username does not contain any allowed characters');
-		}
-
-		return $name;
-	}
-
-	/**
-	 * escapes (user provided) parts for LDAP filter
-	 *
-	 * @param string $input , the provided value
-	 * @param bool $allowAsterisk whether in * at the beginning should be preserved
-	 * @return string the escaped string
-	 */
-	public function escapeFilterPart($input, $allowAsterisk = false): string {
-		$asterisk = '';
-		if ($allowAsterisk && strlen($input) > 0 && $input[0] === '*') {
-			$asterisk = '*';
-			$input = mb_substr($input, 1, null, 'UTF-8');
-		}
-		$search = ['*', '\\', '(', ')'];
-		$replace = ['\\*', '\\\\', '\\(', '\\)'];
-		return $asterisk . str_replace($search, $replace, $input);
-	}
-
-	/**
-	 * combines the input filters with AND
-	 *
-	 * @param string[] $filters the filters to connect
-	 * @return string the combined filter
-	 */
-	public function combineFilterWithAnd($filters): string {
-		return $this->combineFilter($filters, '&');
-	}
-
-	/**
-	 * combines the input filters with OR
-	 *
-	 * @param string[] $filters the filters to connect
-	 * @return string the combined filter
-	 * Combines Filter arguments with OR
-	 */
-	public function combineFilterWithOr($filters) {
-		return $this->combineFilter($filters, '|');
-	}
-
-	/**
-	 * combines the input filters with given operator
-	 *
-	 * @param string[] $filters the filters to connect
-	 * @param string $operator either & or |
-	 * @return string the combined filter
-	 */
-	private function combineFilter($filters, $operator) {
-		$combinedFilter = '(' . $operator;
-		foreach ($filters as $filter) {
-			if ($filter !== '' && $filter[0] !== '(') {
-				$filter = '(' . $filter . ')';
-			}
-			$combinedFilter .= $filter;
-		}
-		$combinedFilter .= ')';
-		return $combinedFilter;
-	}
-
-	/**
-	 * creates a filter part for to perform search for users
-	 *
-	 * @param string $search the search term
-	 * @return string the final filter part to use in LDAP searches
-	 */
-	public function getFilterPartForUserSearch($search) {
-		return $this->getFilterPartForSearch($search,
-			$this->connection->ldapAttributesForUserSearch,
-			$this->connection->ldapUserDisplayName);
-	}
-
-	/**
-	 * creates a filter part for to perform search for groups
-	 *
-	 * @param string $search the search term
-	 * @return string the final filter part to use in LDAP searches
-	 */
-	public function getFilterPartForGroupSearch($search) {
-		return $this->getFilterPartForSearch($search,
-			$this->connection->ldapAttributesForGroupSearch,
-			$this->connection->ldapGroupDisplayName);
-	}
-
-	/**
-	 * creates a filter part for searches by splitting up the given search
-	 * string into single words
-	 *
-	 * @param string $search the search term
-	 * @param string[] $searchAttributes needs to have at least two attributes,
-	 * otherwise it does not make sense :)
-	 * @return string the final filter part to use in LDAP searches
-	 * @throws DomainException
-	 */
-	private function getAdvancedFilterPartForSearch($search, $searchAttributes) {
-		if (!is_array($searchAttributes) || count($searchAttributes) < 2) {
-			throw new DomainException('searchAttributes must be an array with at least two string');
-		}
-		$searchWords = explode(' ', trim($search));
-		$wordFilters = [];
-		foreach ($searchWords as $word) {
-			$word = $this->prepareSearchTerm($word);
-			//every word needs to appear at least once
-			$wordMatchOneAttrFilters = [];
-			foreach ($searchAttributes as $attr) {
-				$wordMatchOneAttrFilters[] = $attr . '=' . $word;
-			}
-			$wordFilters[] = $this->combineFilterWithOr($wordMatchOneAttrFilters);
-		}
-		return $this->combineFilterWithAnd($wordFilters);
-	}
-
-	/**
-	 * creates a filter part for searches
-	 *
-	 * @param string $search the search term
-	 * @param string[]|null $searchAttributes
-	 * @param string $fallbackAttribute a fallback attribute in case the user
-	 * did not define search attributes. Typically the display name attribute.
-	 * @return string the final filter part to use in LDAP searches
-	 */
-	private function getFilterPartForSearch($search, $searchAttributes, $fallbackAttribute) {
-		$filter = [];
-		$haveMultiSearchAttributes = (is_array($searchAttributes) && count($searchAttributes) > 0);
-		if ($haveMultiSearchAttributes && strpos(trim($search), ' ') !== false) {
-			try {
-				return $this->getAdvancedFilterPartForSearch($search, $searchAttributes);
-			} catch (DomainException $e) {
-				// Creating advanced filter for search failed, falling back to simple method. Edge case, but valid.
-			}
-		}
-
-		$search = $this->prepareSearchTerm($search);
-		if (!is_array($searchAttributes) || count($searchAttributes) === 0) {
-			if ($fallbackAttribute === '') {
-				return '';
-			}
-			$filter[] = $fallbackAttribute . '=' . $search;
-		} else {
-			foreach ($searchAttributes as $attribute) {
-				$filter[] = $attribute . '=' . $search;
-			}
-		}
-		if (count($filter) === 1) {
-			return '(' . $filter[0] . ')';
-		}
-		return $this->combineFilterWithOr($filter);
-	}
-
-	/**
-	 * returns the search term depending on whether we are allowed
-	 * list users found by ldap with the current input appended by
-	 * a *
-	 *
-	 * @return string
-	 */
-	private function prepareSearchTerm($term) {
-		$config = \OC::$server->getConfig();
-
-		$allowEnum = $config->getAppValue('core', 'shareapi_allow_share_dialog_user_enumeration', 'yes');
-
-		$result = $term;
-		if ($term === '') {
-			$result = '*';
-		} elseif ($allowEnum !== 'no') {
-			$result = $term . '*';
-		}
-		return $result;
-	}
-
-	/**
-	 * returns the filter used for counting users
-	 *
-	 * @return string
-	 */
-	public function getFilterForUserCount() {
-		$filter = $this->combineFilterWithAnd([
-			$this->connection->ldapUserFilter,
-			$this->connection->ldapUserDisplayName . '=*'
-		]);
-
-		return $filter;
-	}
-
-	/**
-	 * @param string $name
-	 * @param string $password
-	 * @return bool
-	 */
-	public function areCredentialsValid($name, $password) {
-		$name = $this->helper->DNasBaseParameter($name);
-		$testConnection = clone $this->connection;
-		$credentials = [
-			'ldapAgentName' => $name,
-			'ldapAgentPassword' => $password
-		];
-		if (!$testConnection->setConfiguration($credentials)) {
-			return false;
-		}
-		return $testConnection->bind();
-	}
-
-	/**
-	 * reverse lookup of a DN given a known UUID
-	 *
-	 * @param string $uuid
-	 * @return string
-	 * @throws \Exception
-	 */
-	public function getUserDnByUuid($uuid) {
-		$uuidOverride = $this->connection->ldapExpertUUIDUserAttr;
-		$filter = $this->connection->ldapUserFilter;
-		$bases = $this->connection->ldapBaseUsers;
-
-		if ($this->connection->ldapUuidUserAttribute === 'auto' && $uuidOverride === '') {
-			// Sacrebleu! The UUID attribute is unknown :( We need first an
-			// existing DN to be able to reliably detect it.
-			foreach ($bases as $base) {
-				$result = $this->search($filter, $base, ['dn'], 1);
-				if (!isset($result[0]) || !isset($result[0]['dn'])) {
-					continue;
-				}
-				$dn = $result[0]['dn'][0];
-				if ($hasFound = $this->detectUuidAttribute($dn, true)) {
-					break;
-				}
-			}
-			if (!isset($hasFound) || !$hasFound) {
-				throw new \Exception('Cannot determine UUID attribute');
-			}
-		} else {
-			// The UUID attribute is either known or an override is given.
-			// By calling this method we ensure that $this->connection->$uuidAttr
-			// is definitely set
-			if (!$this->detectUuidAttribute('', true)) {
-				throw new \Exception('Cannot determine UUID attribute');
-			}
-		}
-
-		$uuidAttr = $this->connection->ldapUuidUserAttribute;
-		if ($uuidAttr === 'guid' || $uuidAttr === 'objectguid') {
-			$uuid = $this->formatGuid2ForFilterUser($uuid);
-		}
-
-		$filter = $uuidAttr . '=' . $uuid;
-		$result = $this->searchUsers($filter, ['dn'], 2);
-		if (is_array($result) && isset($result[0]) && isset($result[0]['dn']) && count($result) === 1) {
-			// we put the count into account to make sure that this is
-			// really unique
-			return $result[0]['dn'][0];
-		}
-
-		throw new \Exception('Cannot determine UUID attribute');
-	}
-
-	/**
-	 * auto-detects the directory's UUID attribute
-	 *
-	 * @param string $dn a known DN used to check against
-	 * @param bool $isUser
-	 * @param bool $force the detection should be run, even if it is not set to auto
-	 * @param array|null $ldapRecord
-	 * @return bool true on success, false otherwise
-	 * @throws ServerNotAvailableException
-	 */
-	private function detectUuidAttribute($dn, $isUser = true, $force = false, array $ldapRecord = null) {
-		if ($isUser) {
-			$uuidAttr = 'ldapUuidUserAttribute';
-			$uuidOverride = $this->connection->ldapExpertUUIDUserAttr;
-		} else {
-			$uuidAttr = 'ldapUuidGroupAttribute';
-			$uuidOverride = $this->connection->ldapExpertUUIDGroupAttr;
-		}
-
-		if (!$force) {
-			if ($this->connection->$uuidAttr !== 'auto') {
-				return true;
-			} elseif (is_string($uuidOverride) && trim($uuidOverride) !== '') {
-				$this->connection->$uuidAttr = $uuidOverride;
-				return true;
-			}
-
-			$attribute = $this->connection->getFromCache($uuidAttr);
-			if (!$attribute === null) {
-				$this->connection->$uuidAttr = $attribute;
-				return true;
-			}
-		}
-
-		foreach (self::UUID_ATTRIBUTES as $attribute) {
-			if ($ldapRecord !== null) {
-				// we have the info from LDAP already, we don't need to talk to the server again
-				if (isset($ldapRecord[$attribute])) {
-					$this->connection->$uuidAttr = $attribute;
-					return true;
-				}
-			}
-
-			$value = $this->readAttribute($dn, $attribute);
-			if (is_array($value) && isset($value[0]) && !empty($value[0])) {
-				\OC::$server->getLogger()->debug(
-					'Setting {attribute} as {subject}',
-					[
-						'app' => 'user_ldap',
-						'attribute' => $attribute,
-						'subject' => $uuidAttr
-					]
-				);
-				$this->connection->$uuidAttr = $attribute;
-				$this->connection->writeToCache($uuidAttr, $attribute);
-				return true;
-			}
-		}
-		\OC::$server->getLogger()->debug('Could not autodetect the UUID attribute', ['app' => 'user_ldap']);
-
-		return false;
-	}
-
-	/**
-	 * @param string $dn
-	 * @param bool $isUser
-	 * @param null $ldapRecord
-	 * @return bool|string
-	 * @throws ServerNotAvailableException
-	 */
-	public function getUUID($dn, $isUser = true, $ldapRecord = null) {
-		if ($isUser) {
-			$uuidAttr = 'ldapUuidUserAttribute';
-			$uuidOverride = $this->connection->ldapExpertUUIDUserAttr;
-		} else {
-			$uuidAttr = 'ldapUuidGroupAttribute';
-			$uuidOverride = $this->connection->ldapExpertUUIDGroupAttr;
-		}
-
-		$uuid = false;
-		if ($this->detectUuidAttribute($dn, $isUser, false, $ldapRecord)) {
-			$attr = $this->connection->$uuidAttr;
-			$uuid = isset($ldapRecord[$attr]) ? $ldapRecord[$attr] : $this->readAttribute($dn, $attr);
-			if (!is_array($uuid)
-				&& $uuidOverride !== ''
-				&& $this->detectUuidAttribute($dn, $isUser, true, $ldapRecord)) {
-				$uuid = isset($ldapRecord[$this->connection->$uuidAttr])
-					? $ldapRecord[$this->connection->$uuidAttr]
-					: $this->readAttribute($dn, $this->connection->$uuidAttr);
-			}
-			if (is_array($uuid) && isset($uuid[0]) && !empty($uuid[0])) {
-				$uuid = $uuid[0];
-			}
-		}
-
-		return $uuid;
-	}
-
-	/**
-	 * converts a binary ObjectGUID into a string representation
-	 *
-	 * @param string $oguid the ObjectGUID in it's binary form as retrieved from AD
-	 * @return string
-	 * @link http://www.php.net/manual/en/function.ldap-get-values-len.php#73198
-	 */
-	private function convertObjectGUID2Str($oguid) {
-		$hex_guid = bin2hex($oguid);
-		$hex_guid_to_guid_str = '';
-		for ($k = 1; $k <= 4; ++$k) {
-			$hex_guid_to_guid_str .= substr($hex_guid, 8 - 2 * $k, 2);
-		}
-		$hex_guid_to_guid_str .= '-';
-		for ($k = 1; $k <= 2; ++$k) {
-			$hex_guid_to_guid_str .= substr($hex_guid, 12 - 2 * $k, 2);
-		}
-		$hex_guid_to_guid_str .= '-';
-		for ($k = 1; $k <= 2; ++$k) {
-			$hex_guid_to_guid_str .= substr($hex_guid, 16 - 2 * $k, 2);
-		}
-		$hex_guid_to_guid_str .= '-' . substr($hex_guid, 16, 4);
-		$hex_guid_to_guid_str .= '-' . substr($hex_guid, 20);
-
-		return strtoupper($hex_guid_to_guid_str);
-	}
-
-	/**
-	 * the first three blocks of the string-converted GUID happen to be in
-	 * reverse order. In order to use it in a filter, this needs to be
-	 * corrected. Furthermore the dashes need to be replaced and \\ preprended
-	 * to every two hax figures.
-	 *
-	 * If an invalid string is passed, it will be returned without change.
-	 *
-	 * @param string $guid
-	 * @return string
-	 */
-	public function formatGuid2ForFilterUser($guid) {
-		if (!is_string($guid)) {
-			throw new \InvalidArgumentException('String expected');
-		}
-		$blocks = explode('-', $guid);
-		if (count($blocks) !== 5) {
-			/*
+        $findings = [];
+        $savedoffset = $offset;
+        $iFoundItems = 0;
+
+        do {
+            $search = $this->executeSearch($filter, $base, $attr, $limitPerPage, $offset);
+            if ($search === false) {
+                return [];
+            }
+            list($sr, $pagedSearchOK) = $search;
+            $cr = $this->connection->getConnectionResource();
+
+            if ($skipHandling) {
+                //i.e. result do not need to be fetched, we just need the cookie
+                //thus pass 1 or any other value as $iFoundItems because it is not
+                //used
+                $this->processPagedSearchStatus($sr, 1, $limitPerPage, $pagedSearchOK, $skipHandling);
+                return [];
+            }
+
+            $findings = array_merge($findings, $this->invokeLDAPMethod('getEntries', $cr, $sr));
+            $iFoundItems = max($iFoundItems, $findings['count']);
+            unset($findings['count']);
+
+            $continue = $this->processPagedSearchStatus($sr, $iFoundItems, $limitPerPage, $pagedSearchOK, $skipHandling);
+            $offset += $limitPerPage;
+        } while ($continue && $pagedSearchOK && ($limit === null || count($findings) < $limit));
+
+        // resetting offset
+        $offset = $savedoffset;
+
+        // if we're here, probably no connection resource is returned.
+        // to make Nextcloud behave nicely, we simply give back an empty array.
+        if (is_null($findings)) {
+            return [];
+        }
+
+        if (!is_null($attr)) {
+            $selection = [];
+            $i = 0;
+            foreach ($findings as $item) {
+                if (!is_array($item)) {
+                    continue;
+                }
+                $item = \OCP\Util::mb_array_change_key_case($item, MB_CASE_LOWER, 'UTF-8');
+                foreach ($attr as $key) {
+                    if (isset($item[$key])) {
+                        if (is_array($item[$key]) && isset($item[$key]['count'])) {
+                            unset($item[$key]['count']);
+                        }
+                        if ($key !== 'dn') {
+                            if ($this->resemblesDN($key)) {
+                                $selection[$i][$key] = $this->helper->sanitizeDN($item[$key]);
+                            } elseif ($key === 'objectguid' || $key === 'guid') {
+                                $selection[$i][$key] = [$this->convertObjectGUID2Str($item[$key][0])];
+                            } else {
+                                $selection[$i][$key] = $item[$key];
+                            }
+                        } else {
+                            $selection[$i][$key] = [$this->helper->sanitizeDN($item[$key])];
+                        }
+                    }
+                }
+                $i++;
+            }
+            $findings = $selection;
+        }
+        //we slice the findings, when
+        //a) paged search unsuccessful, though attempted
+        //b) no paged search, but limit set
+        if ((!$this->getPagedSearchResultState()
+                && $pagedSearchOK)
+            || (
+                !$pagedSearchOK
+                && !is_null($limit)
+            )
+        ) {
+            $findings = array_slice($findings, (int)$offset, $limit);
+        }
+        return $findings;
+    }
+
+    /**
+     * @param string $name
+     * @return string
+     * @throws \InvalidArgumentException
+     */
+    public function sanitizeUsername($name) {
+        $name = trim($name);
+
+        if ($this->connection->ldapIgnoreNamingRules) {
+            return $name;
+        }
+
+        // Transliteration to ASCII
+        $transliterated = @iconv('UTF-8', 'ASCII//TRANSLIT', $name);
+        if ($transliterated !== false) {
+            // depending on system config iconv can work or not
+            $name = $transliterated;
+        }
+
+        // Replacements
+        $name = str_replace(' ', '_', $name);
+
+        // Every remaining disallowed characters will be removed
+        $name = preg_replace('/[^a-zA-Z0-9_.@-]/u', '', $name);
+
+        if ($name === '') {
+            throw new \InvalidArgumentException('provided name template for username does not contain any allowed characters');
+        }
+
+        return $name;
+    }
+
+    /**
+     * escapes (user provided) parts for LDAP filter
+     *
+     * @param string $input , the provided value
+     * @param bool $allowAsterisk whether in * at the beginning should be preserved
+     * @return string the escaped string
+     */
+    public function escapeFilterPart($input, $allowAsterisk = false): string {
+        $asterisk = '';
+        if ($allowAsterisk && strlen($input) > 0 && $input[0] === '*') {
+            $asterisk = '*';
+            $input = mb_substr($input, 1, null, 'UTF-8');
+        }
+        $search = ['*', '\\', '(', ')'];
+        $replace = ['\\*', '\\\\', '\\(', '\\)'];
+        return $asterisk . str_replace($search, $replace, $input);
+    }
+
+    /**
+     * combines the input filters with AND
+     *
+     * @param string[] $filters the filters to connect
+     * @return string the combined filter
+     */
+    public function combineFilterWithAnd($filters): string {
+        return $this->combineFilter($filters, '&');
+    }
+
+    /**
+     * combines the input filters with OR
+     *
+     * @param string[] $filters the filters to connect
+     * @return string the combined filter
+     * Combines Filter arguments with OR
+     */
+    public function combineFilterWithOr($filters) {
+        return $this->combineFilter($filters, '|');
+    }
+
+    /**
+     * combines the input filters with given operator
+     *
+     * @param string[] $filters the filters to connect
+     * @param string $operator either & or |
+     * @return string the combined filter
+     */
+    private function combineFilter($filters, $operator) {
+        $combinedFilter = '(' . $operator;
+        foreach ($filters as $filter) {
+            if ($filter !== '' && $filter[0] !== '(') {
+                $filter = '(' . $filter . ')';
+            }
+            $combinedFilter .= $filter;
+        }
+        $combinedFilter .= ')';
+        return $combinedFilter;
+    }
+
+    /**
+     * creates a filter part for to perform search for users
+     *
+     * @param string $search the search term
+     * @return string the final filter part to use in LDAP searches
+     */
+    public function getFilterPartForUserSearch($search) {
+        return $this->getFilterPartForSearch($search,
+            $this->connection->ldapAttributesForUserSearch,
+            $this->connection->ldapUserDisplayName);
+    }
+
+    /**
+     * creates a filter part for to perform search for groups
+     *
+     * @param string $search the search term
+     * @return string the final filter part to use in LDAP searches
+     */
+    public function getFilterPartForGroupSearch($search) {
+        return $this->getFilterPartForSearch($search,
+            $this->connection->ldapAttributesForGroupSearch,
+            $this->connection->ldapGroupDisplayName);
+    }
+
+    /**
+     * creates a filter part for searches by splitting up the given search
+     * string into single words
+     *
+     * @param string $search the search term
+     * @param string[] $searchAttributes needs to have at least two attributes,
+     * otherwise it does not make sense :)
+     * @return string the final filter part to use in LDAP searches
+     * @throws DomainException
+     */
+    private function getAdvancedFilterPartForSearch($search, $searchAttributes) {
+        if (!is_array($searchAttributes) || count($searchAttributes) < 2) {
+            throw new DomainException('searchAttributes must be an array with at least two string');
+        }
+        $searchWords = explode(' ', trim($search));
+        $wordFilters = [];
+        foreach ($searchWords as $word) {
+            $word = $this->prepareSearchTerm($word);
+            //every word needs to appear at least once
+            $wordMatchOneAttrFilters = [];
+            foreach ($searchAttributes as $attr) {
+                $wordMatchOneAttrFilters[] = $attr . '=' . $word;
+            }
+            $wordFilters[] = $this->combineFilterWithOr($wordMatchOneAttrFilters);
+        }
+        return $this->combineFilterWithAnd($wordFilters);
+    }
+
+    /**
+     * creates a filter part for searches
+     *
+     * @param string $search the search term
+     * @param string[]|null $searchAttributes
+     * @param string $fallbackAttribute a fallback attribute in case the user
+     * did not define search attributes. Typically the display name attribute.
+     * @return string the final filter part to use in LDAP searches
+     */
+    private function getFilterPartForSearch($search, $searchAttributes, $fallbackAttribute) {
+        $filter = [];
+        $haveMultiSearchAttributes = (is_array($searchAttributes) && count($searchAttributes) > 0);
+        if ($haveMultiSearchAttributes && strpos(trim($search), ' ') !== false) {
+            try {
+                return $this->getAdvancedFilterPartForSearch($search, $searchAttributes);
+            } catch (DomainException $e) {
+                // Creating advanced filter for search failed, falling back to simple method. Edge case, but valid.
+            }
+        }
+
+        $search = $this->prepareSearchTerm($search);
+        if (!is_array($searchAttributes) || count($searchAttributes) === 0) {
+            if ($fallbackAttribute === '') {
+                return '';
+            }
+            $filter[] = $fallbackAttribute . '=' . $search;
+        } else {
+            foreach ($searchAttributes as $attribute) {
+                $filter[] = $attribute . '=' . $search;
+            }
+        }
+        if (count($filter) === 1) {
+            return '(' . $filter[0] . ')';
+        }
+        return $this->combineFilterWithOr($filter);
+    }
+
+    /**
+     * returns the search term depending on whether we are allowed
+     * list users found by ldap with the current input appended by
+     * a *
+     *
+     * @return string
+     */
+    private function prepareSearchTerm($term) {
+        $config = \OC::$server->getConfig();
+
+        $allowEnum = $config->getAppValue('core', 'shareapi_allow_share_dialog_user_enumeration', 'yes');
+
+        $result = $term;
+        if ($term === '') {
+            $result = '*';
+        } elseif ($allowEnum !== 'no') {
+            $result = $term . '*';
+        }
+        return $result;
+    }
+
+    /**
+     * returns the filter used for counting users
+     *
+     * @return string
+     */
+    public function getFilterForUserCount() {
+        $filter = $this->combineFilterWithAnd([
+            $this->connection->ldapUserFilter,
+            $this->connection->ldapUserDisplayName . '=*'
+        ]);
+
+        return $filter;
+    }
+
+    /**
+     * @param string $name
+     * @param string $password
+     * @return bool
+     */
+    public function areCredentialsValid($name, $password) {
+        $name = $this->helper->DNasBaseParameter($name);
+        $testConnection = clone $this->connection;
+        $credentials = [
+            'ldapAgentName' => $name,
+            'ldapAgentPassword' => $password
+        ];
+        if (!$testConnection->setConfiguration($credentials)) {
+            return false;
+        }
+        return $testConnection->bind();
+    }
+
+    /**
+     * reverse lookup of a DN given a known UUID
+     *
+     * @param string $uuid
+     * @return string
+     * @throws \Exception
+     */
+    public function getUserDnByUuid($uuid) {
+        $uuidOverride = $this->connection->ldapExpertUUIDUserAttr;
+        $filter = $this->connection->ldapUserFilter;
+        $bases = $this->connection->ldapBaseUsers;
+
+        if ($this->connection->ldapUuidUserAttribute === 'auto' && $uuidOverride === '') {
+            // Sacrebleu! The UUID attribute is unknown :( We need first an
+            // existing DN to be able to reliably detect it.
+            foreach ($bases as $base) {
+                $result = $this->search($filter, $base, ['dn'], 1);
+                if (!isset($result[0]) || !isset($result[0]['dn'])) {
+                    continue;
+                }
+                $dn = $result[0]['dn'][0];
+                if ($hasFound = $this->detectUuidAttribute($dn, true)) {
+                    break;
+                }
+            }
+            if (!isset($hasFound) || !$hasFound) {
+                throw new \Exception('Cannot determine UUID attribute');
+            }
+        } else {
+            // The UUID attribute is either known or an override is given.
+            // By calling this method we ensure that $this->connection->$uuidAttr
+            // is definitely set
+            if (!$this->detectUuidAttribute('', true)) {
+                throw new \Exception('Cannot determine UUID attribute');
+            }
+        }
+
+        $uuidAttr = $this->connection->ldapUuidUserAttribute;
+        if ($uuidAttr === 'guid' || $uuidAttr === 'objectguid') {
+            $uuid = $this->formatGuid2ForFilterUser($uuid);
+        }
+
+        $filter = $uuidAttr . '=' . $uuid;
+        $result = $this->searchUsers($filter, ['dn'], 2);
+        if (is_array($result) && isset($result[0]) && isset($result[0]['dn']) && count($result) === 1) {
+            // we put the count into account to make sure that this is
+            // really unique
+            return $result[0]['dn'][0];
+        }
+
+        throw new \Exception('Cannot determine UUID attribute');
+    }
+
+    /**
+     * auto-detects the directory's UUID attribute
+     *
+     * @param string $dn a known DN used to check against
+     * @param bool $isUser
+     * @param bool $force the detection should be run, even if it is not set to auto
+     * @param array|null $ldapRecord
+     * @return bool true on success, false otherwise
+     * @throws ServerNotAvailableException
+     */
+    private function detectUuidAttribute($dn, $isUser = true, $force = false, array $ldapRecord = null) {
+        if ($isUser) {
+            $uuidAttr = 'ldapUuidUserAttribute';
+            $uuidOverride = $this->connection->ldapExpertUUIDUserAttr;
+        } else {
+            $uuidAttr = 'ldapUuidGroupAttribute';
+            $uuidOverride = $this->connection->ldapExpertUUIDGroupAttr;
+        }
+
+        if (!$force) {
+            if ($this->connection->$uuidAttr !== 'auto') {
+                return true;
+            } elseif (is_string($uuidOverride) && trim($uuidOverride) !== '') {
+                $this->connection->$uuidAttr = $uuidOverride;
+                return true;
+            }
+
+            $attribute = $this->connection->getFromCache($uuidAttr);
+            if (!$attribute === null) {
+                $this->connection->$uuidAttr = $attribute;
+                return true;
+            }
+        }
+
+        foreach (self::UUID_ATTRIBUTES as $attribute) {
+            if ($ldapRecord !== null) {
+                // we have the info from LDAP already, we don't need to talk to the server again
+                if (isset($ldapRecord[$attribute])) {
+                    $this->connection->$uuidAttr = $attribute;
+                    return true;
+                }
+            }
+
+            $value = $this->readAttribute($dn, $attribute);
+            if (is_array($value) && isset($value[0]) && !empty($value[0])) {
+                \OC::$server->getLogger()->debug(
+                    'Setting {attribute} as {subject}',
+                    [
+                        'app' => 'user_ldap',
+                        'attribute' => $attribute,
+                        'subject' => $uuidAttr
+                    ]
+                );
+                $this->connection->$uuidAttr = $attribute;
+                $this->connection->writeToCache($uuidAttr, $attribute);
+                return true;
+            }
+        }
+        \OC::$server->getLogger()->debug('Could not autodetect the UUID attribute', ['app' => 'user_ldap']);
+
+        return false;
+    }
+
+    /**
+     * @param string $dn
+     * @param bool $isUser
+     * @param null $ldapRecord
+     * @return bool|string
+     * @throws ServerNotAvailableException
+     */
+    public function getUUID($dn, $isUser = true, $ldapRecord = null) {
+        if ($isUser) {
+            $uuidAttr = 'ldapUuidUserAttribute';
+            $uuidOverride = $this->connection->ldapExpertUUIDUserAttr;
+        } else {
+            $uuidAttr = 'ldapUuidGroupAttribute';
+            $uuidOverride = $this->connection->ldapExpertUUIDGroupAttr;
+        }
+
+        $uuid = false;
+        if ($this->detectUuidAttribute($dn, $isUser, false, $ldapRecord)) {
+            $attr = $this->connection->$uuidAttr;
+            $uuid = isset($ldapRecord[$attr]) ? $ldapRecord[$attr] : $this->readAttribute($dn, $attr);
+            if (!is_array($uuid)
+                && $uuidOverride !== ''
+                && $this->detectUuidAttribute($dn, $isUser, true, $ldapRecord)) {
+                $uuid = isset($ldapRecord[$this->connection->$uuidAttr])
+                    ? $ldapRecord[$this->connection->$uuidAttr]
+                    : $this->readAttribute($dn, $this->connection->$uuidAttr);
+            }
+            if (is_array($uuid) && isset($uuid[0]) && !empty($uuid[0])) {
+                $uuid = $uuid[0];
+            }
+        }
+
+        return $uuid;
+    }
+
+    /**
+     * converts a binary ObjectGUID into a string representation
+     *
+     * @param string $oguid the ObjectGUID in it's binary form as retrieved from AD
+     * @return string
+     * @link http://www.php.net/manual/en/function.ldap-get-values-len.php#73198
+     */
+    private function convertObjectGUID2Str($oguid) {
+        $hex_guid = bin2hex($oguid);
+        $hex_guid_to_guid_str = '';
+        for ($k = 1; $k <= 4; ++$k) {
+            $hex_guid_to_guid_str .= substr($hex_guid, 8 - 2 * $k, 2);
+        }
+        $hex_guid_to_guid_str .= '-';
+        for ($k = 1; $k <= 2; ++$k) {
+            $hex_guid_to_guid_str .= substr($hex_guid, 12 - 2 * $k, 2);
+        }
+        $hex_guid_to_guid_str .= '-';
+        for ($k = 1; $k <= 2; ++$k) {
+            $hex_guid_to_guid_str .= substr($hex_guid, 16 - 2 * $k, 2);
+        }
+        $hex_guid_to_guid_str .= '-' . substr($hex_guid, 16, 4);
+        $hex_guid_to_guid_str .= '-' . substr($hex_guid, 20);
+
+        return strtoupper($hex_guid_to_guid_str);
+    }
+
+    /**
+     * the first three blocks of the string-converted GUID happen to be in
+     * reverse order. In order to use it in a filter, this needs to be
+     * corrected. Furthermore the dashes need to be replaced and \\ preprended
+     * to every two hax figures.
+     *
+     * If an invalid string is passed, it will be returned without change.
+     *
+     * @param string $guid
+     * @return string
+     */
+    public function formatGuid2ForFilterUser($guid) {
+        if (!is_string($guid)) {
+            throw new \InvalidArgumentException('String expected');
+        }
+        $blocks = explode('-', $guid);
+        if (count($blocks) !== 5) {
+            /*
 			 * Why not throw an Exception instead? This method is a utility
 			 * called only when trying to figure out whether a "missing" known
 			 * LDAP user was or was not renamed on the LDAP server. And this
@@ -1831,246 +1831,246 @@  discard block
 block discarded – undo
 			 * an exception here would kill the experience for a valid, acting
 			 * user. Instead we write a log message.
 			 */
-			\OC::$server->getLogger()->info(
-				'Passed string does not resemble a valid GUID. Known UUID ' .
-				'({uuid}) probably does not match UUID configuration.',
-				['app' => 'user_ldap', 'uuid' => $guid]
-			);
-			return $guid;
-		}
-		for ($i = 0; $i < 3; $i++) {
-			$pairs = str_split($blocks[$i], 2);
-			$pairs = array_reverse($pairs);
-			$blocks[$i] = implode('', $pairs);
-		}
-		for ($i = 0; $i < 5; $i++) {
-			$pairs = str_split($blocks[$i], 2);
-			$blocks[$i] = '\\' . implode('\\', $pairs);
-		}
-		return implode('', $blocks);
-	}
-
-	/**
-	 * gets a SID of the domain of the given dn
-	 *
-	 * @param string $dn
-	 * @return string|bool
-	 * @throws ServerNotAvailableException
-	 */
-	public function getSID($dn) {
-		$domainDN = $this->getDomainDNFromDN($dn);
-		$cacheKey = 'getSID-' . $domainDN;
-		$sid = $this->connection->getFromCache($cacheKey);
-		if (!is_null($sid)) {
-			return $sid;
-		}
-
-		$objectSid = $this->readAttribute($domainDN, 'objectsid');
-		if (!is_array($objectSid) || empty($objectSid)) {
-			$this->connection->writeToCache($cacheKey, false);
-			return false;
-		}
-		$domainObjectSid = $this->convertSID2Str($objectSid[0]);
-		$this->connection->writeToCache($cacheKey, $domainObjectSid);
-
-		return $domainObjectSid;
-	}
-
-	/**
-	 * converts a binary SID into a string representation
-	 *
-	 * @param string $sid
-	 * @return string
-	 */
-	public function convertSID2Str($sid) {
-		// The format of a SID binary string is as follows:
-		// 1 byte for the revision level
-		// 1 byte for the number n of variable sub-ids
-		// 6 bytes for identifier authority value
-		// n*4 bytes for n sub-ids
-		//
-		// Example: 010400000000000515000000a681e50e4d6c6c2bca32055f
-		//  Legend: RRNNAAAAAAAAAAAA11111111222222223333333344444444
-		$revision = ord($sid[0]);
-		$numberSubID = ord($sid[1]);
-
-		$subIdStart = 8; // 1 + 1 + 6
-		$subIdLength = 4;
-		if (strlen($sid) !== $subIdStart + $subIdLength * $numberSubID) {
-			// Incorrect number of bytes present.
-			return '';
-		}
-
-		// 6 bytes = 48 bits can be represented using floats without loss of
-		// precision (see https://gist.github.com/bantu/886ac680b0aef5812f71)
-		$iav = number_format(hexdec(bin2hex(substr($sid, 2, 6))), 0, '', '');
-
-		$subIDs = [];
-		for ($i = 0; $i < $numberSubID; $i++) {
-			$subID = unpack('V', substr($sid, $subIdStart + $subIdLength * $i, $subIdLength));
-			$subIDs[] = sprintf('%u', $subID[1]);
-		}
-
-		// Result for example above: S-1-5-21-249921958-728525901-1594176202
-		return sprintf('S-%d-%s-%s', $revision, $iav, implode('-', $subIDs));
-	}
-
-	/**
-	 * checks if the given DN is part of the given base DN(s)
-	 *
-	 * @param string $dn the DN
-	 * @param string[] $bases array containing the allowed base DN or DNs
-	 * @return bool
-	 */
-	public function isDNPartOfBase($dn, $bases) {
-		$belongsToBase = false;
-		$bases = $this->helper->sanitizeDN($bases);
-
-		foreach ($bases as $base) {
-			$belongsToBase = true;
-			if (mb_strripos($dn, $base, 0, 'UTF-8') !== (mb_strlen($dn, 'UTF-8') - mb_strlen($base, 'UTF-8'))) {
-				$belongsToBase = false;
-			}
-			if ($belongsToBase) {
-				break;
-			}
-		}
-		return $belongsToBase;
-	}
-
-	/**
-	 * resets a running Paged Search operation
-	 *
-	 * @throws ServerNotAvailableException
-	 */
-	private function abandonPagedSearch() {
-		if ($this->lastCookie === '') {
-			return;
-		}
-		$cr = $this->connection->getConnectionResource();
-		$this->invokeLDAPMethod('controlPagedResult', $cr, 0, false);
-		$this->getPagedSearchResultState();
-		$this->lastCookie = '';
-	}
-
-	/**
-	 * checks whether an LDAP paged search operation has more pages that can be
-	 * retrieved, typically when offset and limit are provided.
-	 *
-	 * Be very careful to use it: the last cookie value, which is inspected, can
-	 * be reset by other operations. Best, call it immediately after a search(),
-	 * searchUsers() or searchGroups() call. count-methods are probably safe as
-	 * well. Don't rely on it with any fetchList-method.
-	 *
-	 * @return bool
-	 */
-	public function hasMoreResults() {
-		if (empty($this->lastCookie) && $this->lastCookie !== '0') {
-			// as in RFC 2696, when all results are returned, the cookie will
-			// be empty.
-			return false;
-		}
-
-		return true;
-	}
-
-	/**
-	 * Check whether the most recent paged search was successful. It flushed the state var. Use it always after a possible paged search.
-	 *
-	 * @return boolean|null true on success, null or false otherwise
-	 */
-	public function getPagedSearchResultState() {
-		$result = $this->pagedSearchedSuccessful;
-		$this->pagedSearchedSuccessful = null;
-		return $result;
-	}
-
-	/**
-	 * Prepares a paged search, if possible
-	 *
-	 * @param string $filter the LDAP filter for the search
-	 * @param string[] $bases an array containing the LDAP subtree(s) that shall be searched
-	 * @param string[] $attr optional, when a certain attribute shall be filtered outside
-	 * @param int $limit
-	 * @param int $offset
-	 * @return bool|true
-	 * @throws ServerNotAvailableException
-	 */
-	private function initPagedSearch(
-		string $filter,
-		string $base,
-		?array $attr,
-		int $limit,
-		int $offset
-	): bool {
-		$pagedSearchOK = false;
-		if ($limit !== 0) {
-			\OC::$server->getLogger()->debug(
-				'initializing paged search for filter {filter}, base {base}, attr {attr}, limit {limit}, offset {offset}',
-				[
-					'app' => 'user_ldap',
-					'filter' => $filter,
-					'base' => $base,
-					'attr' => $attr,
-					'limit' => $limit,
-					'offset' => $offset
-				]
-			);
-			//get the cookie from the search for the previous search, required by LDAP
-			if (empty($this->lastCookie) && $this->lastCookie !== "0" && ($offset > 0)) {
-				// no cookie known from a potential previous search. We need
-				// to start from 0 to come to the desired page. cookie value
-				// of '0' is valid, because 389ds
-				$reOffset = ($offset - $limit) < 0 ? 0 : $offset - $limit;
-				$this->search($filter, $base, $attr, $limit, $reOffset, true);
-				if (!$this->hasMoreResults()) {
-					// when the cookie is reset with != 0 offset, there are no further
-					// results, so stop.
-					return false;
-				}
-			}
-			if ($this->lastCookie !== '' && $offset === 0) {
-				//since offset = 0, this is a new search. We abandon other searches that might be ongoing.
-				$this->abandonPagedSearch();
-			}
-			$pagedSearchOK = true === $this->invokeLDAPMethod(
-					'controlPagedResult', $this->connection->getConnectionResource(), $limit, false
-				);
-			if ($pagedSearchOK) {
-				\OC::$server->getLogger()->debug('Ready for a paged search', ['app' => 'user_ldap']);
-			}
-			/* ++ Fixing RHDS searches with pages with zero results ++
+            \OC::$server->getLogger()->info(
+                'Passed string does not resemble a valid GUID. Known UUID ' .
+                '({uuid}) probably does not match UUID configuration.',
+                ['app' => 'user_ldap', 'uuid' => $guid]
+            );
+            return $guid;
+        }
+        for ($i = 0; $i < 3; $i++) {
+            $pairs = str_split($blocks[$i], 2);
+            $pairs = array_reverse($pairs);
+            $blocks[$i] = implode('', $pairs);
+        }
+        for ($i = 0; $i < 5; $i++) {
+            $pairs = str_split($blocks[$i], 2);
+            $blocks[$i] = '\\' . implode('\\', $pairs);
+        }
+        return implode('', $blocks);
+    }
+
+    /**
+     * gets a SID of the domain of the given dn
+     *
+     * @param string $dn
+     * @return string|bool
+     * @throws ServerNotAvailableException
+     */
+    public function getSID($dn) {
+        $domainDN = $this->getDomainDNFromDN($dn);
+        $cacheKey = 'getSID-' . $domainDN;
+        $sid = $this->connection->getFromCache($cacheKey);
+        if (!is_null($sid)) {
+            return $sid;
+        }
+
+        $objectSid = $this->readAttribute($domainDN, 'objectsid');
+        if (!is_array($objectSid) || empty($objectSid)) {
+            $this->connection->writeToCache($cacheKey, false);
+            return false;
+        }
+        $domainObjectSid = $this->convertSID2Str($objectSid[0]);
+        $this->connection->writeToCache($cacheKey, $domainObjectSid);
+
+        return $domainObjectSid;
+    }
+
+    /**
+     * converts a binary SID into a string representation
+     *
+     * @param string $sid
+     * @return string
+     */
+    public function convertSID2Str($sid) {
+        // The format of a SID binary string is as follows:
+        // 1 byte for the revision level
+        // 1 byte for the number n of variable sub-ids
+        // 6 bytes for identifier authority value
+        // n*4 bytes for n sub-ids
+        //
+        // Example: 010400000000000515000000a681e50e4d6c6c2bca32055f
+        //  Legend: RRNNAAAAAAAAAAAA11111111222222223333333344444444
+        $revision = ord($sid[0]);
+        $numberSubID = ord($sid[1]);
+
+        $subIdStart = 8; // 1 + 1 + 6
+        $subIdLength = 4;
+        if (strlen($sid) !== $subIdStart + $subIdLength * $numberSubID) {
+            // Incorrect number of bytes present.
+            return '';
+        }
+
+        // 6 bytes = 48 bits can be represented using floats without loss of
+        // precision (see https://gist.github.com/bantu/886ac680b0aef5812f71)
+        $iav = number_format(hexdec(bin2hex(substr($sid, 2, 6))), 0, '', '');
+
+        $subIDs = [];
+        for ($i = 0; $i < $numberSubID; $i++) {
+            $subID = unpack('V', substr($sid, $subIdStart + $subIdLength * $i, $subIdLength));
+            $subIDs[] = sprintf('%u', $subID[1]);
+        }
+
+        // Result for example above: S-1-5-21-249921958-728525901-1594176202
+        return sprintf('S-%d-%s-%s', $revision, $iav, implode('-', $subIDs));
+    }
+
+    /**
+     * checks if the given DN is part of the given base DN(s)
+     *
+     * @param string $dn the DN
+     * @param string[] $bases array containing the allowed base DN or DNs
+     * @return bool
+     */
+    public function isDNPartOfBase($dn, $bases) {
+        $belongsToBase = false;
+        $bases = $this->helper->sanitizeDN($bases);
+
+        foreach ($bases as $base) {
+            $belongsToBase = true;
+            if (mb_strripos($dn, $base, 0, 'UTF-8') !== (mb_strlen($dn, 'UTF-8') - mb_strlen($base, 'UTF-8'))) {
+                $belongsToBase = false;
+            }
+            if ($belongsToBase) {
+                break;
+            }
+        }
+        return $belongsToBase;
+    }
+
+    /**
+     * resets a running Paged Search operation
+     *
+     * @throws ServerNotAvailableException
+     */
+    private function abandonPagedSearch() {
+        if ($this->lastCookie === '') {
+            return;
+        }
+        $cr = $this->connection->getConnectionResource();
+        $this->invokeLDAPMethod('controlPagedResult', $cr, 0, false);
+        $this->getPagedSearchResultState();
+        $this->lastCookie = '';
+    }
+
+    /**
+     * checks whether an LDAP paged search operation has more pages that can be
+     * retrieved, typically when offset and limit are provided.
+     *
+     * Be very careful to use it: the last cookie value, which is inspected, can
+     * be reset by other operations. Best, call it immediately after a search(),
+     * searchUsers() or searchGroups() call. count-methods are probably safe as
+     * well. Don't rely on it with any fetchList-method.
+     *
+     * @return bool
+     */
+    public function hasMoreResults() {
+        if (empty($this->lastCookie) && $this->lastCookie !== '0') {
+            // as in RFC 2696, when all results are returned, the cookie will
+            // be empty.
+            return false;
+        }
+
+        return true;
+    }
+
+    /**
+     * Check whether the most recent paged search was successful. It flushed the state var. Use it always after a possible paged search.
+     *
+     * @return boolean|null true on success, null or false otherwise
+     */
+    public function getPagedSearchResultState() {
+        $result = $this->pagedSearchedSuccessful;
+        $this->pagedSearchedSuccessful = null;
+        return $result;
+    }
+
+    /**
+     * Prepares a paged search, if possible
+     *
+     * @param string $filter the LDAP filter for the search
+     * @param string[] $bases an array containing the LDAP subtree(s) that shall be searched
+     * @param string[] $attr optional, when a certain attribute shall be filtered outside
+     * @param int $limit
+     * @param int $offset
+     * @return bool|true
+     * @throws ServerNotAvailableException
+     */
+    private function initPagedSearch(
+        string $filter,
+        string $base,
+        ?array $attr,
+        int $limit,
+        int $offset
+    ): bool {
+        $pagedSearchOK = false;
+        if ($limit !== 0) {
+            \OC::$server->getLogger()->debug(
+                'initializing paged search for filter {filter}, base {base}, attr {attr}, limit {limit}, offset {offset}',
+                [
+                    'app' => 'user_ldap',
+                    'filter' => $filter,
+                    'base' => $base,
+                    'attr' => $attr,
+                    'limit' => $limit,
+                    'offset' => $offset
+                ]
+            );
+            //get the cookie from the search for the previous search, required by LDAP
+            if (empty($this->lastCookie) && $this->lastCookie !== "0" && ($offset > 0)) {
+                // no cookie known from a potential previous search. We need
+                // to start from 0 to come to the desired page. cookie value
+                // of '0' is valid, because 389ds
+                $reOffset = ($offset - $limit) < 0 ? 0 : $offset - $limit;
+                $this->search($filter, $base, $attr, $limit, $reOffset, true);
+                if (!$this->hasMoreResults()) {
+                    // when the cookie is reset with != 0 offset, there are no further
+                    // results, so stop.
+                    return false;
+                }
+            }
+            if ($this->lastCookie !== '' && $offset === 0) {
+                //since offset = 0, this is a new search. We abandon other searches that might be ongoing.
+                $this->abandonPagedSearch();
+            }
+            $pagedSearchOK = true === $this->invokeLDAPMethod(
+                    'controlPagedResult', $this->connection->getConnectionResource(), $limit, false
+                );
+            if ($pagedSearchOK) {
+                \OC::$server->getLogger()->debug('Ready for a paged search', ['app' => 'user_ldap']);
+            }
+            /* ++ Fixing RHDS searches with pages with zero results ++
 			 * We coudn't get paged searches working with our RHDS for login ($limit = 0),
 			 * due to pages with zero results.
 			 * So we added "&& !empty($this->lastCookie)" to this test to ignore pagination
 			 * if we don't have a previous paged search.
 			 */
-		} elseif ($limit === 0 && !empty($this->lastCookie)) {
-			// a search without limit was requested. However, if we do use
-			// Paged Search once, we always must do it. This requires us to
-			// initialize it with the configured page size.
-			$this->abandonPagedSearch();
-			// in case someone set it to 0 … use 500, otherwise no results will
-			// be returned.
-			$pageSize = (int)$this->connection->ldapPagingSize > 0 ? (int)$this->connection->ldapPagingSize : 500;
-			$pagedSearchOK = $this->invokeLDAPMethod('controlPagedResult',
-				$this->connection->getConnectionResource(),
-				$pageSize, false);
-		}
-
-		return $pagedSearchOK;
-	}
-
-	/**
-	 * Is more than one $attr used for search?
-	 *
-	 * @param string|string[]|null $attr
-	 * @return bool
-	 */
-	private function manyAttributes($attr): bool {
-		if (\is_array($attr)) {
-			return \count($attr) > 1;
-		}
-		return false;
-	}
+        } elseif ($limit === 0 && !empty($this->lastCookie)) {
+            // a search without limit was requested. However, if we do use
+            // Paged Search once, we always must do it. This requires us to
+            // initialize it with the configured page size.
+            $this->abandonPagedSearch();
+            // in case someone set it to 0 … use 500, otherwise no results will
+            // be returned.
+            $pageSize = (int)$this->connection->ldapPagingSize > 0 ? (int)$this->connection->ldapPagingSize : 500;
+            $pagedSearchOK = $this->invokeLDAPMethod('controlPagedResult',
+                $this->connection->getConnectionResource(),
+                $pageSize, false);
+        }
+
+        return $pagedSearchOK;
+    }
+
+    /**
+     * Is more than one $attr used for search?
+     *
+     * @param string|string[]|null $attr
+     * @return bool
+     */
+    private function manyAttributes($attr): bool {
+        if (\is_array($attr)) {
+            return \count($attr) > 1;
+        }
+        return false;
+    }
 }

Please login to merge, or discard this patch.

apps/user_ldap/lib/LDAPProviderFactory.php 1 patch

Indentation +8 added lines, -8 removed lines patch added patch discarded remove patch

@@ -31,14 +31,14 @@
 block discarded – undo
 use OCP\LDAP\ILDAPProviderFactory;
 
 class LDAPProviderFactory implements ILDAPProviderFactory {
-	/** * @var IServerContainer */
-	private $serverContainer;
+    /** * @var IServerContainer */
+    private $serverContainer;
 
-	public function __construct(IServerContainer $serverContainer) {
-		$this->serverContainer = $serverContainer;
-	}
+    public function __construct(IServerContainer $serverContainer) {
+        $this->serverContainer = $serverContainer;
+    }
 
-	public function getLDAPProvider(): ILDAPProvider {
-		return $this->serverContainer->get(LDAPProvider::class);
-	}
+    public function getLDAPProvider(): ILDAPProvider {
+        return $this->serverContainer->get(LDAPProvider::class);
+    }
 }

Please login to merge, or discard this patch.

apps/user_ldap/lib/Proxy.php 1 patch

Indentation +181 added lines, -181 removed lines patch added patch discarded remove patch

@@ -39,185 +39,185 @@
 block discarded – undo
 use OCP\Share\IManager;
 
 abstract class Proxy {
-	private static $accesses = [];
-	private $ldap = null;
-	/** @var bool */
-	private $isSingleBackend;
-
-	/** @var \OCP\ICache|null */
-	private $cache;
-
-	/**
-	 * @param ILDAPWrapper $ldap
-	 */
-	public function __construct(ILDAPWrapper $ldap) {
-		$this->ldap = $ldap;
-		$memcache = \OC::$server->getMemCacheFactory();
-		if ($memcache->isAvailable()) {
-			$this->cache = $memcache->createDistributed();
-		}
-	}
-
-	/**
-	 * @param string $configPrefix
-	 */
-	private function addAccess($configPrefix) {
-		static $ocConfig;
-		static $fs;
-		static $log;
-		static $avatarM;
-		static $userMap;
-		static $groupMap;
-		static $shareManager;
-		static $coreUserManager;
-		static $coreNotificationManager;
-		if ($fs === null) {
-			$ocConfig = \OC::$server->getConfig();
-			$fs = new FilesystemHelper();
-			$log = new LogWrapper();
-			$avatarM = \OC::$server->getAvatarManager();
-			$db = \OC::$server->getDatabaseConnection();
-			$userMap = new UserMapping($db);
-			$groupMap = new GroupMapping($db);
-			$coreUserManager = \OC::$server->getUserManager();
-			$coreNotificationManager = \OC::$server->getNotificationManager();
-			$shareManager = \OC::$server->get(IManager::class);
-		}
-		$userManager =
-			new Manager($ocConfig, $fs, $log, $avatarM, new \OCP\Image(),
-				$coreUserManager, $coreNotificationManager, $shareManager);
-		$connector = new Connection($this->ldap, $configPrefix);
-		$access = new Access($connector, $this->ldap, $userManager, new Helper($ocConfig), $ocConfig, $coreUserManager);
-		$access->setUserMapper($userMap);
-		$access->setGroupMapper($groupMap);
-		self::$accesses[$configPrefix] = $access;
-	}
-
-	/**
-	 * @param string $configPrefix
-	 * @return mixed
-	 */
-	protected function getAccess($configPrefix) {
-		if (!isset(self::$accesses[$configPrefix])) {
-			$this->addAccess($configPrefix);
-		}
-		return self::$accesses[$configPrefix];
-	}
-
-	/**
-	 * @param string $uid
-	 * @return string
-	 */
-	protected function getUserCacheKey($uid) {
-		return 'user-' . $uid . '-lastSeenOn';
-	}
-
-	/**
-	 * @param string $gid
-	 * @return string
-	 */
-	protected function getGroupCacheKey($gid) {
-		return 'group-' . $gid . '-lastSeenOn';
-	}
-
-	/**
-	 * @param string $id
-	 * @param string $method
-	 * @param array $parameters
-	 * @param bool $passOnWhen
-	 * @return mixed
-	 */
-	abstract protected function callOnLastSeenOn($id, $method, $parameters, $passOnWhen);
-
-	/**
-	 * @param string $id
-	 * @param string $method
-	 * @param array $parameters
-	 * @return mixed
-	 */
-	abstract protected function walkBackends($id, $method, $parameters);
-
-	/**
-	 * @param string $id
-	 * @return Access
-	 */
-	abstract public function getLDAPAccess($id);
-
-	abstract protected function activeBackends(): int;
-
-	protected function isSingleBackend(): bool {
-		if ($this->isSingleBackend === null) {
-			$this->isSingleBackend = $this->activeBackends() === 1;
-		}
-		return $this->isSingleBackend;
-	}
-
-	/**
-	 * Takes care of the request to the User backend
-	 *
-	 * @param string $id
-	 * @param string $method string, the method of the user backend that shall be called
-	 * @param array $parameters an array of parameters to be passed
-	 * @param bool $passOnWhen
-	 * @return mixed, the result of the specified method
-	 */
-	protected function handleRequest($id, $method, $parameters, $passOnWhen = false) {
-		if (!$this->isSingleBackend()) {
-			$result = $this->callOnLastSeenOn($id, $method, $parameters, $passOnWhen);
-		}
-		if (!isset($result) || $result === $passOnWhen) {
-			$result = $this->walkBackends($id, $method, $parameters);
-		}
-		return $result;
-	}
-
-	/**
-	 * @param string|null $key
-	 * @return string
-	 */
-	private function getCacheKey($key) {
-		$prefix = 'LDAP-Proxy-';
-		if ($key === null) {
-			return $prefix;
-		}
-		return $prefix . hash('sha256', $key);
-	}
-
-	/**
-	 * @param string $key
-	 * @return mixed|null
-	 */
-	public function getFromCache($key) {
-		if ($this->cache === null) {
-			return null;
-		}
-
-		$key = $this->getCacheKey($key);
-		$value = $this->cache->get($key);
-		if ($value === null) {
-			return null;
-		}
-
-		return json_decode(base64_decode($value));
-	}
-
-	/**
-	 * @param string $key
-	 * @param mixed $value
-	 */
-	public function writeToCache($key, $value) {
-		if ($this->cache === null) {
-			return;
-		}
-		$key = $this->getCacheKey($key);
-		$value = base64_encode(json_encode($value));
-		$this->cache->set($key, $value, 2592000);
-	}
-
-	public function clearCache() {
-		if ($this->cache === null) {
-			return;
-		}
-		$this->cache->clear($this->getCacheKey(null));
-	}
+    private static $accesses = [];
+    private $ldap = null;
+    /** @var bool */
+    private $isSingleBackend;
+
+    /** @var \OCP\ICache|null */
+    private $cache;
+
+    /**
+     * @param ILDAPWrapper $ldap
+     */
+    public function __construct(ILDAPWrapper $ldap) {
+        $this->ldap = $ldap;
+        $memcache = \OC::$server->getMemCacheFactory();
+        if ($memcache->isAvailable()) {
+            $this->cache = $memcache->createDistributed();
+        }
+    }
+
+    /**
+     * @param string $configPrefix
+     */
+    private function addAccess($configPrefix) {
+        static $ocConfig;
+        static $fs;
+        static $log;
+        static $avatarM;
+        static $userMap;
+        static $groupMap;
+        static $shareManager;
+        static $coreUserManager;
+        static $coreNotificationManager;
+        if ($fs === null) {
+            $ocConfig = \OC::$server->getConfig();
+            $fs = new FilesystemHelper();
+            $log = new LogWrapper();
+            $avatarM = \OC::$server->getAvatarManager();
+            $db = \OC::$server->getDatabaseConnection();
+            $userMap = new UserMapping($db);
+            $groupMap = new GroupMapping($db);
+            $coreUserManager = \OC::$server->getUserManager();
+            $coreNotificationManager = \OC::$server->getNotificationManager();
+            $shareManager = \OC::$server->get(IManager::class);
+        }
+        $userManager =
+            new Manager($ocConfig, $fs, $log, $avatarM, new \OCP\Image(),
+                $coreUserManager, $coreNotificationManager, $shareManager);
+        $connector = new Connection($this->ldap, $configPrefix);
+        $access = new Access($connector, $this->ldap, $userManager, new Helper($ocConfig), $ocConfig, $coreUserManager);
+        $access->setUserMapper($userMap);
+        $access->setGroupMapper($groupMap);
+        self::$accesses[$configPrefix] = $access;
+    }
+
+    /**
+     * @param string $configPrefix
+     * @return mixed
+     */
+    protected function getAccess($configPrefix) {
+        if (!isset(self::$accesses[$configPrefix])) {
+            $this->addAccess($configPrefix);
+        }
+        return self::$accesses[$configPrefix];
+    }
+
+    /**
+     * @param string $uid
+     * @return string
+     */
+    protected function getUserCacheKey($uid) {
+        return 'user-' . $uid . '-lastSeenOn';
+    }
+
+    /**
+     * @param string $gid
+     * @return string
+     */
+    protected function getGroupCacheKey($gid) {
+        return 'group-' . $gid . '-lastSeenOn';
+    }
+
+    /**
+     * @param string $id
+     * @param string $method
+     * @param array $parameters
+     * @param bool $passOnWhen
+     * @return mixed
+     */
+    abstract protected function callOnLastSeenOn($id, $method, $parameters, $passOnWhen);
+
+    /**
+     * @param string $id
+     * @param string $method
+     * @param array $parameters
+     * @return mixed
+     */
+    abstract protected function walkBackends($id, $method, $parameters);
+
+    /**
+     * @param string $id
+     * @return Access
+     */
+    abstract public function getLDAPAccess($id);
+
+    abstract protected function activeBackends(): int;
+
+    protected function isSingleBackend(): bool {
+        if ($this->isSingleBackend === null) {
+            $this->isSingleBackend = $this->activeBackends() === 1;
+        }
+        return $this->isSingleBackend;
+    }
+
+    /**
+     * Takes care of the request to the User backend
+     *
+     * @param string $id
+     * @param string $method string, the method of the user backend that shall be called
+     * @param array $parameters an array of parameters to be passed
+     * @param bool $passOnWhen
+     * @return mixed, the result of the specified method
+     */
+    protected function handleRequest($id, $method, $parameters, $passOnWhen = false) {
+        if (!$this->isSingleBackend()) {
+            $result = $this->callOnLastSeenOn($id, $method, $parameters, $passOnWhen);
+        }
+        if (!isset($result) || $result === $passOnWhen) {
+            $result = $this->walkBackends($id, $method, $parameters);
+        }
+        return $result;
+    }
+
+    /**
+     * @param string|null $key
+     * @return string
+     */
+    private function getCacheKey($key) {
+        $prefix = 'LDAP-Proxy-';
+        if ($key === null) {
+            return $prefix;
+        }
+        return $prefix . hash('sha256', $key);
+    }
+
+    /**
+     * @param string $key
+     * @return mixed|null
+     */
+    public function getFromCache($key) {
+        if ($this->cache === null) {
+            return null;
+        }
+
+        $key = $this->getCacheKey($key);
+        $value = $this->cache->get($key);
+        if ($value === null) {
+            return null;
+        }
+
+        return json_decode(base64_decode($value));
+    }
+
+    /**
+     * @param string $key
+     * @param mixed $value
+     */
+    public function writeToCache($key, $value) {
+        if ($this->cache === null) {
+            return;
+        }
+        $key = $this->getCacheKey($key);
+        $value = base64_encode(json_encode($value));
+        $this->cache->set($key, $value, 2592000);
+    }
+
+    public function clearCache() {
+        if ($this->cache === null) {
+            return;
+        }
+        $this->cache->clear($this->getCacheKey(null));
+    }
 }

Please login to merge, or discard this patch.

apps/user_ldap/lib/User/Manager.php 1 patch

Indentation +198 added lines, -198 removed lines patch added patch discarded remove patch

@@ -48,228 +48,228 @@
 block discarded – undo
  * cache
  */
 class Manager {
-	/** @var Access */
-	protected $access;
+    /** @var Access */
+    protected $access;
 
-	/** @var IConfig */
-	protected $ocConfig;
+    /** @var IConfig */
+    protected $ocConfig;
 
-	/** @var IDBConnection */
-	protected $db;
+    /** @var IDBConnection */
+    protected $db;
 
-	/** @var IUserManager */
-	protected $userManager;
+    /** @var IUserManager */
+    protected $userManager;
 
-	/** @var INotificationManager */
-	protected $notificationManager;
+    /** @var INotificationManager */
+    protected $notificationManager;
 
-	/** @var FilesystemHelper */
-	protected $ocFilesystem;
+    /** @var FilesystemHelper */
+    protected $ocFilesystem;
 
-	/** @var LogWrapper */
-	protected $ocLog;
+    /** @var LogWrapper */
+    protected $ocLog;
 
-	/** @var Image */
-	protected $image;
+    /** @var Image */
+    protected $image;
 
-	/** @param \OCP\IAvatarManager */
-	protected $avatarManager;
+    /** @param \OCP\IAvatarManager */
+    protected $avatarManager;
 
-	/**
-	 * @var CappedMemoryCache $usersByDN
-	 */
-	protected $usersByDN;
-	/**
-	 * @var CappedMemoryCache $usersByUid
-	 */
-	protected $usersByUid;
-	/** @var IManager */
-	private $shareManager;
+    /**
+     * @var CappedMemoryCache $usersByDN
+     */
+    protected $usersByDN;
+    /**
+     * @var CappedMemoryCache $usersByUid
+     */
+    protected $usersByUid;
+    /** @var IManager */
+    private $shareManager;
 
-	public function __construct(
-		IConfig $ocConfig,
-		FilesystemHelper $ocFilesystem,
-		LogWrapper $ocLog,
-		IAvatarManager $avatarManager,
-		Image $image,
-		IUserManager $userManager,
-		INotificationManager $notificationManager,
-		IManager $shareManager
-	) {
-		$this->ocConfig = $ocConfig;
-		$this->ocFilesystem = $ocFilesystem;
-		$this->ocLog = $ocLog;
-		$this->avatarManager = $avatarManager;
-		$this->image = $image;
-		$this->userManager = $userManager;
-		$this->notificationManager = $notificationManager;
-		$this->usersByDN = new CappedMemoryCache();
-		$this->usersByUid = new CappedMemoryCache();
-		$this->shareManager = $shareManager;
-	}
+    public function __construct(
+        IConfig $ocConfig,
+        FilesystemHelper $ocFilesystem,
+        LogWrapper $ocLog,
+        IAvatarManager $avatarManager,
+        Image $image,
+        IUserManager $userManager,
+        INotificationManager $notificationManager,
+        IManager $shareManager
+    ) {
+        $this->ocConfig = $ocConfig;
+        $this->ocFilesystem = $ocFilesystem;
+        $this->ocLog = $ocLog;
+        $this->avatarManager = $avatarManager;
+        $this->image = $image;
+        $this->userManager = $userManager;
+        $this->notificationManager = $notificationManager;
+        $this->usersByDN = new CappedMemoryCache();
+        $this->usersByUid = new CappedMemoryCache();
+        $this->shareManager = $shareManager;
+    }
 
-	/**
-	 * Binds manager to an instance of Access.
-	 * It needs to be assigned first before the manager can be used.
-	 * @param Access
-	 */
-	public function setLdapAccess(Access $access) {
-		$this->access = $access;
-	}
+    /**
+     * Binds manager to an instance of Access.
+     * It needs to be assigned first before the manager can be used.
+     * @param Access
+     */
+    public function setLdapAccess(Access $access) {
+        $this->access = $access;
+    }
 
-	/**
-	 * @brief creates an instance of User and caches (just runtime) it in the
-	 * property array
-	 * @param string $dn the DN of the user
-	 * @param string $uid the internal (owncloud) username
-	 * @return \OCA\User_LDAP\User\User
-	 */
-	private function createAndCache($dn, $uid) {
-		$this->checkAccess();
-		$user = new User($uid, $dn, $this->access, $this->ocConfig,
-			$this->ocFilesystem, clone $this->image, $this->ocLog,
-			$this->avatarManager, $this->userManager,
-			$this->notificationManager);
-		$this->usersByDN[$dn] = $user;
-		$this->usersByUid[$uid] = $user;
-		return $user;
-	}
+    /**
+     * @brief creates an instance of User and caches (just runtime) it in the
+     * property array
+     * @param string $dn the DN of the user
+     * @param string $uid the internal (owncloud) username
+     * @return \OCA\User_LDAP\User\User
+     */
+    private function createAndCache($dn, $uid) {
+        $this->checkAccess();
+        $user = new User($uid, $dn, $this->access, $this->ocConfig,
+            $this->ocFilesystem, clone $this->image, $this->ocLog,
+            $this->avatarManager, $this->userManager,
+            $this->notificationManager);
+        $this->usersByDN[$dn] = $user;
+        $this->usersByUid[$uid] = $user;
+        return $user;
+    }
 
-	/**
-	 * removes a user entry from the cache
-	 * @param $uid
-	 */
-	public function invalidate($uid) {
-		if (!isset($this->usersByUid[$uid])) {
-			return;
-		}
-		$dn = $this->usersByUid[$uid]->getDN();
-		unset($this->usersByUid[$uid]);
-		unset($this->usersByDN[$dn]);
-	}
+    /**
+     * removes a user entry from the cache
+     * @param $uid
+     */
+    public function invalidate($uid) {
+        if (!isset($this->usersByUid[$uid])) {
+            return;
+        }
+        $dn = $this->usersByUid[$uid]->getDN();
+        unset($this->usersByUid[$uid]);
+        unset($this->usersByDN[$dn]);
+    }
 
-	/**
-	 * @brief checks whether the Access instance has been set
-	 * @throws \Exception if Access has not been set
-	 * @return null
-	 */
-	private function checkAccess() {
-		if (is_null($this->access)) {
-			throw new \Exception('LDAP Access instance must be set first');
-		}
-	}
+    /**
+     * @brief checks whether the Access instance has been set
+     * @throws \Exception if Access has not been set
+     * @return null
+     */
+    private function checkAccess() {
+        if (is_null($this->access)) {
+            throw new \Exception('LDAP Access instance must be set first');
+        }
+    }
 
-	/**
-	 * returns a list of attributes that will be processed further, e.g. quota,
-	 * email, displayname, or others.
-	 *
-	 * @param bool $minimal - optional, set to true to skip attributes with big
-	 * payload
-	 * @return string[]
-	 */
-	public function getAttributes($minimal = false) {
-		$baseAttributes = array_merge(Access::UUID_ATTRIBUTES, ['dn', 'uid', 'samaccountname', 'memberof']);
-		$attributes = [
-			$this->access->getConnection()->ldapExpertUUIDUserAttr,
-			$this->access->getConnection()->ldapQuotaAttribute,
-			$this->access->getConnection()->ldapEmailAttribute,
-			$this->access->getConnection()->ldapUserDisplayName,
-			$this->access->getConnection()->ldapUserDisplayName2,
-			$this->access->getConnection()->ldapExtStorageHomeAttribute,
-		];
+    /**
+     * returns a list of attributes that will be processed further, e.g. quota,
+     * email, displayname, or others.
+     *
+     * @param bool $minimal - optional, set to true to skip attributes with big
+     * payload
+     * @return string[]
+     */
+    public function getAttributes($minimal = false) {
+        $baseAttributes = array_merge(Access::UUID_ATTRIBUTES, ['dn', 'uid', 'samaccountname', 'memberof']);
+        $attributes = [
+            $this->access->getConnection()->ldapExpertUUIDUserAttr,
+            $this->access->getConnection()->ldapQuotaAttribute,
+            $this->access->getConnection()->ldapEmailAttribute,
+            $this->access->getConnection()->ldapUserDisplayName,
+            $this->access->getConnection()->ldapUserDisplayName2,
+            $this->access->getConnection()->ldapExtStorageHomeAttribute,
+        ];
 
-		$homeRule = $this->access->getConnection()->homeFolderNamingRule;
-		if (strpos($homeRule, 'attr:') === 0) {
-			$attributes[] = substr($homeRule, strlen('attr:'));
-		}
+        $homeRule = $this->access->getConnection()->homeFolderNamingRule;
+        if (strpos($homeRule, 'attr:') === 0) {
+            $attributes[] = substr($homeRule, strlen('attr:'));
+        }
 
-		if (!$minimal) {
-			// attributes that are not really important but may come with big
-			// payload.
-			$attributes = array_merge(
-				$attributes,
-				$this->access->getConnection()->resolveRule('avatar')
-			);
-		}
+        if (!$minimal) {
+            // attributes that are not really important but may come with big
+            // payload.
+            $attributes = array_merge(
+                $attributes,
+                $this->access->getConnection()->resolveRule('avatar')
+            );
+        }
 
-		$attributes = array_reduce($attributes,
-			function ($list, $attribute) {
-				$attribute = strtolower(trim((string)$attribute));
-				if (!empty($attribute) && !in_array($attribute, $list)) {
-					$list[] = $attribute;
-				}
+        $attributes = array_reduce($attributes,
+            function ($list, $attribute) {
+                $attribute = strtolower(trim((string)$attribute));
+                if (!empty($attribute) && !in_array($attribute, $list)) {
+                    $list[] = $attribute;
+                }
 
-				return $list;
-			},
-			$baseAttributes // hard-coded, lower-case, non-empty attributes
-		);
+                return $list;
+            },
+            $baseAttributes // hard-coded, lower-case, non-empty attributes
+        );
 
-		return $attributes;
-	}
+        return $attributes;
+    }
 
-	/**
-	 * Checks whether the specified user is marked as deleted
-	 * @param string $id the Nextcloud user name
-	 * @return bool
-	 */
-	public function isDeletedUser($id) {
-		$isDeleted = $this->ocConfig->getUserValue(
-			$id, 'user_ldap', 'isDeleted', 0);
-		return (int)$isDeleted === 1;
-	}
+    /**
+     * Checks whether the specified user is marked as deleted
+     * @param string $id the Nextcloud user name
+     * @return bool
+     */
+    public function isDeletedUser($id) {
+        $isDeleted = $this->ocConfig->getUserValue(
+            $id, 'user_ldap', 'isDeleted', 0);
+        return (int)$isDeleted === 1;
+    }
 
-	/**
-	 * creates and returns an instance of OfflineUser for the specified user
-	 * @param string $id
-	 * @return \OCA\User_LDAP\User\OfflineUser
-	 */
-	public function getDeletedUser($id) {
-		return new OfflineUser(
-			$id,
-			$this->ocConfig,
-			$this->access->getUserMapper(),
-			$this->shareManager
-		);
-	}
+    /**
+     * creates and returns an instance of OfflineUser for the specified user
+     * @param string $id
+     * @return \OCA\User_LDAP\User\OfflineUser
+     */
+    public function getDeletedUser($id) {
+        return new OfflineUser(
+            $id,
+            $this->ocConfig,
+            $this->access->getUserMapper(),
+            $this->shareManager
+        );
+    }
 
-	/**
-	 * @brief returns a User object by it's Nextcloud username
-	 * @param string $id the DN or username of the user
-	 * @return \OCA\User_LDAP\User\User|\OCA\User_LDAP\User\OfflineUser|null
-	 */
-	protected function createInstancyByUserName($id) {
-		//most likely a uid. Check whether it is a deleted user
-		if ($this->isDeletedUser($id)) {
-			return $this->getDeletedUser($id);
-		}
-		$dn = $this->access->username2dn($id);
-		if ($dn !== false) {
-			return $this->createAndCache($dn, $id);
-		}
-		return null;
-	}
+    /**
+     * @brief returns a User object by it's Nextcloud username
+     * @param string $id the DN or username of the user
+     * @return \OCA\User_LDAP\User\User|\OCA\User_LDAP\User\OfflineUser|null
+     */
+    protected function createInstancyByUserName($id) {
+        //most likely a uid. Check whether it is a deleted user
+        if ($this->isDeletedUser($id)) {
+            return $this->getDeletedUser($id);
+        }
+        $dn = $this->access->username2dn($id);
+        if ($dn !== false) {
+            return $this->createAndCache($dn, $id);
+        }
+        return null;
+    }
 
-	/**
-	 * @brief returns a User object by it's DN or Nextcloud username
-	 * @param string $id the DN or username of the user
-	 * @return \OCA\User_LDAP\User\User|\OCA\User_LDAP\User\OfflineUser|null
-	 * @throws \Exception when connection could not be established
-	 */
-	public function get($id) {
-		$this->checkAccess();
-		if (isset($this->usersByDN[$id])) {
-			return $this->usersByDN[$id];
-		} elseif (isset($this->usersByUid[$id])) {
-			return $this->usersByUid[$id];
-		}
+    /**
+     * @brief returns a User object by it's DN or Nextcloud username
+     * @param string $id the DN or username of the user
+     * @return \OCA\User_LDAP\User\User|\OCA\User_LDAP\User\OfflineUser|null
+     * @throws \Exception when connection could not be established
+     */
+    public function get($id) {
+        $this->checkAccess();
+        if (isset($this->usersByDN[$id])) {
+            return $this->usersByDN[$id];
+        } elseif (isset($this->usersByUid[$id])) {
+            return $this->usersByUid[$id];
+        }
 
-		if ($this->access->stringResemblesDN($id)) {
-			$uid = $this->access->dn2username($id);
-			if ($uid !== false) {
-				return $this->createAndCache($id, $uid);
-			}
-		}
+        if ($this->access->stringResemblesDN($id)) {
+            $uid = $this->access->dn2username($id);
+            if ($uid !== false) {
+                return $this->createAndCache($id, $uid);
+            }
+        }
 
-		return $this->createInstancyByUserName($id);
-	}
+        return $this->createInstancyByUserName($id);
+    }
 }

Please login to merge, or discard this patch.

apps/user_ldap/lib/User/DeletedUsersIndex.php 1 patch

Indentation +69 added lines, -69 removed lines patch added patch discarded remove patch

@@ -33,82 +33,82 @@
 block discarded – undo
  * @package OCA\User_LDAP
  */
 class DeletedUsersIndex {
-	/**
-	 * @var \OCP\IConfig $config
-	 */
-	protected $config;
+    /**
+     * @var \OCP\IConfig $config
+     */
+    protected $config;
 
-	/**
-	 * @var \OCA\User_LDAP\Mapping\UserMapping $mapping
-	 */
-	protected $mapping;
+    /**
+     * @var \OCA\User_LDAP\Mapping\UserMapping $mapping
+     */
+    protected $mapping;
 
-	/**
-	 * @var array $deletedUsers
-	 */
-	protected $deletedUsers;
-	/** @var IManager */
-	private $shareManager;
+    /**
+     * @var array $deletedUsers
+     */
+    protected $deletedUsers;
+    /** @var IManager */
+    private $shareManager;
 
-	public function __construct(\OCP\IConfig $config, UserMapping $mapping, IManager $shareManager) {
-		$this->config = $config;
-		$this->mapping = $mapping;
-		$this->shareManager = $shareManager;
-	}
+    public function __construct(\OCP\IConfig $config, UserMapping $mapping, IManager $shareManager) {
+        $this->config = $config;
+        $this->mapping = $mapping;
+        $this->shareManager = $shareManager;
+    }
 
-	/**
-	 * reads LDAP users marked as deleted from the database
-	 * @return \OCA\User_LDAP\User\OfflineUser[]
-	 */
-	private function fetchDeletedUsers() {
-		$deletedUsers = $this->config->getUsersForUserValue(
-			'user_ldap', 'isDeleted', '1');
+    /**
+     * reads LDAP users marked as deleted from the database
+     * @return \OCA\User_LDAP\User\OfflineUser[]
+     */
+    private function fetchDeletedUsers() {
+        $deletedUsers = $this->config->getUsersForUserValue(
+            'user_ldap', 'isDeleted', '1');
 
-		$userObjects = [];
-		foreach ($deletedUsers as $user) {
-			$userObjects[] = new OfflineUser($user, $this->config, $this->mapping, $this->shareManager);
-		}
-		$this->deletedUsers = $userObjects;
+        $userObjects = [];
+        foreach ($deletedUsers as $user) {
+            $userObjects[] = new OfflineUser($user, $this->config, $this->mapping, $this->shareManager);
+        }
+        $this->deletedUsers = $userObjects;
 
-		return $this->deletedUsers;
-	}
+        return $this->deletedUsers;
+    }
 
-	/**
-	 * returns all LDAP users that are marked as deleted
-	 * @return \OCA\User_LDAP\User\OfflineUser[]
-	 */
-	public function getUsers() {
-		if (is_array($this->deletedUsers)) {
-			return $this->deletedUsers;
-		}
-		return $this->fetchDeletedUsers();
-	}
+    /**
+     * returns all LDAP users that are marked as deleted
+     * @return \OCA\User_LDAP\User\OfflineUser[]
+     */
+    public function getUsers() {
+        if (is_array($this->deletedUsers)) {
+            return $this->deletedUsers;
+        }
+        return $this->fetchDeletedUsers();
+    }
 
-	/**
-	 * whether at least one user was detected as deleted
-	 * @return bool
-	 */
-	public function hasUsers() {
-		if (!is_array($this->deletedUsers)) {
-			$this->fetchDeletedUsers();
-		}
-		return is_array($this->deletedUsers) && (count($this->deletedUsers) > 0);
-	}
+    /**
+     * whether at least one user was detected as deleted
+     * @return bool
+     */
+    public function hasUsers() {
+        if (!is_array($this->deletedUsers)) {
+            $this->fetchDeletedUsers();
+        }
+        return is_array($this->deletedUsers) && (count($this->deletedUsers) > 0);
+    }
 
-	/**
-	 * marks a user as deleted
-	 *
-	 * @param string $ocName
-	 * @throws \OCP\PreConditionNotMetException
-	 */
-	public function markUser($ocName) {
-		$curValue = $this->config->getUserValue($ocName, 'user_ldap', 'isDeleted', '0');
-		if ($curValue === '1') {
-			// the user is already marked, do not write to DB again
-			return;
-		}
-		$this->config->setUserValue($ocName, 'user_ldap', 'isDeleted', '1');
-		$this->config->setUserValue($ocName, 'user_ldap', 'foundDeleted', (string)time());
-		$this->deletedUsers = null;
-	}
+    /**
+     * marks a user as deleted
+     *
+     * @param string $ocName
+     * @throws \OCP\PreConditionNotMetException
+     */
+    public function markUser($ocName) {
+        $curValue = $this->config->getUserValue($ocName, 'user_ldap', 'isDeleted', '0');
+        if ($curValue === '1') {
+            // the user is already marked, do not write to DB again
+            return;
+        }
+        $this->config->setUserValue($ocName, 'user_ldap', 'isDeleted', '1');
+        $this->config->setUserValue($ocName, 'user_ldap', 'foundDeleted', (string)time());
+        $this->deletedUsers = null;
+    }
 }

Please login to merge, or discard this patch.

apps/user_ldap/lib/User/OfflineUser.php 2 patches

Indentation +217 added lines, -217 removed lines patch added patch discarded remove patch

@@ -32,240 +32,240 @@
 block discarded – undo
 use OCP\Share\IShare;
 
 class OfflineUser {
-	/**
-	 * @var string $ocName
-	 */
-	protected $ocName;
-	/**
-	 * @var string $dn
-	 */
-	protected $dn;
-	/**
-	 * @var string $uid the UID as provided by LDAP
-	 */
-	protected $uid;
-	/**
-	 * @var string $displayName
-	 */
-	protected $displayName;
-	/**
-	 * @var string $homePath
-	 */
-	protected $homePath;
-	/**
-	 * @var string $lastLogin the timestamp of the last login
-	 */
-	protected $lastLogin;
-	/**
-	 * @var string $foundDeleted the timestamp when the user was detected as unavailable
-	 */
-	protected $foundDeleted;
-	/**
-	 * @var string $email
-	 */
-	protected $email;
-	/**
-	 * @var bool $hasActiveShares
-	 */
-	protected $hasActiveShares;
-	/**
-	 * @var IConfig $config
-	 */
-	protected $config;
-	/**
-	 * @var IDBConnection $db
-	 */
-	protected $db;
-	/**
-	 * @var \OCA\User_LDAP\Mapping\UserMapping
-	 */
-	protected $mapping;
-	/** @var IManager */
-	private $shareManager;
+    /**
+     * @var string $ocName
+     */
+    protected $ocName;
+    /**
+     * @var string $dn
+     */
+    protected $dn;
+    /**
+     * @var string $uid the UID as provided by LDAP
+     */
+    protected $uid;
+    /**
+     * @var string $displayName
+     */
+    protected $displayName;
+    /**
+     * @var string $homePath
+     */
+    protected $homePath;
+    /**
+     * @var string $lastLogin the timestamp of the last login
+     */
+    protected $lastLogin;
+    /**
+     * @var string $foundDeleted the timestamp when the user was detected as unavailable
+     */
+    protected $foundDeleted;
+    /**
+     * @var string $email
+     */
+    protected $email;
+    /**
+     * @var bool $hasActiveShares
+     */
+    protected $hasActiveShares;
+    /**
+     * @var IConfig $config
+     */
+    protected $config;
+    /**
+     * @var IDBConnection $db
+     */
+    protected $db;
+    /**
+     * @var \OCA\User_LDAP\Mapping\UserMapping
+     */
+    protected $mapping;
+    /** @var IManager */
+    private $shareManager;
 
-	public function __construct(
-		$ocName,
-		IConfig $config,
-		UserMapping $mapping,
-		IManager $shareManager
-	) {
-		$this->ocName = $ocName;
-		$this->config = $config;
-		$this->mapping = $mapping;
-		$this->shareManager = $shareManager;
-	}
+    public function __construct(
+        $ocName,
+        IConfig $config,
+        UserMapping $mapping,
+        IManager $shareManager
+    ) {
+        $this->ocName = $ocName;
+        $this->config = $config;
+        $this->mapping = $mapping;
+        $this->shareManager = $shareManager;
+    }
 
-	/**
-	 * remove the Delete-flag from the user.
-	 */
-	public function unmark() {
-		$this->config->deleteUserValue($this->ocName, 'user_ldap', 'isDeleted');
-		$this->config->deleteUserValue($this->ocName, 'user_ldap', 'foundDeleted');
-	}
+    /**
+     * remove the Delete-flag from the user.
+     */
+    public function unmark() {
+        $this->config->deleteUserValue($this->ocName, 'user_ldap', 'isDeleted');
+        $this->config->deleteUserValue($this->ocName, 'user_ldap', 'foundDeleted');
+    }
 
-	/**
-	 * exports the user details in an assoc array
-	 * @return array
-	 */
-	public function export() {
-		$data = [];
-		$data['ocName'] = $this->getOCName();
-		$data['dn'] = $this->getDN();
-		$data['uid'] = $this->getUID();
-		$data['displayName'] = $this->getDisplayName();
-		$data['homePath'] = $this->getHomePath();
-		$data['lastLogin'] = $this->getLastLogin();
-		$data['email'] = $this->getEmail();
-		$data['hasActiveShares'] = $this->getHasActiveShares();
+    /**
+     * exports the user details in an assoc array
+     * @return array
+     */
+    public function export() {
+        $data = [];
+        $data['ocName'] = $this->getOCName();
+        $data['dn'] = $this->getDN();
+        $data['uid'] = $this->getUID();
+        $data['displayName'] = $this->getDisplayName();
+        $data['homePath'] = $this->getHomePath();
+        $data['lastLogin'] = $this->getLastLogin();
+        $data['email'] = $this->getEmail();
+        $data['hasActiveShares'] = $this->getHasActiveShares();
 
-		return $data;
-	}
+        return $data;
+    }
 
-	/**
-	 * getter for Nextcloud internal name
-	 * @return string
-	 */
-	public function getOCName() {
-		return $this->ocName;
-	}
+    /**
+     * getter for Nextcloud internal name
+     * @return string
+     */
+    public function getOCName() {
+        return $this->ocName;
+    }
 
-	/**
-	 * getter for LDAP uid
-	 * @return string
-	 */
-	public function getUID() {
-		if (!isset($this->uid)) {
-			$this->fetchDetails();
-		}
-		return $this->uid;
-	}
+    /**
+     * getter for LDAP uid
+     * @return string
+     */
+    public function getUID() {
+        if (!isset($this->uid)) {
+            $this->fetchDetails();
+        }
+        return $this->uid;
+    }
 
-	/**
-	 * getter for LDAP DN
-	 * @return string
-	 */
-	public function getDN() {
-		if (!isset($this->dn)) {
-			$this->fetchDetails();
-		}
-		return $this->dn;
-	}
+    /**
+     * getter for LDAP DN
+     * @return string
+     */
+    public function getDN() {
+        if (!isset($this->dn)) {
+            $this->fetchDetails();
+        }
+        return $this->dn;
+    }
 
-	/**
-	 * getter for display name
-	 * @return string
-	 */
-	public function getDisplayName() {
-		if (!isset($this->displayName)) {
-			$this->fetchDetails();
-		}
-		return $this->displayName;
-	}
+    /**
+     * getter for display name
+     * @return string
+     */
+    public function getDisplayName() {
+        if (!isset($this->displayName)) {
+            $this->fetchDetails();
+        }
+        return $this->displayName;
+    }
 
-	/**
-	 * getter for email
-	 * @return string
-	 */
-	public function getEmail() {
-		if (!isset($this->email)) {
-			$this->fetchDetails();
-		}
-		return $this->email;
-	}
+    /**
+     * getter for email
+     * @return string
+     */
+    public function getEmail() {
+        if (!isset($this->email)) {
+            $this->fetchDetails();
+        }
+        return $this->email;
+    }
 
-	/**
-	 * getter for home directory path
-	 * @return string
-	 */
-	public function getHomePath() {
-		if (!isset($this->homePath)) {
-			$this->fetchDetails();
-		}
-		return $this->homePath;
-	}
+    /**
+     * getter for home directory path
+     * @return string
+     */
+    public function getHomePath() {
+        if (!isset($this->homePath)) {
+            $this->fetchDetails();
+        }
+        return $this->homePath;
+    }
 
-	/**
-	 * getter for the last login timestamp
-	 * @return int
-	 */
-	public function getLastLogin() {
-		if (!isset($this->lastLogin)) {
-			$this->fetchDetails();
-		}
-		return (int)$this->lastLogin;
-	}
+    /**
+     * getter for the last login timestamp
+     * @return int
+     */
+    public function getLastLogin() {
+        if (!isset($this->lastLogin)) {
+            $this->fetchDetails();
+        }
+        return (int)$this->lastLogin;
+    }
 
-	/**
-	 * getter for the detection timestamp
-	 * @return int
-	 */
-	public function getDetectedOn() {
-		if (!isset($this->foundDeleted)) {
-			$this->fetchDetails();
-		}
-		return (int)$this->foundDeleted;
-	}
+    /**
+     * getter for the detection timestamp
+     * @return int
+     */
+    public function getDetectedOn() {
+        if (!isset($this->foundDeleted)) {
+            $this->fetchDetails();
+        }
+        return (int)$this->foundDeleted;
+    }
 
-	/**
-	 * getter for having active shares
-	 * @return bool
-	 */
-	public function getHasActiveShares() {
-		if (!isset($this->hasActiveShares)) {
-			$this->fetchDetails();
-		}
-		return $this->hasActiveShares;
-	}
+    /**
+     * getter for having active shares
+     * @return bool
+     */
+    public function getHasActiveShares() {
+        if (!isset($this->hasActiveShares)) {
+            $this->fetchDetails();
+        }
+        return $this->hasActiveShares;
+    }
 
-	/**
-	 * reads the user details
-	 */
-	protected function fetchDetails() {
-		$properties = [
-			'displayName' => 'user_ldap',
-			'uid' => 'user_ldap',
-			'homePath' => 'user_ldap',
-			'foundDeleted' => 'user_ldap',
-			'email' => 'settings',
-			'lastLogin' => 'login',
-		];
-		foreach ($properties as $property => $app) {
-			$this->$property = $this->config->getUserValue($this->ocName, $app, $property, '');
-		}
+    /**
+     * reads the user details
+     */
+    protected function fetchDetails() {
+        $properties = [
+            'displayName' => 'user_ldap',
+            'uid' => 'user_ldap',
+            'homePath' => 'user_ldap',
+            'foundDeleted' => 'user_ldap',
+            'email' => 'settings',
+            'lastLogin' => 'login',
+        ];
+        foreach ($properties as $property => $app) {
+            $this->$property = $this->config->getUserValue($this->ocName, $app, $property, '');
+        }
 
-		$dn = $this->mapping->getDNByName($this->ocName);
-		$this->dn = ($dn !== false) ? $dn : '';
+        $dn = $this->mapping->getDNByName($this->ocName);
+        $this->dn = ($dn !== false) ? $dn : '';
 
-		$this->determineShares();
-	}
+        $this->determineShares();
+    }
 
-	/**
-	 * finds out whether the user has active shares. The result is stored in
-	 * $this->hasActiveShares
-	 */
-	protected function determineShares() {
-		$shareInterface = new \ReflectionClass(IShare::class);
-		$shareConstants = $shareInterface->getConstants();
+    /**
+     * finds out whether the user has active shares. The result is stored in
+     * $this->hasActiveShares
+     */
+    protected function determineShares() {
+        $shareInterface = new \ReflectionClass(IShare::class);
+        $shareConstants = $shareInterface->getConstants();
 
-		foreach ($shareConstants as $constantName => $constantValue) {
-			if (strpos($constantName, 'TYPE_') !== 0
-				|| $constantValue === IShare::TYPE_USERGROUP
-			) {
-				continue;
-			}
-			$shares = $this->shareManager->getSharesBy(
-				$this->ocName,
-				$constantValue,
-				null,
-				false,
-				1
-			);
-			if (!empty($shares)) {
-				$this->hasActiveShares = true;
-				return;
-			}
-		}
+        foreach ($shareConstants as $constantName => $constantValue) {
+            if (strpos($constantName, 'TYPE_') !== 0
+                || $constantValue === IShare::TYPE_USERGROUP
+            ) {
+                continue;
+            }
+            $shares = $this->shareManager->getSharesBy(
+                $this->ocName,
+                $constantValue,
+                null,
+                false,
+                1
+            );
+            if (!empty($shares)) {
+                $this->hasActiveShares = true;
+                return;
+            }
+        }
 
-		$this->hasActiveShares = false;
-	}
+        $this->hasActiveShares = false;
+    }
 }

Please login to merge, or discard this patch.

Spacing +2 added lines, -2 removed lines patch added patch discarded remove patch

@@ -192,7 +192,7 @@  discard block
 block discarded – undo
 		if (!isset($this->lastLogin)) {
 			$this->fetchDetails();
 		}
-		return (int)$this->lastLogin;
+		return (int) $this->lastLogin;
 	}
 
 	/**
@@ -203,7 +203,7 @@  discard block
 block discarded – undo
 		if (!isset($this->foundDeleted)) {
 			$this->fetchDetails();
 		}
-		return (int)$this->foundDeleted;
+		return (int) $this->foundDeleted;
 	}
 
 	/**

Please login to merge, or discard this patch.

apps/user_ldap/ajax/wizard.php 1 patch

Indentation +85 added lines, -85 removed lines patch added patch discarded remove patch

@@ -37,13 +37,13 @@  discard block
 block discarded – undo
 $l = \OC::$server->getL10N('user_ldap');
 
 if (!isset($_POST['action'])) {
-	\OC_JSON::error(['message' => $l->t('No action specified')]);
+    \OC_JSON::error(['message' => $l->t('No action specified')]);
 }
 $action = (string)$_POST['action'];
 
 
 if (!isset($_POST['ldap_serverconfig_chooser'])) {
-	\OC_JSON::error(['message' => $l->t('No configuration specified')]);
+    \OC_JSON::error(['message' => $l->t('No configuration specified')]);
 }
 $prefix = (string)$_POST['ldap_serverconfig_chooser'];
 
@@ -56,97 +56,97 @@  discard block
 block discarded – undo
 $con->setIgnoreValidation(true);
 
 $userManager = new \OCA\User_LDAP\User\Manager(
-	\OC::$server->getConfig(),
-	new \OCA\User_LDAP\FilesystemHelper(),
-	new \OCA\User_LDAP\LogWrapper(),
-	\OC::$server->getAvatarManager(),
-	new \OCP\Image(),
-	\OC::$server->getUserManager(),
-	\OC::$server->getNotificationManager(),
-	\OC::$server->get(\OCP\Share\IManager::class)
+    \OC::$server->getConfig(),
+    new \OCA\User_LDAP\FilesystemHelper(),
+    new \OCA\User_LDAP\LogWrapper(),
+    \OC::$server->getAvatarManager(),
+    new \OCP\Image(),
+    \OC::$server->getUserManager(),
+    \OC::$server->getNotificationManager(),
+    \OC::$server->get(\OCP\Share\IManager::class)
 );
 
 $access = new \OCA\User_LDAP\Access(
-	$con,
-	$ldapWrapper,
-	$userManager,
-	new \OCA\User_LDAP\Helper(\OC::$server->getConfig()),
-	\OC::$server->getConfig(),
-	\OC::$server->getUserManager()
+    $con,
+    $ldapWrapper,
+    $userManager,
+    new \OCA\User_LDAP\Helper(\OC::$server->getConfig()),
+    \OC::$server->getConfig(),
+    \OC::$server->getUserManager()
 );
 
 $wizard = new \OCA\User_LDAP\Wizard($configuration, $ldapWrapper, $access);
 
 switch ($action) {
-	case 'guessPortAndTLS':
-	case 'guessBaseDN':
-	case 'detectEmailAttribute':
-	case 'detectUserDisplayNameAttribute':
-	case 'determineGroupMemberAssoc':
-	case 'determineUserObjectClasses':
-	case 'determineGroupObjectClasses':
-	case 'determineGroupsForUsers':
-	case 'determineGroupsForGroups':
-	case 'determineAttributes':
-	case 'getUserListFilter':
-	case 'getUserLoginFilter':
-	case 'getGroupFilter':
-	case 'countUsers':
-	case 'countGroups':
-	case 'countInBaseDN':
-		try {
-			$result = $wizard->$action();
-			if ($result !== false) {
-				\OC_JSON::success($result->getResultArray());
-				exit;
-			}
-		} catch (\Exception $e) {
-			\OC_JSON::error(['message' => $e->getMessage(), 'code' => $e->getCode()]);
-			exit;
-		}
-		\OC_JSON::error();
-		exit;
-		break;
+    case 'guessPortAndTLS':
+    case 'guessBaseDN':
+    case 'detectEmailAttribute':
+    case 'detectUserDisplayNameAttribute':
+    case 'determineGroupMemberAssoc':
+    case 'determineUserObjectClasses':
+    case 'determineGroupObjectClasses':
+    case 'determineGroupsForUsers':
+    case 'determineGroupsForGroups':
+    case 'determineAttributes':
+    case 'getUserListFilter':
+    case 'getUserLoginFilter':
+    case 'getGroupFilter':
+    case 'countUsers':
+    case 'countGroups':
+    case 'countInBaseDN':
+        try {
+            $result = $wizard->$action();
+            if ($result !== false) {
+                \OC_JSON::success($result->getResultArray());
+                exit;
+            }
+        } catch (\Exception $e) {
+            \OC_JSON::error(['message' => $e->getMessage(), 'code' => $e->getCode()]);
+            exit;
+        }
+        \OC_JSON::error();
+        exit;
+        break;
 
-	case 'testLoginName': {
-		try {
-			$loginName = $_POST['ldap_test_loginname'];
-			$result = $wizard->$action($loginName);
-			if ($result !== false) {
-				\OC_JSON::success($result->getResultArray());
-				exit;
-			}
-		} catch (\Exception $e) {
-			\OC_JSON::error(['message' => $e->getMessage()]);
-			exit;
-		}
-		\OC_JSON::error();
-		exit;
-		break;
-	}
+    case 'testLoginName': {
+        try {
+            $loginName = $_POST['ldap_test_loginname'];
+            $result = $wizard->$action($loginName);
+            if ($result !== false) {
+                \OC_JSON::success($result->getResultArray());
+                exit;
+            }
+        } catch (\Exception $e) {
+            \OC_JSON::error(['message' => $e->getMessage()]);
+            exit;
+        }
+        \OC_JSON::error();
+        exit;
+        break;
+    }
 
-	case 'save':
-		$key = isset($_POST['cfgkey']) ? $_POST['cfgkey'] : false;
-		$val = isset($_POST['cfgval']) ? $_POST['cfgval'] : null;
-		if ($key === false || is_null($val)) {
-			\OC_JSON::error(['message' => $l->t('No data specified')]);
-			exit;
-		}
-		$cfg = [$key => $val];
-		$setParameters = [];
-		$configuration->setConfiguration($cfg, $setParameters);
-		if (!in_array($key, $setParameters)) {
-			\OC_JSON::error(['message' => $l->t($key.
-				' Could not set configuration %s', $setParameters[0])]);
-			exit;
-		}
-		$configuration->saveConfiguration();
-		//clear the cache on save
-		$connection = new \OCA\User_LDAP\Connection($ldapWrapper, $prefix);
-		$connection->clearCache();
-		\OC_JSON::success();
-		break;
-	default:
-		\OC_JSON::error(['message' => $l->t('Action does not exist')]);
-		break;
+    case 'save':
+        $key = isset($_POST['cfgkey']) ? $_POST['cfgkey'] : false;
+        $val = isset($_POST['cfgval']) ? $_POST['cfgval'] : null;
+        if ($key === false || is_null($val)) {
+            \OC_JSON::error(['message' => $l->t('No data specified')]);
+            exit;
+        }
+        $cfg = [$key => $val];
+        $setParameters = [];
+        $configuration->setConfiguration($cfg, $setParameters);
+        if (!in_array($key, $setParameters)) {
+            \OC_JSON::error(['message' => $l->t($key.
+                ' Could not set configuration %s', $setParameters[0])]);
+            exit;
+        }
+        $configuration->saveConfiguration();
+        //clear the cache on save
+        $connection = new \OCA\User_LDAP\Connection($ldapWrapper, $prefix);
+        $connection->clearCache();
+        \OC_JSON::success();
+        break;
+    default:
+        \OC_JSON::error(['message' => $l->t('Action does not exist')]);
+        break;
 }

Please login to merge, or discard this patch.

		@@ -43,187 +43,187 @@
		block discarded – undo
43	43	* @package OCA\User_LDAP\Jobs;
44	44	*/
45	45	class CleanUp extends TimedJob {
46		- /** @var int $limit amount of users that should be checked per run */
47		- protected $limit;
48		-
49		- /** @var int $defaultIntervalMin default interval in minutes */
50		- protected $defaultIntervalMin = 51;
51		-
52		- /** @var User_LDAP\|User_Proxy $userBackend */
53		- protected $userBackend;
54		-
55		- /** @var \OCP\IConfig $ocConfig */
56		- protected $ocConfig;
57		-
58		- /** @var \OCP\IDBConnection $db */
59		- protected $db;
60		-
61		- /** @var Helper $ldapHelper */
62		- protected $ldapHelper;
63		-
64		- /** @var UserMapping */
65		- protected $mapping;
66		-
67		- /** @var DeletedUsersIndex */
68		- protected $dui;
69		-
70		- public function __construct(User_Proxy $userBackend, DeletedUsersIndex $dui) {
71		- $minutes = \OC::$server->getConfig()->getSystemValue(
72		- 'ldapUserCleanupInterval', (string)$this->defaultIntervalMin);
73		- $this->setInterval((int)$minutes * 60);
74		- $this->userBackend = $userBackend;
75		- $this->dui = $dui;
76		- }
77		-
78		- /**
79		- * assigns the instances passed to run() to the class properties
80		- * @param array $arguments
81		- */
82		- public function setArguments($arguments) {
83		- //Dependency Injection is not possible, because the constructor will
84		- //only get values that are serialized to JSON. I.e. whatever we would
85		- //pass in app.php we do add here, except something else is passed e.g.
86		- //in tests.
87		-
88		- if (isset($arguments['helper'])) {
89		- $this->ldapHelper = $arguments['helper'];
90		- } else {
91		- $this->ldapHelper = new Helper(\OC::$server->getConfig());
92		- }
93		-
94		- if (isset($arguments['ocConfig'])) {
95		- $this->ocConfig = $arguments['ocConfig'];
96		- } else {
97		- $this->ocConfig = \OC::$server->getConfig();
98		- }
99		-
100		- if (isset($arguments['userBackend'])) {
101		- $this->userBackend = $arguments['userBackend'];
102		- }
103		-
104		- if (isset($arguments['db'])) {
105		- $this->db = $arguments['db'];
106		- } else {
107		- $this->db = \OC::$server->getDatabaseConnection();
108		- }
109		-
110		- if (isset($arguments['mapping'])) {
111		- $this->mapping = $arguments['mapping'];
112		- } else {
113		- $this->mapping = new UserMapping($this->db);
114		- }
115		-
116		- if (isset($arguments['deletedUsersIndex'])) {
117		- $this->dui = $arguments['deletedUsersIndex'];
118		- }
119		- }
120		-
121		- /**
122		- * makes the background job do its work
123		- * @param array $argument
124		- */
125		- public function run($argument) {
126		- $this->setArguments($argument);
127		-
128		- if (!$this->isCleanUpAllowed()) {
129		- return;
130		- }
131		- $users = $this->mapping->getList($this->getOffset(), $this->getChunkSize());
132		- if (!is_array($users)) {
133		- //something wrong? Let's start from the beginning next time and
134		- //abort
135		- $this->setOffset(true);
136		- return;
137		- }
138		- $resetOffset = $this->isOffsetResetNecessary(count($users));
139		- $this->checkUsers($users);
140		- $this->setOffset($resetOffset);
141		- }
142		-
143		- /**
144		- * checks whether next run should start at 0 again
145		- * @param int $resultCount
146		- * @return bool
147		- */
148		- public function isOffsetResetNecessary($resultCount) {
149		- return $resultCount < $this->getChunkSize();
150		- }
151		-
152		- /**
153		- * checks whether cleaning up LDAP users is allowed
154		- * @return bool
155		- */
156		- public function isCleanUpAllowed() {
157		- try {
158		- if ($this->ldapHelper->haveDisabledConfigurations()) {
159		- return false;
160		- }
161		- } catch (\Exception $e) {
162		- return false;
163		- }
164		-
165		- return $this->isCleanUpEnabled();
166		- }
167		-
168		- /**
169		- * checks whether clean up is enabled by configuration
170		- * @return bool
171		- */
172		- private function isCleanUpEnabled() {
173		- return (bool)$this->ocConfig->getSystemValue(
174		- 'ldapUserCleanupInterval', (string)$this->defaultIntervalMin);
175		- }
176		-
177		- /**
178		- * checks users whether they are still existing
179		- * @param array $users result from getMappedUsers()
180		- */
181		- private function checkUsers(array $users) {
182		- foreach ($users as $user) {
183		- $this->checkUser($user);
184		- }
185		- }
186		-
187		- /**
188		- * checks whether a user is still existing in LDAP
189		- * @param string[] $user
190		- */
191		- private function checkUser(array $user) {
192		- if ($this->userBackend->userExistsOnLDAP($user['name'])) {
193		- //still available, all good
194		-
195		- return;
196		- }
197		-
198		- $this->dui->markUser($user['name']);
199		- }
200		-
201		- /**
202		- * gets the offset to fetch users from the mappings table
203		- * @return int
204		- */
205		- private function getOffset() {
206		- return (int)$this->ocConfig->getAppValue('user_ldap', 'cleanUpJobOffset', 0);
207		- }
208		-
209		- /**
210		- * sets the new offset for the next run
211		- * @param bool $reset whether the offset should be set to 0
212		- */
213		- public function setOffset($reset = false) {
214		- $newOffset = $reset ? 0 :
215		- $this->getOffset() + $this->getChunkSize();
216		- $this->ocConfig->setAppValue('user_ldap', 'cleanUpJobOffset', $newOffset);
217		- }
218		-
219		- /**
220		- * returns the chunk size (limit in DB speak)
221		- * @return int
222		- */
223		- public function getChunkSize() {
224		- if ($this->limit === null) {
225		- $this->limit = (int)$this->ocConfig->getAppValue('user_ldap', 'cleanUpJobChunkSize', 50);
226		- }
227		- return $this->limit;
228		- }
	46	+ /** @var int $limit amount of users that should be checked per run */
	47	+ protected $limit;
	48	+
	49	+ /** @var int $defaultIntervalMin default interval in minutes */
	50	+ protected $defaultIntervalMin = 51;
	51	+
	52	+ /** @var User_LDAP\|User_Proxy $userBackend */
	53	+ protected $userBackend;
	54	+
	55	+ /** @var \OCP\IConfig $ocConfig */
	56	+ protected $ocConfig;
	57	+
	58	+ /** @var \OCP\IDBConnection $db */
	59	+ protected $db;
	60	+
	61	+ /** @var Helper $ldapHelper */
	62	+ protected $ldapHelper;
	63	+
	64	+ /** @var UserMapping */
	65	+ protected $mapping;
	66	+
	67	+ /** @var DeletedUsersIndex */
	68	+ protected $dui;
	69	+
	70	+ public function __construct(User_Proxy $userBackend, DeletedUsersIndex $dui) {
	71	+ $minutes = \OC::$server->getConfig()->getSystemValue(
	72	+ 'ldapUserCleanupInterval', (string)$this->defaultIntervalMin);
	73	+ $this->setInterval((int)$minutes * 60);
	74	+ $this->userBackend = $userBackend;
	75	+ $this->dui = $dui;
	76	+ }
	77	+
	78	+ /**
	79	+ * assigns the instances passed to run() to the class properties
	80	+ * @param array $arguments
	81	+ */
	82	+ public function setArguments($arguments) {
	83	+ //Dependency Injection is not possible, because the constructor will
	84	+ //only get values that are serialized to JSON. I.e. whatever we would
	85	+ //pass in app.php we do add here, except something else is passed e.g.
	86	+ //in tests.
	87	+
	88	+ if (isset($arguments['helper'])) {
	89	+ $this->ldapHelper = $arguments['helper'];
	90	+ } else {
	91	+ $this->ldapHelper = new Helper(\OC::$server->getConfig());
	92	+ }
	93	+
	94	+ if (isset($arguments['ocConfig'])) {
	95	+ $this->ocConfig = $arguments['ocConfig'];
	96	+ } else {
	97	+ $this->ocConfig = \OC::$server->getConfig();
	98	+ }
	99	+
	100	+ if (isset($arguments['userBackend'])) {
	101	+ $this->userBackend = $arguments['userBackend'];
	102	+ }
	103	+
	104	+ if (isset($arguments['db'])) {
	105	+ $this->db = $arguments['db'];
	106	+ } else {
	107	+ $this->db = \OC::$server->getDatabaseConnection();
	108	+ }
	109	+
	110	+ if (isset($arguments['mapping'])) {
	111	+ $this->mapping = $arguments['mapping'];
	112	+ } else {
	113	+ $this->mapping = new UserMapping($this->db);
	114	+ }
	115	+
	116	+ if (isset($arguments['deletedUsersIndex'])) {
	117	+ $this->dui = $arguments['deletedUsersIndex'];
	118	+ }
	119	+ }
	120	+
	121	+ /**
	122	+ * makes the background job do its work
	123	+ * @param array $argument
	124	+ */
	125	+ public function run($argument) {
	126	+ $this->setArguments($argument);
	127	+
	128	+ if (!$this->isCleanUpAllowed()) {
	129	+ return;
	130	+ }
	131	+ $users = $this->mapping->getList($this->getOffset(), $this->getChunkSize());
	132	+ if (!is_array($users)) {
	133	+ //something wrong? Let's start from the beginning next time and
	134	+ //abort
	135	+ $this->setOffset(true);
	136	+ return;
	137	+ }
	138	+ $resetOffset = $this->isOffsetResetNecessary(count($users));
	139	+ $this->checkUsers($users);
	140	+ $this->setOffset($resetOffset);
	141	+ }
	142	+
	143	+ /**
	144	+ * checks whether next run should start at 0 again
	145	+ * @param int $resultCount
	146	+ * @return bool
	147	+ */
	148	+ public function isOffsetResetNecessary($resultCount) {
	149	+ return $resultCount < $this->getChunkSize();
	150	+ }
	151	+
	152	+ /**
	153	+ * checks whether cleaning up LDAP users is allowed
	154	+ * @return bool
	155	+ */
	156	+ public function isCleanUpAllowed() {
	157	+ try {
	158	+ if ($this->ldapHelper->haveDisabledConfigurations()) {
	159	+ return false;
	160	+ }
	161	+ } catch (\Exception $e) {
	162	+ return false;
	163	+ }
	164	+
	165	+ return $this->isCleanUpEnabled();
	166	+ }
	167	+
	168	+ /**
	169	+ * checks whether clean up is enabled by configuration
	170	+ * @return bool
	171	+ */
	172	+ private function isCleanUpEnabled() {
	173	+ return (bool)$this->ocConfig->getSystemValue(
	174	+ 'ldapUserCleanupInterval', (string)$this->defaultIntervalMin);
	175	+ }
	176	+
	177	+ /**
	178	+ * checks users whether they are still existing
	179	+ * @param array $users result from getMappedUsers()
	180	+ */
	181	+ private function checkUsers(array $users) {
	182	+ foreach ($users as $user) {
	183	+ $this->checkUser($user);
	184	+ }
	185	+ }
	186	+
	187	+ /**
	188	+ * checks whether a user is still existing in LDAP
	189	+ * @param string[] $user
	190	+ */
	191	+ private function checkUser(array $user) {
	192	+ if ($this->userBackend->userExistsOnLDAP($user['name'])) {
	193	+ //still available, all good
	194	+
	195	+ return;
	196	+ }
	197	+
	198	+ $this->dui->markUser($user['name']);
	199	+ }
	200	+
	201	+ /**
	202	+ * gets the offset to fetch users from the mappings table
	203	+ * @return int
	204	+ */
	205	+ private function getOffset() {
	206	+ return (int)$this->ocConfig->getAppValue('user_ldap', 'cleanUpJobOffset', 0);
	207	+ }
	208	+
	209	+ /**
	210	+ * sets the new offset for the next run
	211	+ * @param bool $reset whether the offset should be set to 0
	212	+ */
	213	+ public function setOffset($reset = false) {
	214	+ $newOffset = $reset ? 0 :
	215	+ $this->getOffset() + $this->getChunkSize();
	216	+ $this->ocConfig->setAppValue('user_ldap', 'cleanUpJobOffset', $newOffset);
	217	+ }
	218	+
	219	+ /**
	220	+ * returns the chunk size (limit in DB speak)
	221	+ * @return int
	222	+ */
	223	+ public function getChunkSize() {
	224	+ if ($this->limit === null) {
	225	+ $this->limit = (int)$this->ocConfig->getAppValue('user_ldap', 'cleanUpJobChunkSize', 50);
	226	+ }
	227	+ return $this->limit;
	228	+ }
229	229	}

		@@ -69,8 +69,8 @@ discard block
		block discarded – undo
69	69
70	70	public function __construct(User_Proxy $userBackend, DeletedUsersIndex $dui) {
71	71	$minutes = \OC::$server->getConfig()->getSystemValue(
72		- 'ldapUserCleanupInterval', (string)$this->defaultIntervalMin);
73		- $this->setInterval((int)$minutes * 60);
	72	+ 'ldapUserCleanupInterval', (string) $this->defaultIntervalMin);
	73	+ $this->setInterval((int) $minutes * 60);
74	74	$this->userBackend = $userBackend;
75	75	$this->dui = $dui;
76	76	}
		@@ -170,8 +170,8 @@ discard block
		block discarded – undo
170	170	* @return bool
171	171	*/
172	172	private function isCleanUpEnabled() {
173		- return (bool)$this->ocConfig->getSystemValue(
174		- 'ldapUserCleanupInterval', (string)$this->defaultIntervalMin);
	173	+ return (bool) $this->ocConfig->getSystemValue(
	174	+ 'ldapUserCleanupInterval', (string) $this->defaultIntervalMin);
175	175	}
176	176
177	177	/**
		@@ -203,7 +203,7 @@ discard block
		block discarded – undo
203	203	* @return int
204	204	*/
205	205	private function getOffset() {
206		- return (int)$this->ocConfig->getAppValue('user_ldap', 'cleanUpJobOffset', 0);
	206	+ return (int) $this->ocConfig->getAppValue('user_ldap', 'cleanUpJobOffset', 0);
207	207	}
208	208
209	209	/**
		@@ -211,8 +211,7 @@ discard block
		block discarded – undo
211	211	* @param bool $reset whether the offset should be set to 0
212	212	*/
213	213	public function setOffset($reset = false) {
214		- $newOffset = $reset ? 0 :
215		- $this->getOffset() + $this->getChunkSize();
	214	+ $newOffset = $reset ? 0 : $this->getOffset() + $this->getChunkSize();
216	215	$this->ocConfig->setAppValue('user_ldap', 'cleanUpJobOffset', $newOffset);
217	216	}
218	217
		@@ -222,7 +221,7 @@ discard block
		block discarded – undo
222	221	*/
223	222	public function getChunkSize() {
224	223	if ($this->limit === null) {
225		- $this->limit = (int)$this->ocConfig->getAppValue('user_ldap', 'cleanUpJobChunkSize', 50);
	224	+ $this->limit = (int) $this->ocConfig->getAppValue('user_ldap', 'cleanUpJobChunkSize', 50);
226	225	}
227	226	return $this->limit;
228	227	}

		@@ -40,333 +40,333 @@
		block discarded – undo
40	40	use OCP\Notification\IManager;
41	41
42	42	class Sync extends TimedJob {
43		- public const MAX_INTERVAL = 12 * 60 * 60; // 12h
44		- public const MIN_INTERVAL = 30 * 60; // 30min
45		- /** @var Helper */
46		- protected $ldapHelper;
47		- /** @var LDAP */
48		- protected $ldap;
49		- /** @var Manager */
50		- protected $userManager;
51		- /** @var UserMapping */
52		- protected $mapper;
53		- /** @var IConfig */
54		- protected $config;
55		- /** @var IAvatarManager */
56		- protected $avatarManager;
57		- /** @var IDBConnection */
58		- protected $dbc;
59		- /** @var IUserManager */
60		- protected $ncUserManager;
61		- /** @var IManager */
62		- protected $notificationManager;
63		- /** @var ConnectionFactory */
64		- protected $connectionFactory;
65		- /** @var AccessFactory */
66		- protected $accessFactory;
67		-
68		- public function __construct(Manager $userManager) {
69		- $this->userManager = $userManager;
70		- $this->setInterval(
71		- \OC::$server->getConfig()->getAppValue(
72		- 'user_ldap',
73		- 'background_sync_interval',
74		- self::MIN_INTERVAL
75		- )
76		- );
77		- }
78		-
79		- /**
80		- * updates the interval
81		- *
82		- * the idea is to adjust the interval depending on the amount of known users
83		- * and the attempt to update each user one day. At most it would run every
84		- * 30 minutes, and at least every 12 hours.
85		- */
86		- public function updateInterval() {
87		- $minPagingSize = $this->getMinPagingSize();
88		- $mappedUsers = $this->mapper->count();
89		-
90		- $runsPerDay = ($minPagingSize === 0 \|\| $mappedUsers === 0) ? self::MAX_INTERVAL
91		- : $mappedUsers / $minPagingSize;
92		- $interval = floor(24 * 60 * 60 / $runsPerDay);
93		- $interval = min(max($interval, self::MIN_INTERVAL), self::MAX_INTERVAL);
94		-
95		- $this->config->setAppValue('user_ldap', 'background_sync_interval', $interval);
96		- }
97		-
98		- /**
99		- * returns the smallest configured paging size
100		- * @return int
101		- */
102		- protected function getMinPagingSize() {
103		- $configKeys = $this->config->getAppKeys('user_ldap');
104		- $configKeys = array_filter($configKeys, function ($key) {
105		- return strpos($key, 'ldap_paging_size') !== false;
106		- });
107		- $minPagingSize = null;
108		- foreach ($configKeys as $configKey) {
109		- $pagingSize = $this->config->getAppValue('user_ldap', $configKey, $minPagingSize);
110		- $minPagingSize = $minPagingSize === null ? $pagingSize : min($minPagingSize, $pagingSize);
111		- }
112		- return (int)$minPagingSize;
113		- }
114		-
115		- /**
116		- * @param array $argument
117		- */
118		- public function run($argument) {
119		- $this->setArgument($argument);
120		-
121		- $isBackgroundJobModeAjax = $this->config
122		- ->getAppValue('core', 'backgroundjobs_mode', 'ajax') === 'ajax';
123		- if ($isBackgroundJobModeAjax) {
124		- return;
125		- }
126		-
127		- $cycleData = $this->getCycle();
128		- if ($cycleData === null) {
129		- $cycleData = $this->determineNextCycle();
130		- if ($cycleData === null) {
131		- $this->updateInterval();
132		- return;
133		- }
134		- }
135		-
136		- if (!$this->qualifiesToRun($cycleData)) {
137		- $this->updateInterval();
138		- return;
139		- }
140		-
141		- try {
142		- $expectMoreResults = $this->runCycle($cycleData);
143		- if ($expectMoreResults) {
144		- $this->increaseOffset($cycleData);
145		- } else {
146		- $this->determineNextCycle($cycleData);
147		- }
148		- $this->updateInterval();
149		- } catch (ServerNotAvailableException $e) {
150		- $this->determineNextCycle($cycleData);
151		- }
152		- }
153		-
154		- /**
155		- * @param array $cycleData
156		- * @return bool whether more results are expected from the same configuration
157		- */
158		- public function runCycle($cycleData) {
159		- $connection = $this->connectionFactory->get($cycleData['prefix']);
160		- $access = $this->accessFactory->get($connection);
161		- $access->setUserMapper($this->mapper);
162		-
163		- $filter = $access->combineFilterWithAnd([
164		- $access->connection->ldapUserFilter,
165		- $access->connection->ldapUserDisplayName . '=*',
166		- $access->getFilterPartForUserSearch('')
167		- ]);
168		- $results = $access->fetchListOfUsers(
169		- $filter,
170		- $access->userManager->getAttributes(),
171		- $connection->ldapPagingSize,
172		- $cycleData['offset'],
173		- true
174		- );
175		-
176		- if ((int)$connection->ldapPagingSize === 0) {
177		- return false;
178		- }
179		- return count($results) >= (int)$connection->ldapPagingSize;
180		- }
181		-
182		- /**
183		- * returns the info about the current cycle that should be run, if any,
184		- * otherwise null
185		- *
186		- * @return array\|null
187		- */
188		- public function getCycle() {
189		- $prefixes = $this->ldapHelper->getServerConfigurationPrefixes(true);
190		- if (count($prefixes) === 0) {
191		- return null;
192		- }
193		-
194		- $cycleData = [
195		- 'prefix' => $this->config->getAppValue('user_ldap', 'background_sync_prefix', null),
196		- 'offset' => (int)$this->config->getAppValue('user_ldap', 'background_sync_offset', 0),
197		- ];
198		-
199		- if (
200		- $cycleData['prefix'] !== null
201		- && in_array($cycleData['prefix'], $prefixes)
202		- ) {
203		- return $cycleData;
204		- }
205		-
206		- return null;
207		- }
208		-
209		- /**
210		- * Save the provided cycle information in the DB
211		- *
212		- * @param array $cycleData
213		- */
214		- public function setCycle(array $cycleData) {
215		- $this->config->setAppValue('user_ldap', 'background_sync_prefix', $cycleData['prefix']);
216		- $this->config->setAppValue('user_ldap', 'background_sync_offset', $cycleData['offset']);
217		- }
218		-
219		- /**
220		- * returns data about the next cycle that should run, if any, otherwise
221		- * null. It also always goes for the next LDAP configuration!
222		- *
223		- * @param array\|null $cycleData the old cycle
224		- * @return array\|null
225		- */
226		- public function determineNextCycle(array $cycleData = null) {
227		- $prefixes = $this->ldapHelper->getServerConfigurationPrefixes(true);
228		- if (count($prefixes) === 0) {
229		- return null;
230		- }
231		-
232		- // get the next prefix in line and remember it
233		- $oldPrefix = $cycleData === null ? null : $cycleData['prefix'];
234		- $prefix = $this->getNextPrefix($oldPrefix);
235		- if ($prefix === null) {
236		- return null;
237		- }
238		- $cycleData['prefix'] = $prefix;
239		- $cycleData['offset'] = 0;
240		- $this->setCycle(['prefix' => $prefix, 'offset' => 0]);
241		-
242		- return $cycleData;
243		- }
244		-
245		- /**
246		- * Checks whether the provided cycle should be run. Currently only the
247		- * last configuration change goes into account (at least one hour).
248		- *
249		- * @param $cycleData
250		- * @return bool
251		- */
252		- public function qualifiesToRun($cycleData) {
253		- $lastChange = $this->config->getAppValue('user_ldap', $cycleData['prefix'] . '_lastChange', 0);
254		- if ((time() - $lastChange) > 60 * 30) {
255		- return true;
256		- }
257		- return false;
258		- }
259		-
260		- /**
261		- * increases the offset of the current cycle for the next run
262		- *
263		- * @param $cycleData
264		- */
265		- protected function increaseOffset($cycleData) {
266		- $ldapConfig = new Configuration($cycleData['prefix']);
267		- $cycleData['offset'] += (int)$ldapConfig->ldapPagingSize;
268		- $this->setCycle($cycleData);
269		- }
270		-
271		- /**
272		- * determines the next configuration prefix based on the last one (if any)
273		- *
274		- * @param string\|null $lastPrefix
275		- * @return string\|null
276		- */
277		- protected function getNextPrefix($lastPrefix) {
278		- $prefixes = $this->ldapHelper->getServerConfigurationPrefixes(true);
279		- $noOfPrefixes = count($prefixes);
280		- if ($noOfPrefixes === 0) {
281		- return null;
282		- }
283		- $i = $lastPrefix === null ? false : array_search($lastPrefix, $prefixes, true);
284		- if ($i === false) {
285		- $i = -1;
286		- } else {
287		- $i++;
288		- }
289		-
290		- if (!isset($prefixes[$i])) {
291		- $i = 0;
292		- }
293		- return $prefixes[$i];
294		- }
295		-
296		- /**
297		- * "fixes" DI
298		- *
299		- * @param array $argument
300		- */
301		- public function setArgument($argument) {
302		- if (isset($argument['config'])) {
303		- $this->config = $argument['config'];
304		- } else {
305		- $this->config = \OC::$server->getConfig();
306		- }
307		-
308		- if (isset($argument['helper'])) {
309		- $this->ldapHelper = $argument['helper'];
310		- } else {
311		- $this->ldapHelper = new Helper($this->config);
312		- }
313		-
314		- if (isset($argument['ldapWrapper'])) {
315		- $this->ldap = $argument['ldapWrapper'];
316		- } else {
317		- $this->ldap = new LDAP();
318		- }
319		-
320		- if (isset($argument['avatarManager'])) {
321		- $this->avatarManager = $argument['avatarManager'];
322		- } else {
323		- $this->avatarManager = \OC::$server->getAvatarManager();
324		- }
325		-
326		- if (isset($argument['dbc'])) {
327		- $this->dbc = $argument['dbc'];
328		- } else {
329		- $this->dbc = \OC::$server->getDatabaseConnection();
330		- }
331		-
332		- if (isset($argument['ncUserManager'])) {
333		- $this->ncUserManager = $argument['ncUserManager'];
334		- } else {
335		- $this->ncUserManager = \OC::$server->getUserManager();
336		- }
337		-
338		- if (isset($argument['notificationManager'])) {
339		- $this->notificationManager = $argument['notificationManager'];
340		- } else {
341		- $this->notificationManager = \OC::$server->getNotificationManager();
342		- }
343		-
344		- if (isset($argument['userManager'])) {
345		- $this->userManager = $argument['userManager'];
346		- }
347		-
348		- if (isset($argument['mapper'])) {
349		- $this->mapper = $argument['mapper'];
350		- } else {
351		- $this->mapper = new UserMapping($this->dbc);
352		- }
353		-
354		- if (isset($argument['connectionFactory'])) {
355		- $this->connectionFactory = $argument['connectionFactory'];
356		- } else {
357		- $this->connectionFactory = new ConnectionFactory($this->ldap);
358		- }
359		-
360		- if (isset($argument['accessFactory'])) {
361		- $this->accessFactory = $argument['accessFactory'];
362		- } else {
363		- $this->accessFactory = new AccessFactory(
364		- $this->ldap,
365		- $this->userManager,
366		- $this->ldapHelper,
367		- $this->config,
368		- $this->ncUserManager
369		- );
370		- }
371		- }
	43	+ public const MAX_INTERVAL = 12 * 60 * 60; // 12h
	44	+ public const MIN_INTERVAL = 30 * 60; // 30min
	45	+ /** @var Helper */
	46	+ protected $ldapHelper;
	47	+ /** @var LDAP */
	48	+ protected $ldap;
	49	+ /** @var Manager */
	50	+ protected $userManager;
	51	+ /** @var UserMapping */
	52	+ protected $mapper;
	53	+ /** @var IConfig */
	54	+ protected $config;
	55	+ /** @var IAvatarManager */
	56	+ protected $avatarManager;
	57	+ /** @var IDBConnection */
	58	+ protected $dbc;
	59	+ /** @var IUserManager */
	60	+ protected $ncUserManager;
	61	+ /** @var IManager */
	62	+ protected $notificationManager;
	63	+ /** @var ConnectionFactory */
	64	+ protected $connectionFactory;
	65	+ /** @var AccessFactory */
	66	+ protected $accessFactory;
	67	+
	68	+ public function __construct(Manager $userManager) {
	69	+ $this->userManager = $userManager;
	70	+ $this->setInterval(
	71	+ \OC::$server->getConfig()->getAppValue(
	72	+ 'user_ldap',
	73	+ 'background_sync_interval',
	74	+ self::MIN_INTERVAL
	75	+ )
	76	+ );
	77	+ }
	78	+
	79	+ /**
	80	+ * updates the interval
	81	+ *
	82	+ * the idea is to adjust the interval depending on the amount of known users
	83	+ * and the attempt to update each user one day. At most it would run every
	84	+ * 30 minutes, and at least every 12 hours.
	85	+ */
	86	+ public function updateInterval() {
	87	+ $minPagingSize = $this->getMinPagingSize();
	88	+ $mappedUsers = $this->mapper->count();
	89	+
	90	+ $runsPerDay = ($minPagingSize === 0 \|\| $mappedUsers === 0) ? self::MAX_INTERVAL
	91	+ : $mappedUsers / $minPagingSize;
	92	+ $interval = floor(24 * 60 * 60 / $runsPerDay);
	93	+ $interval = min(max($interval, self::MIN_INTERVAL), self::MAX_INTERVAL);
	94	+
	95	+ $this->config->setAppValue('user_ldap', 'background_sync_interval', $interval);
	96	+ }
	97	+
	98	+ /**
	99	+ * returns the smallest configured paging size
	100	+ * @return int
	101	+ */
	102	+ protected function getMinPagingSize() {
	103	+ $configKeys = $this->config->getAppKeys('user_ldap');
	104	+ $configKeys = array_filter($configKeys, function ($key) {
	105	+ return strpos($key, 'ldap_paging_size') !== false;
	106	+ });
	107	+ $minPagingSize = null;
	108	+ foreach ($configKeys as $configKey) {
	109	+ $pagingSize = $this->config->getAppValue('user_ldap', $configKey, $minPagingSize);
	110	+ $minPagingSize = $minPagingSize === null ? $pagingSize : min($minPagingSize, $pagingSize);
	111	+ }
	112	+ return (int)$minPagingSize;
	113	+ }
	114	+
	115	+ /**
	116	+ * @param array $argument
	117	+ */
	118	+ public function run($argument) {
	119	+ $this->setArgument($argument);
	120	+
	121	+ $isBackgroundJobModeAjax = $this->config
	122	+ ->getAppValue('core', 'backgroundjobs_mode', 'ajax') === 'ajax';
	123	+ if ($isBackgroundJobModeAjax) {
	124	+ return;
	125	+ }
	126	+
	127	+ $cycleData = $this->getCycle();
	128	+ if ($cycleData === null) {
	129	+ $cycleData = $this->determineNextCycle();
	130	+ if ($cycleData === null) {
	131	+ $this->updateInterval();
	132	+ return;
	133	+ }
	134	+ }
	135	+
	136	+ if (!$this->qualifiesToRun($cycleData)) {
	137	+ $this->updateInterval();
	138	+ return;
	139	+ }
	140	+
	141	+ try {
	142	+ $expectMoreResults = $this->runCycle($cycleData);
	143	+ if ($expectMoreResults) {
	144	+ $this->increaseOffset($cycleData);
	145	+ } else {
	146	+ $this->determineNextCycle($cycleData);
	147	+ }
	148	+ $this->updateInterval();
	149	+ } catch (ServerNotAvailableException $e) {
	150	+ $this->determineNextCycle($cycleData);
	151	+ }
	152	+ }
	153	+
	154	+ /**
	155	+ * @param array $cycleData
	156	+ * @return bool whether more results are expected from the same configuration
	157	+ */
	158	+ public function runCycle($cycleData) {
	159	+ $connection = $this->connectionFactory->get($cycleData['prefix']);
	160	+ $access = $this->accessFactory->get($connection);
	161	+ $access->setUserMapper($this->mapper);
	162	+
	163	+ $filter = $access->combineFilterWithAnd([
	164	+ $access->connection->ldapUserFilter,
	165	+ $access->connection->ldapUserDisplayName . '=*',
	166	+ $access->getFilterPartForUserSearch('')
	167	+ ]);
	168	+ $results = $access->fetchListOfUsers(
	169	+ $filter,
	170	+ $access->userManager->getAttributes(),
	171	+ $connection->ldapPagingSize,
	172	+ $cycleData['offset'],
	173	+ true
	174	+ );
	175	+
	176	+ if ((int)$connection->ldapPagingSize === 0) {
	177	+ return false;
	178	+ }
	179	+ return count($results) >= (int)$connection->ldapPagingSize;
	180	+ }
	181	+
	182	+ /**
	183	+ * returns the info about the current cycle that should be run, if any,
	184	+ * otherwise null
	185	+ *
	186	+ * @return array\|null
	187	+ */
	188	+ public function getCycle() {
	189	+ $prefixes = $this->ldapHelper->getServerConfigurationPrefixes(true);
	190	+ if (count($prefixes) === 0) {
	191	+ return null;
	192	+ }
	193	+
	194	+ $cycleData = [
	195	+ 'prefix' => $this->config->getAppValue('user_ldap', 'background_sync_prefix', null),
	196	+ 'offset' => (int)$this->config->getAppValue('user_ldap', 'background_sync_offset', 0),
	197	+ ];
	198	+
	199	+ if (
	200	+ $cycleData['prefix'] !== null
	201	+ && in_array($cycleData['prefix'], $prefixes)
	202	+ ) {
	203	+ return $cycleData;
	204	+ }
	205	+
	206	+ return null;
	207	+ }
	208	+
	209	+ /**
	210	+ * Save the provided cycle information in the DB
	211	+ *
	212	+ * @param array $cycleData
	213	+ */
	214	+ public function setCycle(array $cycleData) {
	215	+ $this->config->setAppValue('user_ldap', 'background_sync_prefix', $cycleData['prefix']);
	216	+ $this->config->setAppValue('user_ldap', 'background_sync_offset', $cycleData['offset']);
	217	+ }
	218	+
	219	+ /**
	220	+ * returns data about the next cycle that should run, if any, otherwise
	221	+ * null. It also always goes for the next LDAP configuration!
	222	+ *
	223	+ * @param array\|null $cycleData the old cycle
	224	+ * @return array\|null
	225	+ */
	226	+ public function determineNextCycle(array $cycleData = null) {
	227	+ $prefixes = $this->ldapHelper->getServerConfigurationPrefixes(true);
	228	+ if (count($prefixes) === 0) {
	229	+ return null;
	230	+ }
	231	+
	232	+ // get the next prefix in line and remember it
	233	+ $oldPrefix = $cycleData === null ? null : $cycleData['prefix'];
	234	+ $prefix = $this->getNextPrefix($oldPrefix);
	235	+ if ($prefix === null) {
	236	+ return null;
	237	+ }
	238	+ $cycleData['prefix'] = $prefix;
	239	+ $cycleData['offset'] = 0;
	240	+ $this->setCycle(['prefix' => $prefix, 'offset' => 0]);
	241	+
	242	+ return $cycleData;
	243	+ }
	244	+
	245	+ /**
	246	+ * Checks whether the provided cycle should be run. Currently only the
	247	+ * last configuration change goes into account (at least one hour).
	248	+ *
	249	+ * @param $cycleData
	250	+ * @return bool
	251	+ */
	252	+ public function qualifiesToRun($cycleData) {
	253	+ $lastChange = $this->config->getAppValue('user_ldap', $cycleData['prefix'] . '_lastChange', 0);
	254	+ if ((time() - $lastChange) > 60 * 30) {
	255	+ return true;
	256	+ }
	257	+ return false;
	258	+ }
	259	+
	260	+ /**
	261	+ * increases the offset of the current cycle for the next run
	262	+ *
	263	+ * @param $cycleData
	264	+ */
	265	+ protected function increaseOffset($cycleData) {
	266	+ $ldapConfig = new Configuration($cycleData['prefix']);
	267	+ $cycleData['offset'] += (int)$ldapConfig->ldapPagingSize;
	268	+ $this->setCycle($cycleData);
	269	+ }
	270	+
	271	+ /**
	272	+ * determines the next configuration prefix based on the last one (if any)
	273	+ *
	274	+ * @param string\|null $lastPrefix
	275	+ * @return string\|null
	276	+ */
	277	+ protected function getNextPrefix($lastPrefix) {
	278	+ $prefixes = $this->ldapHelper->getServerConfigurationPrefixes(true);
	279	+ $noOfPrefixes = count($prefixes);
	280	+ if ($noOfPrefixes === 0) {
	281	+ return null;
	282	+ }
	283	+ $i = $lastPrefix === null ? false : array_search($lastPrefix, $prefixes, true);
	284	+ if ($i === false) {
	285	+ $i = -1;
	286	+ } else {
	287	+ $i++;
	288	+ }
	289	+
	290	+ if (!isset($prefixes[$i])) {
	291	+ $i = 0;
	292	+ }
	293	+ return $prefixes[$i];
	294	+ }
	295	+
	296	+ /**
	297	+ * "fixes" DI
	298	+ *
	299	+ * @param array $argument
	300	+ */
	301	+ public function setArgument($argument) {
	302	+ if (isset($argument['config'])) {
	303	+ $this->config = $argument['config'];
	304	+ } else {
	305	+ $this->config = \OC::$server->getConfig();
	306	+ }
	307	+
	308	+ if (isset($argument['helper'])) {
	309	+ $this->ldapHelper = $argument['helper'];
	310	+ } else {
	311	+ $this->ldapHelper = new Helper($this->config);
	312	+ }
	313	+
	314	+ if (isset($argument['ldapWrapper'])) {
	315	+ $this->ldap = $argument['ldapWrapper'];
	316	+ } else {
	317	+ $this->ldap = new LDAP();
	318	+ }
	319	+
	320	+ if (isset($argument['avatarManager'])) {
	321	+ $this->avatarManager = $argument['avatarManager'];
	322	+ } else {
	323	+ $this->avatarManager = \OC::$server->getAvatarManager();
	324	+ }
	325	+
	326	+ if (isset($argument['dbc'])) {
	327	+ $this->dbc = $argument['dbc'];
	328	+ } else {
	329	+ $this->dbc = \OC::$server->getDatabaseConnection();
	330	+ }
	331	+
	332	+ if (isset($argument['ncUserManager'])) {
	333	+ $this->ncUserManager = $argument['ncUserManager'];
	334	+ } else {
	335	+ $this->ncUserManager = \OC::$server->getUserManager();
	336	+ }
	337	+
	338	+ if (isset($argument['notificationManager'])) {
	339	+ $this->notificationManager = $argument['notificationManager'];
	340	+ } else {
	341	+ $this->notificationManager = \OC::$server->getNotificationManager();
	342	+ }
	343	+
	344	+ if (isset($argument['userManager'])) {
	345	+ $this->userManager = $argument['userManager'];
	346	+ }
	347	+
	348	+ if (isset($argument['mapper'])) {
	349	+ $this->mapper = $argument['mapper'];
	350	+ } else {
	351	+ $this->mapper = new UserMapping($this->dbc);
	352	+ }
	353	+
	354	+ if (isset($argument['connectionFactory'])) {
	355	+ $this->connectionFactory = $argument['connectionFactory'];
	356	+ } else {
	357	+ $this->connectionFactory = new ConnectionFactory($this->ldap);
	358	+ }
	359	+
	360	+ if (isset($argument['accessFactory'])) {
	361	+ $this->accessFactory = $argument['accessFactory'];
	362	+ } else {
	363	+ $this->accessFactory = new AccessFactory(
	364	+ $this->ldap,
	365	+ $this->userManager,
	366	+ $this->ldapHelper,
	367	+ $this->config,
	368	+ $this->ncUserManager
	369	+ );
	370	+ }
	371	+ }
372	372	}

		@@ -31,14 +31,14 @@
		block discarded – undo
31	31	use OCP\LDAP\ILDAPProviderFactory;
32	32
33	33	class LDAPProviderFactory implements ILDAPProviderFactory {
34		- /** * @var IServerContainer */
35		- private $serverContainer;
	34	+ /** * @var IServerContainer */
	35	+ private $serverContainer;
36	36
37		- public function __construct(IServerContainer $serverContainer) {
38		- $this->serverContainer = $serverContainer;
39		- }
	37	+ public function __construct(IServerContainer $serverContainer) {
	38	+ $this->serverContainer = $serverContainer;
	39	+ }
40	40
41		- public function getLDAPProvider(): ILDAPProvider {
42		- return $this->serverContainer->get(LDAPProvider::class);
43		- }
	41	+ public function getLDAPProvider(): ILDAPProvider {
	42	+ return $this->serverContainer->get(LDAPProvider::class);
	43	+ }
44	44	}

		@@ -39,185 +39,185 @@
		block discarded – undo
39	39	use OCP\Share\IManager;
40	40
41	41	abstract class Proxy {
42		- private static $accesses = [];
43		- private $ldap = null;
44		- /** @var bool */
45		- private $isSingleBackend;
46		-
47		- /** @var \OCP\ICache\|null */
48		- private $cache;
49		-
50		- /**
51		- * @param ILDAPWrapper $ldap
52		- */
53		- public function __construct(ILDAPWrapper $ldap) {
54		- $this->ldap = $ldap;
55		- $memcache = \OC::$server->getMemCacheFactory();
56		- if ($memcache->isAvailable()) {
57		- $this->cache = $memcache->createDistributed();
58		- }
59		- }
60		-
61		- /**
62		- * @param string $configPrefix
63		- */
64		- private function addAccess($configPrefix) {
65		- static $ocConfig;
66		- static $fs;
67		- static $log;
68		- static $avatarM;
69		- static $userMap;
70		- static $groupMap;
71		- static $shareManager;
72		- static $coreUserManager;
73		- static $coreNotificationManager;
74		- if ($fs === null) {
75		- $ocConfig = \OC::$server->getConfig();
76		- $fs = new FilesystemHelper();
77		- $log = new LogWrapper();
78		- $avatarM = \OC::$server->getAvatarManager();
79		- $db = \OC::$server->getDatabaseConnection();
80		- $userMap = new UserMapping($db);
81		- $groupMap = new GroupMapping($db);
82		- $coreUserManager = \OC::$server->getUserManager();
83		- $coreNotificationManager = \OC::$server->getNotificationManager();
84		- $shareManager = \OC::$server->get(IManager::class);
85		- }
86		- $userManager =
87		- new Manager($ocConfig, $fs, $log, $avatarM, new \OCP\Image(),
88		- $coreUserManager, $coreNotificationManager, $shareManager);
89		- $connector = new Connection($this->ldap, $configPrefix);
90		- $access = new Access($connector, $this->ldap, $userManager, new Helper($ocConfig), $ocConfig, $coreUserManager);
91		- $access->setUserMapper($userMap);
92		- $access->setGroupMapper($groupMap);
93		- self::$accesses[$configPrefix] = $access;
94		- }
95		-
96		- /**
97		- * @param string $configPrefix
98		- * @return mixed
99		- */
100		- protected function getAccess($configPrefix) {
101		- if (!isset(self::$accesses[$configPrefix])) {
102		- $this->addAccess($configPrefix);
103		- }
104		- return self::$accesses[$configPrefix];
105		- }
106		-
107		- /**
108		- * @param string $uid
109		- * @return string
110		- */
111		- protected function getUserCacheKey($uid) {
112		- return 'user-' . $uid . '-lastSeenOn';
113		- }
114		-
115		- /**
116		- * @param string $gid
117		- * @return string
118		- */
119		- protected function getGroupCacheKey($gid) {
120		- return 'group-' . $gid . '-lastSeenOn';
121		- }
122		-
123		- /**
124		- * @param string $id
125		- * @param string $method
126		- * @param array $parameters
127		- * @param bool $passOnWhen
128		- * @return mixed
129		- */
130		- abstract protected function callOnLastSeenOn($id, $method, $parameters, $passOnWhen);
131		-
132		- /**
133		- * @param string $id
134		- * @param string $method
135		- * @param array $parameters
136		- * @return mixed
137		- */
138		- abstract protected function walkBackends($id, $method, $parameters);
139		-
140		- /**
141		- * @param string $id
142		- * @return Access
143		- */
144		- abstract public function getLDAPAccess($id);
145		-
146		- abstract protected function activeBackends(): int;
147		-
148		- protected function isSingleBackend(): bool {
149		- if ($this->isSingleBackend === null) {
150		- $this->isSingleBackend = $this->activeBackends() === 1;
151		- }
152		- return $this->isSingleBackend;
153		- }
154		-
155		- /**
156		- * Takes care of the request to the User backend
157		- *
158		- * @param string $id
159		- * @param string $method string, the method of the user backend that shall be called
160		- * @param array $parameters an array of parameters to be passed
161		- * @param bool $passOnWhen
162		- * @return mixed, the result of the specified method
163		- */
164		- protected function handleRequest($id, $method, $parameters, $passOnWhen = false) {
165		- if (!$this->isSingleBackend()) {
166		- $result = $this->callOnLastSeenOn($id, $method, $parameters, $passOnWhen);
167		- }
168		- if (!isset($result) \|\| $result === $passOnWhen) {
169		- $result = $this->walkBackends($id, $method, $parameters);
170		- }
171		- return $result;
172		- }
173		-
174		- /**
175		- * @param string\|null $key
176		- * @return string
177		- */
178		- private function getCacheKey($key) {
179		- $prefix = 'LDAP-Proxy-';
180		- if ($key === null) {
181		- return $prefix;
182		- }
183		- return $prefix . hash('sha256', $key);
184		- }
185		-
186		- /**
187		- * @param string $key
188		- * @return mixed\|null
189		- */
190		- public function getFromCache($key) {
191		- if ($this->cache === null) {
192		- return null;
193		- }
194		-
195		- $key = $this->getCacheKey($key);
196		- $value = $this->cache->get($key);
197		- if ($value === null) {
198		- return null;
199		- }
200		-
201		- return json_decode(base64_decode($value));
202		- }
203		-
204		- /**
205		- * @param string $key
206		- * @param mixed $value
207		- */
208		- public function writeToCache($key, $value) {
209		- if ($this->cache === null) {
210		- return;
211		- }
212		- $key = $this->getCacheKey($key);
213		- $value = base64_encode(json_encode($value));
214		- $this->cache->set($key, $value, 2592000);
215		- }
216		-
217		- public function clearCache() {
218		- if ($this->cache === null) {
219		- return;
220		- }
221		- $this->cache->clear($this->getCacheKey(null));
222		- }
	42	+ private static $accesses = [];
	43	+ private $ldap = null;
	44	+ /** @var bool */
	45	+ private $isSingleBackend;
	46	+
	47	+ /** @var \OCP\ICache\|null */
	48	+ private $cache;
	49	+
	50	+ /**
	51	+ * @param ILDAPWrapper $ldap
	52	+ */
	53	+ public function __construct(ILDAPWrapper $ldap) {
	54	+ $this->ldap = $ldap;
	55	+ $memcache = \OC::$server->getMemCacheFactory();
	56	+ if ($memcache->isAvailable()) {
	57	+ $this->cache = $memcache->createDistributed();
	58	+ }
	59	+ }
	60	+
	61	+ /**
	62	+ * @param string $configPrefix
	63	+ */
	64	+ private function addAccess($configPrefix) {
	65	+ static $ocConfig;
	66	+ static $fs;
	67	+ static $log;
	68	+ static $avatarM;
	69	+ static $userMap;
	70	+ static $groupMap;
	71	+ static $shareManager;
	72	+ static $coreUserManager;
	73	+ static $coreNotificationManager;
	74	+ if ($fs === null) {
	75	+ $ocConfig = \OC::$server->getConfig();
	76	+ $fs = new FilesystemHelper();
	77	+ $log = new LogWrapper();
	78	+ $avatarM = \OC::$server->getAvatarManager();
	79	+ $db = \OC::$server->getDatabaseConnection();
	80	+ $userMap = new UserMapping($db);
	81	+ $groupMap = new GroupMapping($db);
	82	+ $coreUserManager = \OC::$server->getUserManager();
	83	+ $coreNotificationManager = \OC::$server->getNotificationManager();
	84	+ $shareManager = \OC::$server->get(IManager::class);
	85	+ }
	86	+ $userManager =
	87	+ new Manager($ocConfig, $fs, $log, $avatarM, new \OCP\Image(),
	88	+ $coreUserManager, $coreNotificationManager, $shareManager);
	89	+ $connector = new Connection($this->ldap, $configPrefix);
	90	+ $access = new Access($connector, $this->ldap, $userManager, new Helper($ocConfig), $ocConfig, $coreUserManager);
	91	+ $access->setUserMapper($userMap);
	92	+ $access->setGroupMapper($groupMap);
	93	+ self::$accesses[$configPrefix] = $access;
	94	+ }
	95	+
	96	+ /**
	97	+ * @param string $configPrefix
	98	+ * @return mixed
	99	+ */
	100	+ protected function getAccess($configPrefix) {
	101	+ if (!isset(self::$accesses[$configPrefix])) {
	102	+ $this->addAccess($configPrefix);
	103	+ }
	104	+ return self::$accesses[$configPrefix];
	105	+ }
	106	+
	107	+ /**
	108	+ * @param string $uid
	109	+ * @return string
	110	+ */
	111	+ protected function getUserCacheKey($uid) {
	112	+ return 'user-' . $uid . '-lastSeenOn';
	113	+ }
	114	+
	115	+ /**
	116	+ * @param string $gid
	117	+ * @return string
	118	+ */
	119	+ protected function getGroupCacheKey($gid) {
	120	+ return 'group-' . $gid . '-lastSeenOn';
	121	+ }
	122	+
	123	+ /**
	124	+ * @param string $id
	125	+ * @param string $method
	126	+ * @param array $parameters
	127	+ * @param bool $passOnWhen
	128	+ * @return mixed
	129	+ */
	130	+ abstract protected function callOnLastSeenOn($id, $method, $parameters, $passOnWhen);
	131	+
	132	+ /**
	133	+ * @param string $id
	134	+ * @param string $method
	135	+ * @param array $parameters
	136	+ * @return mixed
	137	+ */
	138	+ abstract protected function walkBackends($id, $method, $parameters);
	139	+
	140	+ /**
	141	+ * @param string $id
	142	+ * @return Access
	143	+ */
	144	+ abstract public function getLDAPAccess($id);
	145	+
	146	+ abstract protected function activeBackends(): int;
	147	+
	148	+ protected function isSingleBackend(): bool {
	149	+ if ($this->isSingleBackend === null) {
	150	+ $this->isSingleBackend = $this->activeBackends() === 1;
	151	+ }
	152	+ return $this->isSingleBackend;
	153	+ }
	154	+
	155	+ /**
	156	+ * Takes care of the request to the User backend
	157	+ *
	158	+ * @param string $id
	159	+ * @param string $method string, the method of the user backend that shall be called
	160	+ * @param array $parameters an array of parameters to be passed
	161	+ * @param bool $passOnWhen
	162	+ * @return mixed, the result of the specified method
	163	+ */
	164	+ protected function handleRequest($id, $method, $parameters, $passOnWhen = false) {
	165	+ if (!$this->isSingleBackend()) {
	166	+ $result = $this->callOnLastSeenOn($id, $method, $parameters, $passOnWhen);
	167	+ }
	168	+ if (!isset($result) \|\| $result === $passOnWhen) {
	169	+ $result = $this->walkBackends($id, $method, $parameters);
	170	+ }
	171	+ return $result;
	172	+ }
	173	+
	174	+ /**
	175	+ * @param string\|null $key
	176	+ * @return string
	177	+ */
	178	+ private function getCacheKey($key) {
	179	+ $prefix = 'LDAP-Proxy-';
	180	+ if ($key === null) {
	181	+ return $prefix;
	182	+ }
	183	+ return $prefix . hash('sha256', $key);
	184	+ }
	185	+
	186	+ /**
	187	+ * @param string $key
	188	+ * @return mixed\|null
	189	+ */
	190	+ public function getFromCache($key) {
	191	+ if ($this->cache === null) {
	192	+ return null;
	193	+ }
	194	+
	195	+ $key = $this->getCacheKey($key);
	196	+ $value = $this->cache->get($key);
	197	+ if ($value === null) {
	198	+ return null;
	199	+ }
	200	+
	201	+ return json_decode(base64_decode($value));
	202	+ }
	203	+
	204	+ /**
	205	+ * @param string $key
	206	+ * @param mixed $value
	207	+ */
	208	+ public function writeToCache($key, $value) {
	209	+ if ($this->cache === null) {
	210	+ return;
	211	+ }
	212	+ $key = $this->getCacheKey($key);
	213	+ $value = base64_encode(json_encode($value));
	214	+ $this->cache->set($key, $value, 2592000);
	215	+ }
	216	+
	217	+ public function clearCache() {
	218	+ if ($this->cache === null) {
	219	+ return;
	220	+ }
	221	+ $this->cache->clear($this->getCacheKey(null));
	222	+ }
223	223	}

		@@ -48,228 +48,228 @@
		block discarded – undo
48	48	* cache
49	49	*/
50	50	class Manager {
51		- /** @var Access */
52		- protected $access;
	51	+ /** @var Access */
	52	+ protected $access;
53	53
54		- /** @var IConfig */
55		- protected $ocConfig;
	54	+ /** @var IConfig */
	55	+ protected $ocConfig;
56	56
57		- /** @var IDBConnection */
58		- protected $db;
	57	+ /** @var IDBConnection */
	58	+ protected $db;
59	59
60		- /** @var IUserManager */
61		- protected $userManager;
	60	+ /** @var IUserManager */
	61	+ protected $userManager;
62	62
63		- /** @var INotificationManager */
64		- protected $notificationManager;
	63	+ /** @var INotificationManager */
	64	+ protected $notificationManager;
65	65
66		- /** @var FilesystemHelper */
67		- protected $ocFilesystem;
	66	+ /** @var FilesystemHelper */
	67	+ protected $ocFilesystem;
68	68
69		- /** @var LogWrapper */
70		- protected $ocLog;
	69	+ /** @var LogWrapper */
	70	+ protected $ocLog;
71	71
72		- /** @var Image */
73		- protected $image;
	72	+ /** @var Image */
	73	+ protected $image;
74	74
75		- /** @param \OCP\IAvatarManager */
76		- protected $avatarManager;
	75	+ /** @param \OCP\IAvatarManager */
	76	+ protected $avatarManager;
77	77
78		- /**
79		- * @var CappedMemoryCache $usersByDN
80		- */
81		- protected $usersByDN;
82		- /**
83		- * @var CappedMemoryCache $usersByUid
84		- */
85		- protected $usersByUid;
86		- /** @var IManager */
87		- private $shareManager;
	78	+ /**
	79	+ * @var CappedMemoryCache $usersByDN
	80	+ */
	81	+ protected $usersByDN;
	82	+ /**
	83	+ * @var CappedMemoryCache $usersByUid
	84	+ */
	85	+ protected $usersByUid;
	86	+ /** @var IManager */
	87	+ private $shareManager;
88	88
89		- public function __construct(
90		- IConfig $ocConfig,
91		- FilesystemHelper $ocFilesystem,
92		- LogWrapper $ocLog,
93		- IAvatarManager $avatarManager,
94		- Image $image,
95		- IUserManager $userManager,
96		- INotificationManager $notificationManager,
97		- IManager $shareManager
98		- ) {
99		- $this->ocConfig = $ocConfig;
100		- $this->ocFilesystem = $ocFilesystem;
101		- $this->ocLog = $ocLog;
102		- $this->avatarManager = $avatarManager;
103		- $this->image = $image;
104		- $this->userManager = $userManager;
105		- $this->notificationManager = $notificationManager;
106		- $this->usersByDN = new CappedMemoryCache();
107		- $this->usersByUid = new CappedMemoryCache();
108		- $this->shareManager = $shareManager;
109		- }
	89	+ public function __construct(
	90	+ IConfig $ocConfig,
	91	+ FilesystemHelper $ocFilesystem,
	92	+ LogWrapper $ocLog,
	93	+ IAvatarManager $avatarManager,
	94	+ Image $image,
	95	+ IUserManager $userManager,
	96	+ INotificationManager $notificationManager,
	97	+ IManager $shareManager
	98	+ ) {
	99	+ $this->ocConfig = $ocConfig;
	100	+ $this->ocFilesystem = $ocFilesystem;
	101	+ $this->ocLog = $ocLog;
	102	+ $this->avatarManager = $avatarManager;
	103	+ $this->image = $image;
	104	+ $this->userManager = $userManager;
	105	+ $this->notificationManager = $notificationManager;
	106	+ $this->usersByDN = new CappedMemoryCache();
	107	+ $this->usersByUid = new CappedMemoryCache();
	108	+ $this->shareManager = $shareManager;
	109	+ }
110	110
111		- /**
112		- * Binds manager to an instance of Access.
113		- * It needs to be assigned first before the manager can be used.
114		- * @param Access
115		- */
116		- public function setLdapAccess(Access $access) {
117		- $this->access = $access;
118		- }
	111	+ /**
	112	+ * Binds manager to an instance of Access.
	113	+ * It needs to be assigned first before the manager can be used.
	114	+ * @param Access
	115	+ */
	116	+ public function setLdapAccess(Access $access) {
	117	+ $this->access = $access;
	118	+ }
119	119
120		- /**
121		- * @brief creates an instance of User and caches (just runtime) it in the
122		- * property array
123		- * @param string $dn the DN of the user
124		- * @param string $uid the internal (owncloud) username
125		- * @return \OCA\User_LDAP\User\User
126		- */
127		- private function createAndCache($dn, $uid) {
128		- $this->checkAccess();
129		- $user = new User($uid, $dn, $this->access, $this->ocConfig,
130		- $this->ocFilesystem, clone $this->image, $this->ocLog,
131		- $this->avatarManager, $this->userManager,
132		- $this->notificationManager);
133		- $this->usersByDN[$dn] = $user;
134		- $this->usersByUid[$uid] = $user;
135		- return $user;
136		- }
	120	+ /**
	121	+ * @brief creates an instance of User and caches (just runtime) it in the
	122	+ * property array
	123	+ * @param string $dn the DN of the user
	124	+ * @param string $uid the internal (owncloud) username
	125	+ * @return \OCA\User_LDAP\User\User
	126	+ */
	127	+ private function createAndCache($dn, $uid) {
	128	+ $this->checkAccess();
	129	+ $user = new User($uid, $dn, $this->access, $this->ocConfig,
	130	+ $this->ocFilesystem, clone $this->image, $this->ocLog,
	131	+ $this->avatarManager, $this->userManager,
	132	+ $this->notificationManager);
	133	+ $this->usersByDN[$dn] = $user;
	134	+ $this->usersByUid[$uid] = $user;
	135	+ return $user;
	136	+ }
137	137
138		- /**
139		- * removes a user entry from the cache
140		- * @param $uid
141		- */
142		- public function invalidate($uid) {
143		- if (!isset($this->usersByUid[$uid])) {
144		- return;
145		- }
146		- $dn = $this->usersByUid[$uid]->getDN();
147		- unset($this->usersByUid[$uid]);
148		- unset($this->usersByDN[$dn]);
149		- }
	138	+ /**
	139	+ * removes a user entry from the cache
	140	+ * @param $uid
	141	+ */
	142	+ public function invalidate($uid) {
	143	+ if (!isset($this->usersByUid[$uid])) {
	144	+ return;
	145	+ }
	146	+ $dn = $this->usersByUid[$uid]->getDN();
	147	+ unset($this->usersByUid[$uid]);
	148	+ unset($this->usersByDN[$dn]);
	149	+ }
150	150
151		- /**
152		- * @brief checks whether the Access instance has been set
153		- * @throws \Exception if Access has not been set
154		- * @return null
155		- */
156		- private function checkAccess() {
157		- if (is_null($this->access)) {
158		- throw new \Exception('LDAP Access instance must be set first');
159		- }
160		- }
	151	+ /**
	152	+ * @brief checks whether the Access instance has been set
	153	+ * @throws \Exception if Access has not been set
	154	+ * @return null
	155	+ */
	156	+ private function checkAccess() {
	157	+ if (is_null($this->access)) {
	158	+ throw new \Exception('LDAP Access instance must be set first');
	159	+ }
	160	+ }
161	161
162		- /**
163		- * returns a list of attributes that will be processed further, e.g. quota,
164		- * email, displayname, or others.
165		- *
166		- * @param bool $minimal - optional, set to true to skip attributes with big
167		- * payload
168		- * @return string[]
169		- */
170		- public function getAttributes($minimal = false) {
171		- $baseAttributes = array_merge(Access::UUID_ATTRIBUTES, ['dn', 'uid', 'samaccountname', 'memberof']);
172		- $attributes = [
173		- $this->access->getConnection()->ldapExpertUUIDUserAttr,
174		- $this->access->getConnection()->ldapQuotaAttribute,
175		- $this->access->getConnection()->ldapEmailAttribute,
176		- $this->access->getConnection()->ldapUserDisplayName,
177		- $this->access->getConnection()->ldapUserDisplayName2,
178		- $this->access->getConnection()->ldapExtStorageHomeAttribute,
179		- ];
	162	+ /**
	163	+ * returns a list of attributes that will be processed further, e.g. quota,
	164	+ * email, displayname, or others.
	165	+ *
	166	+ * @param bool $minimal - optional, set to true to skip attributes with big
	167	+ * payload
	168	+ * @return string[]
	169	+ */
	170	+ public function getAttributes($minimal = false) {
	171	+ $baseAttributes = array_merge(Access::UUID_ATTRIBUTES, ['dn', 'uid', 'samaccountname', 'memberof']);
	172	+ $attributes = [
	173	+ $this->access->getConnection()->ldapExpertUUIDUserAttr,
	174	+ $this->access->getConnection()->ldapQuotaAttribute,
	175	+ $this->access->getConnection()->ldapEmailAttribute,
	176	+ $this->access->getConnection()->ldapUserDisplayName,
	177	+ $this->access->getConnection()->ldapUserDisplayName2,
	178	+ $this->access->getConnection()->ldapExtStorageHomeAttribute,
	179	+ ];
180	180
181		- $homeRule = $this->access->getConnection()->homeFolderNamingRule;
182		- if (strpos($homeRule, 'attr:') === 0) {
183		- $attributes[] = substr($homeRule, strlen('attr:'));
184		- }
	181	+ $homeRule = $this->access->getConnection()->homeFolderNamingRule;
	182	+ if (strpos($homeRule, 'attr:') === 0) {
	183	+ $attributes[] = substr($homeRule, strlen('attr:'));
	184	+ }
185	185
186		- if (!$minimal) {
187		- // attributes that are not really important but may come with big
188		- // payload.
189		- $attributes = array_merge(
190		- $attributes,
191		- $this->access->getConnection()->resolveRule('avatar')
192		- );
193		- }
	186	+ if (!$minimal) {
	187	+ // attributes that are not really important but may come with big
	188	+ // payload.
	189	+ $attributes = array_merge(
	190	+ $attributes,
	191	+ $this->access->getConnection()->resolveRule('avatar')
	192	+ );
	193	+ }
194	194
195		- $attributes = array_reduce($attributes,
196		- function ($list, $attribute) {
197		- $attribute = strtolower(trim((string)$attribute));
198		- if (!empty($attribute) && !in_array($attribute, $list)) {
199		- $list[] = $attribute;
200		- }
	195	+ $attributes = array_reduce($attributes,
	196	+ function ($list, $attribute) {
	197	+ $attribute = strtolower(trim((string)$attribute));
	198	+ if (!empty($attribute) && !in_array($attribute, $list)) {
	199	+ $list[] = $attribute;
	200	+ }
201	201
202		- return $list;
203		- },
204		- $baseAttributes // hard-coded, lower-case, non-empty attributes
205		- );
	202	+ return $list;
	203	+ },
	204	+ $baseAttributes // hard-coded, lower-case, non-empty attributes
	205	+ );
206	206
207		- return $attributes;
208		- }
	207	+ return $attributes;
	208	+ }
209	209
210		- /**
211		- * Checks whether the specified user is marked as deleted
212		- * @param string $id the Nextcloud user name
213		- * @return bool
214		- */
215		- public function isDeletedUser($id) {
216		- $isDeleted = $this->ocConfig->getUserValue(
217		- $id, 'user_ldap', 'isDeleted', 0);
218		- return (int)$isDeleted === 1;
219		- }
	210	+ /**
	211	+ * Checks whether the specified user is marked as deleted
	212	+ * @param string $id the Nextcloud user name
	213	+ * @return bool
	214	+ */
	215	+ public function isDeletedUser($id) {
	216	+ $isDeleted = $this->ocConfig->getUserValue(
	217	+ $id, 'user_ldap', 'isDeleted', 0);
	218	+ return (int)$isDeleted === 1;
	219	+ }
220	220
221		- /**
222		- * creates and returns an instance of OfflineUser for the specified user
223		- * @param string $id
224		- * @return \OCA\User_LDAP\User\OfflineUser
225		- */
226		- public function getDeletedUser($id) {
227		- return new OfflineUser(
228		- $id,
229		- $this->ocConfig,
230		- $this->access->getUserMapper(),
231		- $this->shareManager
232		- );
233		- }
	221	+ /**
	222	+ * creates and returns an instance of OfflineUser for the specified user
	223	+ * @param string $id
	224	+ * @return \OCA\User_LDAP\User\OfflineUser
	225	+ */
	226	+ public function getDeletedUser($id) {
	227	+ return new OfflineUser(
	228	+ $id,
	229	+ $this->ocConfig,
	230	+ $this->access->getUserMapper(),
	231	+ $this->shareManager
	232	+ );
	233	+ }
234	234
235		- /**
236		- * @brief returns a User object by it's Nextcloud username
237		- * @param string $id the DN or username of the user
238		- * @return \OCA\User_LDAP\User\User\|\OCA\User_LDAP\User\OfflineUser\|null
239		- */
240		- protected function createInstancyByUserName($id) {
241		- //most likely a uid. Check whether it is a deleted user
242		- if ($this->isDeletedUser($id)) {
243		- return $this->getDeletedUser($id);
244		- }
245		- $dn = $this->access->username2dn($id);
246		- if ($dn !== false) {
247		- return $this->createAndCache($dn, $id);
248		- }
249		- return null;
250		- }
	235	+ /**
	236	+ * @brief returns a User object by it's Nextcloud username
	237	+ * @param string $id the DN or username of the user
	238	+ * @return \OCA\User_LDAP\User\User\|\OCA\User_LDAP\User\OfflineUser\|null
	239	+ */
	240	+ protected function createInstancyByUserName($id) {
	241	+ //most likely a uid. Check whether it is a deleted user
	242	+ if ($this->isDeletedUser($id)) {
	243	+ return $this->getDeletedUser($id);
	244	+ }
	245	+ $dn = $this->access->username2dn($id);
	246	+ if ($dn !== false) {
	247	+ return $this->createAndCache($dn, $id);
	248	+ }
	249	+ return null;
	250	+ }
251	251
252		- /**
253		- * @brief returns a User object by it's DN or Nextcloud username
254		- * @param string $id the DN or username of the user
255		- * @return \OCA\User_LDAP\User\User\|\OCA\User_LDAP\User\OfflineUser\|null
256		- * @throws \Exception when connection could not be established
257		- */
258		- public function get($id) {
259		- $this->checkAccess();
260		- if (isset($this->usersByDN[$id])) {
261		- return $this->usersByDN[$id];
262		- } elseif (isset($this->usersByUid[$id])) {
263		- return $this->usersByUid[$id];
264		- }
	252	+ /**
	253	+ * @brief returns a User object by it's DN or Nextcloud username
	254	+ * @param string $id the DN or username of the user
	255	+ * @return \OCA\User_LDAP\User\User\|\OCA\User_LDAP\User\OfflineUser\|null
	256	+ * @throws \Exception when connection could not be established
	257	+ */
	258	+ public function get($id) {
	259	+ $this->checkAccess();
	260	+ if (isset($this->usersByDN[$id])) {
	261	+ return $this->usersByDN[$id];
	262	+ } elseif (isset($this->usersByUid[$id])) {
	263	+ return $this->usersByUid[$id];
	264	+ }
265	265
266		- if ($this->access->stringResemblesDN($id)) {
267		- $uid = $this->access->dn2username($id);
268		- if ($uid !== false) {
269		- return $this->createAndCache($id, $uid);
270		- }
271		- }
	266	+ if ($this->access->stringResemblesDN($id)) {
	267	+ $uid = $this->access->dn2username($id);
	268	+ if ($uid !== false) {
	269	+ return $this->createAndCache($id, $uid);
	270	+ }
	271	+ }
272	272
273		- return $this->createInstancyByUserName($id);
274		- }
	273	+ return $this->createInstancyByUserName($id);
	274	+ }
275	275	}

		@@ -33,82 +33,82 @@
		block discarded – undo
33	33	* @package OCA\User_LDAP
34	34	*/
35	35	class DeletedUsersIndex {
36		- /**
37		- * @var \OCP\IConfig $config
38		- */
39		- protected $config;
	36	+ /**
	37	+ * @var \OCP\IConfig $config
	38	+ */
	39	+ protected $config;
40	40
41		- /**
42		- * @var \OCA\User_LDAP\Mapping\UserMapping $mapping
43		- */
44		- protected $mapping;
	41	+ /**
	42	+ * @var \OCA\User_LDAP\Mapping\UserMapping $mapping
	43	+ */
	44	+ protected $mapping;
45	45
46		- /**
47		- * @var array $deletedUsers
48		- */
49		- protected $deletedUsers;
50		- /** @var IManager */
51		- private $shareManager;
	46	+ /**
	47	+ * @var array $deletedUsers
	48	+ */
	49	+ protected $deletedUsers;
	50	+ /** @var IManager */
	51	+ private $shareManager;
52	52
53		- public function __construct(\OCP\IConfig $config, UserMapping $mapping, IManager $shareManager) {
54		- $this->config = $config;
55		- $this->mapping = $mapping;
56		- $this->shareManager = $shareManager;
57		- }
	53	+ public function __construct(\OCP\IConfig $config, UserMapping $mapping, IManager $shareManager) {
	54	+ $this->config = $config;
	55	+ $this->mapping = $mapping;
	56	+ $this->shareManager = $shareManager;
	57	+ }
58	58
59		- /**
60		- * reads LDAP users marked as deleted from the database
61		- * @return \OCA\User_LDAP\User\OfflineUser[]
62		- */
63		- private function fetchDeletedUsers() {
64		- $deletedUsers = $this->config->getUsersForUserValue(
65		- 'user_ldap', 'isDeleted', '1');
	59	+ /**
	60	+ * reads LDAP users marked as deleted from the database
	61	+ * @return \OCA\User_LDAP\User\OfflineUser[]
	62	+ */
	63	+ private function fetchDeletedUsers() {
	64	+ $deletedUsers = $this->config->getUsersForUserValue(
	65	+ 'user_ldap', 'isDeleted', '1');
66	66
67		- $userObjects = [];
68		- foreach ($deletedUsers as $user) {
69		- $userObjects[] = new OfflineUser($user, $this->config, $this->mapping, $this->shareManager);
70		- }
71		- $this->deletedUsers = $userObjects;
	67	+ $userObjects = [];
	68	+ foreach ($deletedUsers as $user) {
	69	+ $userObjects[] = new OfflineUser($user, $this->config, $this->mapping, $this->shareManager);
	70	+ }
	71	+ $this->deletedUsers = $userObjects;
72	72
73		- return $this->deletedUsers;
74		- }
	73	+ return $this->deletedUsers;
	74	+ }
75	75
76		- /**
77		- * returns all LDAP users that are marked as deleted
78		- * @return \OCA\User_LDAP\User\OfflineUser[]
79		- */
80		- public function getUsers() {
81		- if (is_array($this->deletedUsers)) {
82		- return $this->deletedUsers;
83		- }
84		- return $this->fetchDeletedUsers();
85		- }
	76	+ /**
	77	+ * returns all LDAP users that are marked as deleted
	78	+ * @return \OCA\User_LDAP\User\OfflineUser[]
	79	+ */
	80	+ public function getUsers() {
	81	+ if (is_array($this->deletedUsers)) {
	82	+ return $this->deletedUsers;
	83	+ }
	84	+ return $this->fetchDeletedUsers();
	85	+ }
86	86
87		- /**
88		- * whether at least one user was detected as deleted
89		- * @return bool
90		- */
91		- public function hasUsers() {
92		- if (!is_array($this->deletedUsers)) {
93		- $this->fetchDeletedUsers();
94		- }
95		- return is_array($this->deletedUsers) && (count($this->deletedUsers) > 0);
96		- }
	87	+ /**
	88	+ * whether at least one user was detected as deleted
	89	+ * @return bool
	90	+ */
	91	+ public function hasUsers() {
	92	+ if (!is_array($this->deletedUsers)) {
	93	+ $this->fetchDeletedUsers();
	94	+ }
	95	+ return is_array($this->deletedUsers) && (count($this->deletedUsers) > 0);
	96	+ }
97	97
98		- /**
99		- * marks a user as deleted
100		- *
101		- * @param string $ocName
102		- * @throws \OCP\PreConditionNotMetException
103		- */
104		- public function markUser($ocName) {
105		- $curValue = $this->config->getUserValue($ocName, 'user_ldap', 'isDeleted', '0');
106		- if ($curValue === '1') {
107		- // the user is already marked, do not write to DB again
108		- return;
109		- }
110		- $this->config->setUserValue($ocName, 'user_ldap', 'isDeleted', '1');
111		- $this->config->setUserValue($ocName, 'user_ldap', 'foundDeleted', (string)time());
112		- $this->deletedUsers = null;
113		- }
	98	+ /**
	99	+ * marks a user as deleted
	100	+ *
	101	+ * @param string $ocName
	102	+ * @throws \OCP\PreConditionNotMetException
	103	+ */
	104	+ public function markUser($ocName) {
	105	+ $curValue = $this->config->getUserValue($ocName, 'user_ldap', 'isDeleted', '0');
	106	+ if ($curValue === '1') {
	107	+ // the user is already marked, do not write to DB again
	108	+ return;
	109	+ }
	110	+ $this->config->setUserValue($ocName, 'user_ldap', 'isDeleted', '1');
	111	+ $this->config->setUserValue($ocName, 'user_ldap', 'foundDeleted', (string)time());
	112	+ $this->deletedUsers = null;
	113	+ }
114	114	}

		@@ -32,240 +32,240 @@
		block discarded – undo
32	32	use OCP\Share\IShare;
33	33
34	34	class OfflineUser {
35		- /**
36		- * @var string $ocName
37		- */
38		- protected $ocName;
39		- /**
40		- * @var string $dn
41		- */
42		- protected $dn;
43		- /**
44		- * @var string $uid the UID as provided by LDAP
45		- */
46		- protected $uid;
47		- /**
48		- * @var string $displayName
49		- */
50		- protected $displayName;
51		- /**
52		- * @var string $homePath
53		- */
54		- protected $homePath;
55		- /**
56		- * @var string $lastLogin the timestamp of the last login
57		- */
58		- protected $lastLogin;
59		- /**
60		- * @var string $foundDeleted the timestamp when the user was detected as unavailable
61		- */
62		- protected $foundDeleted;
63		- /**
64		- * @var string $email
65		- */
66		- protected $email;
67		- /**
68		- * @var bool $hasActiveShares
69		- */
70		- protected $hasActiveShares;
71		- /**
72		- * @var IConfig $config
73		- */
74		- protected $config;
75		- /**
76		- * @var IDBConnection $db
77		- */
78		- protected $db;
79		- /**
80		- * @var \OCA\User_LDAP\Mapping\UserMapping
81		- */
82		- protected $mapping;
83		- /** @var IManager */
84		- private $shareManager;
	35	+ /**
	36	+ * @var string $ocName
	37	+ */
	38	+ protected $ocName;
	39	+ /**
	40	+ * @var string $dn
	41	+ */
	42	+ protected $dn;
	43	+ /**
	44	+ * @var string $uid the UID as provided by LDAP
	45	+ */
	46	+ protected $uid;
	47	+ /**
	48	+ * @var string $displayName
	49	+ */
	50	+ protected $displayName;
	51	+ /**
	52	+ * @var string $homePath
	53	+ */
	54	+ protected $homePath;
	55	+ /**
	56	+ * @var string $lastLogin the timestamp of the last login
	57	+ */
	58	+ protected $lastLogin;
	59	+ /**
	60	+ * @var string $foundDeleted the timestamp when the user was detected as unavailable
	61	+ */
	62	+ protected $foundDeleted;
	63	+ /**
	64	+ * @var string $email
	65	+ */
	66	+ protected $email;
	67	+ /**
	68	+ * @var bool $hasActiveShares
	69	+ */
	70	+ protected $hasActiveShares;
	71	+ /**
	72	+ * @var IConfig $config
	73	+ */
	74	+ protected $config;
	75	+ /**
	76	+ * @var IDBConnection $db
	77	+ */
	78	+ protected $db;
	79	+ /**
	80	+ * @var \OCA\User_LDAP\Mapping\UserMapping
	81	+ */
	82	+ protected $mapping;
	83	+ /** @var IManager */
	84	+ private $shareManager;
85	85
86		- public function __construct(
87		- $ocName,
88		- IConfig $config,
89		- UserMapping $mapping,
90		- IManager $shareManager
91		- ) {
92		- $this->ocName = $ocName;
93		- $this->config = $config;
94		- $this->mapping = $mapping;
95		- $this->shareManager = $shareManager;
96		- }
	86	+ public function __construct(
	87	+ $ocName,
	88	+ IConfig $config,
	89	+ UserMapping $mapping,
	90	+ IManager $shareManager
	91	+ ) {
	92	+ $this->ocName = $ocName;
	93	+ $this->config = $config;
	94	+ $this->mapping = $mapping;
	95	+ $this->shareManager = $shareManager;
	96	+ }
97	97
98		- /**
99		- * remove the Delete-flag from the user.
100		- */
101		- public function unmark() {
102		- $this->config->deleteUserValue($this->ocName, 'user_ldap', 'isDeleted');
103		- $this->config->deleteUserValue($this->ocName, 'user_ldap', 'foundDeleted');
104		- }
	98	+ /**
	99	+ * remove the Delete-flag from the user.
	100	+ */
	101	+ public function unmark() {
	102	+ $this->config->deleteUserValue($this->ocName, 'user_ldap', 'isDeleted');
	103	+ $this->config->deleteUserValue($this->ocName, 'user_ldap', 'foundDeleted');
	104	+ }
105	105
106		- /**
107		- * exports the user details in an assoc array
108		- * @return array
109		- */
110		- public function export() {
111		- $data = [];
112		- $data['ocName'] = $this->getOCName();
113		- $data['dn'] = $this->getDN();
114		- $data['uid'] = $this->getUID();
115		- $data['displayName'] = $this->getDisplayName();
116		- $data['homePath'] = $this->getHomePath();
117		- $data['lastLogin'] = $this->getLastLogin();
118		- $data['email'] = $this->getEmail();
119		- $data['hasActiveShares'] = $this->getHasActiveShares();
	106	+ /**
	107	+ * exports the user details in an assoc array
	108	+ * @return array
	109	+ */
	110	+ public function export() {
	111	+ $data = [];
	112	+ $data['ocName'] = $this->getOCName();
	113	+ $data['dn'] = $this->getDN();
	114	+ $data['uid'] = $this->getUID();
	115	+ $data['displayName'] = $this->getDisplayName();
	116	+ $data['homePath'] = $this->getHomePath();
	117	+ $data['lastLogin'] = $this->getLastLogin();
	118	+ $data['email'] = $this->getEmail();
	119	+ $data['hasActiveShares'] = $this->getHasActiveShares();
120	120
121		- return $data;
122		- }
	121	+ return $data;
	122	+ }
123	123
124		- /**
125		- * getter for Nextcloud internal name
126		- * @return string
127		- */
128		- public function getOCName() {
129		- return $this->ocName;
130		- }
	124	+ /**
	125	+ * getter for Nextcloud internal name
	126	+ * @return string
	127	+ */
	128	+ public function getOCName() {
	129	+ return $this->ocName;
	130	+ }
131	131
132		- /**
133		- * getter for LDAP uid
134		- * @return string
135		- */
136		- public function getUID() {
137		- if (!isset($this->uid)) {
138		- $this->fetchDetails();
139		- }
140		- return $this->uid;
141		- }
	132	+ /**
	133	+ * getter for LDAP uid
	134	+ * @return string
	135	+ */
	136	+ public function getUID() {
	137	+ if (!isset($this->uid)) {
	138	+ $this->fetchDetails();
	139	+ }
	140	+ return $this->uid;
	141	+ }
142	142
143		- /**
144		- * getter for LDAP DN
145		- * @return string
146		- */
147		- public function getDN() {
148		- if (!isset($this->dn)) {
149		- $this->fetchDetails();
150		- }
151		- return $this->dn;
152		- }
	143	+ /**
	144	+ * getter for LDAP DN
	145	+ * @return string
	146	+ */
	147	+ public function getDN() {
	148	+ if (!isset($this->dn)) {
	149	+ $this->fetchDetails();
	150	+ }
	151	+ return $this->dn;
	152	+ }
153	153
154		- /**
155		- * getter for display name
156		- * @return string
157		- */
158		- public function getDisplayName() {
159		- if (!isset($this->displayName)) {
160		- $this->fetchDetails();
161		- }
162		- return $this->displayName;
163		- }
	154	+ /**
	155	+ * getter for display name
	156	+ * @return string
	157	+ */
	158	+ public function getDisplayName() {
	159	+ if (!isset($this->displayName)) {
	160	+ $this->fetchDetails();
	161	+ }
	162	+ return $this->displayName;
	163	+ }
164	164
165		- /**
166		- * getter for email
167		- * @return string
168		- */
169		- public function getEmail() {
170		- if (!isset($this->email)) {
171		- $this->fetchDetails();
172		- }
173		- return $this->email;
174		- }
	165	+ /**
	166	+ * getter for email
	167	+ * @return string
	168	+ */
	169	+ public function getEmail() {
	170	+ if (!isset($this->email)) {
	171	+ $this->fetchDetails();
	172	+ }
	173	+ return $this->email;
	174	+ }
175	175
176		- /**
177		- * getter for home directory path
178		- * @return string
179		- */
180		- public function getHomePath() {
181		- if (!isset($this->homePath)) {
182		- $this->fetchDetails();
183		- }
184		- return $this->homePath;
185		- }
	176	+ /**
	177	+ * getter for home directory path
	178	+ * @return string
	179	+ */
	180	+ public function getHomePath() {
	181	+ if (!isset($this->homePath)) {
	182	+ $this->fetchDetails();
	183	+ }
	184	+ return $this->homePath;
	185	+ }
186	186
187		- /**
188		- * getter for the last login timestamp
189		- * @return int
190		- */
191		- public function getLastLogin() {
192		- if (!isset($this->lastLogin)) {
193		- $this->fetchDetails();
194		- }
195		- return (int)$this->lastLogin;
196		- }
	187	+ /**
	188	+ * getter for the last login timestamp
	189	+ * @return int
	190	+ */
	191	+ public function getLastLogin() {
	192	+ if (!isset($this->lastLogin)) {
	193	+ $this->fetchDetails();
	194	+ }
	195	+ return (int)$this->lastLogin;
	196	+ }
197	197
198		- /**
199		- * getter for the detection timestamp
200		- * @return int
201		- */
202		- public function getDetectedOn() {
203		- if (!isset($this->foundDeleted)) {
204		- $this->fetchDetails();
205		- }
206		- return (int)$this->foundDeleted;
207		- }
	198	+ /**
	199	+ * getter for the detection timestamp
	200	+ * @return int
	201	+ */
	202	+ public function getDetectedOn() {
	203	+ if (!isset($this->foundDeleted)) {
	204	+ $this->fetchDetails();
	205	+ }
	206	+ return (int)$this->foundDeleted;
	207	+ }
208	208
209		- /**
210		- * getter for having active shares
211		- * @return bool
212		- */
213		- public function getHasActiveShares() {
214		- if (!isset($this->hasActiveShares)) {
215		- $this->fetchDetails();
216		- }
217		- return $this->hasActiveShares;
218		- }
	209	+ /**
	210	+ * getter for having active shares
	211	+ * @return bool
	212	+ */
	213	+ public function getHasActiveShares() {
	214	+ if (!isset($this->hasActiveShares)) {
	215	+ $this->fetchDetails();
	216	+ }
	217	+ return $this->hasActiveShares;
	218	+ }
219	219
220		- /**
221		- * reads the user details
222		- */
223		- protected function fetchDetails() {
224		- $properties = [
225		- 'displayName' => 'user_ldap',
226		- 'uid' => 'user_ldap',
227		- 'homePath' => 'user_ldap',
228		- 'foundDeleted' => 'user_ldap',
229		- 'email' => 'settings',
230		- 'lastLogin' => 'login',
231		- ];
232		- foreach ($properties as $property => $app) {
233		- $this->$property = $this->config->getUserValue($this->ocName, $app, $property, '');
234		- }
	220	+ /**
	221	+ * reads the user details
	222	+ */
	223	+ protected function fetchDetails() {
	224	+ $properties = [
	225	+ 'displayName' => 'user_ldap',
	226	+ 'uid' => 'user_ldap',
	227	+ 'homePath' => 'user_ldap',
	228	+ 'foundDeleted' => 'user_ldap',
	229	+ 'email' => 'settings',
	230	+ 'lastLogin' => 'login',
	231	+ ];
	232	+ foreach ($properties as $property => $app) {
	233	+ $this->$property = $this->config->getUserValue($this->ocName, $app, $property, '');
	234	+ }
235	235
236		- $dn = $this->mapping->getDNByName($this->ocName);
237		- $this->dn = ($dn !== false) ? $dn : '';
	236	+ $dn = $this->mapping->getDNByName($this->ocName);
	237	+ $this->dn = ($dn !== false) ? $dn : '';
238	238
239		- $this->determineShares();
240		- }
	239	+ $this->determineShares();
	240	+ }
241	241
242		- /**
243		- * finds out whether the user has active shares. The result is stored in
244		- * $this->hasActiveShares
245		- */
246		- protected function determineShares() {
247		- $shareInterface = new \ReflectionClass(IShare::class);
248		- $shareConstants = $shareInterface->getConstants();
	242	+ /**
	243	+ * finds out whether the user has active shares. The result is stored in
	244	+ * $this->hasActiveShares
	245	+ */
	246	+ protected function determineShares() {
	247	+ $shareInterface = new \ReflectionClass(IShare::class);
	248	+ $shareConstants = $shareInterface->getConstants();
249	249
250		- foreach ($shareConstants as $constantName => $constantValue) {
251		- if (strpos($constantName, 'TYPE_') !== 0
252		- \|\| $constantValue === IShare::TYPE_USERGROUP
253		- ) {
254		- continue;
255		- }
256		- $shares = $this->shareManager->getSharesBy(
257		- $this->ocName,
258		- $constantValue,
259		- null,
260		- false,
261		- 1
262		- );
263		- if (!empty($shares)) {
264		- $this->hasActiveShares = true;
265		- return;
266		- }
267		- }
	250	+ foreach ($shareConstants as $constantName => $constantValue) {
	251	+ if (strpos($constantName, 'TYPE_') !== 0
	252	+ \|\| $constantValue === IShare::TYPE_USERGROUP
	253	+ ) {
	254	+ continue;
	255	+ }
	256	+ $shares = $this->shareManager->getSharesBy(
	257	+ $this->ocName,
	258	+ $constantValue,
	259	+ null,
	260	+ false,
	261	+ 1
	262	+ );
	263	+ if (!empty($shares)) {
	264	+ $this->hasActiveShares = true;
	265	+ return;
	266	+ }
	267	+ }
268	268
269		- $this->hasActiveShares = false;
270		- }
	269	+ $this->hasActiveShares = false;
	270	+ }
271	271	}

		@@ -192,7 +192,7 @@ discard block
		block discarded – undo
192	192	if (!isset($this->lastLogin)) {
193	193	$this->fetchDetails();
194	194	}
195		- return (int)$this->lastLogin;
	195	+ return (int) $this->lastLogin;
196	196	}
197	197
198	198	/**
		@@ -203,7 +203,7 @@ discard block
		block discarded – undo
203	203	if (!isset($this->foundDeleted)) {
204	204	$this->fetchDetails();
205	205	}
206		- return (int)$this->foundDeleted;
	206	+ return (int) $this->foundDeleted;
207	207	}
208	208
209	209	/**

		@@ -37,13 +37,13 @@ discard block
		block discarded – undo
37	37	$l = \OC::$server->getL10N('user_ldap');
38	38
39	39	if (!isset($_POST['action'])) {
40		- \OC_JSON::error(['message' => $l->t('No action specified')]);
	40	+ \OC_JSON::error(['message' => $l->t('No action specified')]);
41	41	}
42	42	$action = (string)$_POST['action'];
43	43
44	44
45	45	if (!isset($_POST['ldap_serverconfig_chooser'])) {
46		- \OC_JSON::error(['message' => $l->t('No configuration specified')]);
	46	+ \OC_JSON::error(['message' => $l->t('No configuration specified')]);
47	47	}
48	48	$prefix = (string)$_POST['ldap_serverconfig_chooser'];
49	49
		@@ -56,97 +56,97 @@ discard block
		block discarded – undo
56	56	$con->setIgnoreValidation(true);
57	57
58	58	$userManager = new \OCA\User_LDAP\User\Manager(
59		- \OC::$server->getConfig(),
60		- new \OCA\User_LDAP\FilesystemHelper(),
61		- new \OCA\User_LDAP\LogWrapper(),
62		- \OC::$server->getAvatarManager(),
63		- new \OCP\Image(),
64		- \OC::$server->getUserManager(),
65		- \OC::$server->getNotificationManager(),
66		- \OC::$server->get(\OCP\Share\IManager::class)
	59	+ \OC::$server->getConfig(),
	60	+ new \OCA\User_LDAP\FilesystemHelper(),
	61	+ new \OCA\User_LDAP\LogWrapper(),
	62	+ \OC::$server->getAvatarManager(),
	63	+ new \OCP\Image(),
	64	+ \OC::$server->getUserManager(),
	65	+ \OC::$server->getNotificationManager(),
	66	+ \OC::$server->get(\OCP\Share\IManager::class)
67	67	);
68	68
69	69	$access = new \OCA\User_LDAP\Access(
70		- $con,
71		- $ldapWrapper,
72		- $userManager,
73		- new \OCA\User_LDAP\Helper(\OC::$server->getConfig()),
74		- \OC::$server->getConfig(),
75		- \OC::$server->getUserManager()
	70	+ $con,
	71	+ $ldapWrapper,
	72	+ $userManager,
	73	+ new \OCA\User_LDAP\Helper(\OC::$server->getConfig()),
	74	+ \OC::$server->getConfig(),
	75	+ \OC::$server->getUserManager()
76	76	);
77	77
78	78	$wizard = new \OCA\User_LDAP\Wizard($configuration, $ldapWrapper, $access);
79	79
80	80	switch ($action) {
81		- case 'guessPortAndTLS':
82		- case 'guessBaseDN':
83		- case 'detectEmailAttribute':
84		- case 'detectUserDisplayNameAttribute':
85		- case 'determineGroupMemberAssoc':
86		- case 'determineUserObjectClasses':
87		- case 'determineGroupObjectClasses':
88		- case 'determineGroupsForUsers':
89		- case 'determineGroupsForGroups':
90		- case 'determineAttributes':
91		- case 'getUserListFilter':
92		- case 'getUserLoginFilter':
93		- case 'getGroupFilter':
94		- case 'countUsers':
95		- case 'countGroups':
96		- case 'countInBaseDN':
97		- try {
98		- $result = $wizard->$action();
99		- if ($result !== false) {
100		- \OC_JSON::success($result->getResultArray());
101		- exit;
102		- }
103		- } catch (\Exception $e) {
104		- \OC_JSON::error(['message' => $e->getMessage(), 'code' => $e->getCode()]);
105		- exit;
106		- }
107		- \OC_JSON::error();
108		- exit;
109		- break;
	81	+ case 'guessPortAndTLS':
	82	+ case 'guessBaseDN':
	83	+ case 'detectEmailAttribute':
	84	+ case 'detectUserDisplayNameAttribute':
	85	+ case 'determineGroupMemberAssoc':
	86	+ case 'determineUserObjectClasses':
	87	+ case 'determineGroupObjectClasses':
	88	+ case 'determineGroupsForUsers':
	89	+ case 'determineGroupsForGroups':
	90	+ case 'determineAttributes':
	91	+ case 'getUserListFilter':
	92	+ case 'getUserLoginFilter':
	93	+ case 'getGroupFilter':
	94	+ case 'countUsers':
	95	+ case 'countGroups':
	96	+ case 'countInBaseDN':
	97	+ try {
	98	+ $result = $wizard->$action();
	99	+ if ($result !== false) {
	100	+ \OC_JSON::success($result->getResultArray());
	101	+ exit;
	102	+ }
	103	+ } catch (\Exception $e) {
	104	+ \OC_JSON::error(['message' => $e->getMessage(), 'code' => $e->getCode()]);
	105	+ exit;
	106	+ }
	107	+ \OC_JSON::error();
	108	+ exit;
	109	+ break;
110	110
111		- case 'testLoginName': {
112		- try {
113		- $loginName = $_POST['ldap_test_loginname'];
114		- $result = $wizard->$action($loginName);
115		- if ($result !== false) {
116		- \OC_JSON::success($result->getResultArray());
117		- exit;
118		- }
119		- } catch (\Exception $e) {
120		- \OC_JSON::error(['message' => $e->getMessage()]);
121		- exit;
122		- }
123		- \OC_JSON::error();
124		- exit;
125		- break;
126		- }
	111	+ case 'testLoginName': {
	112	+ try {
	113	+ $loginName = $_POST['ldap_test_loginname'];
	114	+ $result = $wizard->$action($loginName);
	115	+ if ($result !== false) {
	116	+ \OC_JSON::success($result->getResultArray());
	117	+ exit;
	118	+ }
	119	+ } catch (\Exception $e) {
	120	+ \OC_JSON::error(['message' => $e->getMessage()]);
	121	+ exit;
	122	+ }
	123	+ \OC_JSON::error();
	124	+ exit;
	125	+ break;
	126	+ }
127	127
128		- case 'save':
129		- $key = isset($_POST['cfgkey']) ? $_POST['cfgkey'] : false;
130		- $val = isset($_POST['cfgval']) ? $_POST['cfgval'] : null;
131		- if ($key === false \|\| is_null($val)) {
132		- \OC_JSON::error(['message' => $l->t('No data specified')]);
133		- exit;
134		- }
135		- $cfg = [$key => $val];
136		- $setParameters = [];
137		- $configuration->setConfiguration($cfg, $setParameters);
138		- if (!in_array($key, $setParameters)) {
139		- \OC_JSON::error(['message' => $l->t($key.
140		- ' Could not set configuration %s', $setParameters[0])]);
141		- exit;
142		- }
143		- $configuration->saveConfiguration();
144		- //clear the cache on save
145		- $connection = new \OCA\User_LDAP\Connection($ldapWrapper, $prefix);
146		- $connection->clearCache();
147		- \OC_JSON::success();
148		- break;
149		- default:
150		- \OC_JSON::error(['message' => $l->t('Action does not exist')]);
151		- break;
	128	+ case 'save':
	129	+ $key = isset($_POST['cfgkey']) ? $_POST['cfgkey'] : false;
	130	+ $val = isset($_POST['cfgval']) ? $_POST['cfgval'] : null;
	131	+ if ($key === false \|\| is_null($val)) {
	132	+ \OC_JSON::error(['message' => $l->t('No data specified')]);
	133	+ exit;
	134	+ }
	135	+ $cfg = [$key => $val];
	136	+ $setParameters = [];
	137	+ $configuration->setConfiguration($cfg, $setParameters);
	138	+ if (!in_array($key, $setParameters)) {
	139	+ \OC_JSON::error(['message' => $l->t($key.
	140	+ ' Could not set configuration %s', $setParameters[0])]);
	141	+ exit;
	142	+ }
	143	+ $configuration->saveConfiguration();
	144	+ //clear the cache on save
	145	+ $connection = new \OCA\User_LDAP\Connection($ldapWrapper, $prefix);
	146	+ $connection->clearCache();
	147	+ \OC_JSON::success();
	148	+ break;
	149	+ default:
	150	+ \OC_JSON::error(['message' => $l->t('Action does not exist')]);
	151	+ break;
152	152	}

nextcloud / server

Push — master ( ae54ae...41fe4d )

Status

Category

Indentation +183 added lines, -183 removed lines patch added patch discarded remove patch

Spacing +7 added lines, -8 removed lines patch added patch discarded remove patch

Indentation +329 added lines, -329 removed lines patch added patch discarded remove patch

Indentation +1975 added lines, -1975 removed lines patch added patch discarded remove patch

Indentation +8 added lines, -8 removed lines patch added patch discarded remove patch

Indentation +181 added lines, -181 removed lines patch added patch discarded remove patch

Indentation +198 added lines, -198 removed lines patch added patch discarded remove patch

Indentation +69 added lines, -69 removed lines patch added patch discarded remove patch

Indentation +217 added lines, -217 removed lines patch added patch discarded remove patch

Spacing +2 added lines, -2 removed lines patch added patch discarded remove patch

Indentation +85 added lines, -85 removed lines patch added patch discarded remove patch