nextcloud / server

apps/user_ldap/lib/Access.php

Spacing +190 added lines, -190 removed lines

@@ -129,7 +129,7 @@ 
 	 * @return AbstractMapping
 	 */
 	public function getUserMapper() {
-		if(is_null($this->userMapper)) {
+		if (is_null($this->userMapper)) {
 			throw new \Exception('UserMapper was not assigned to this Access instance.');
 		}
 		return $this->userMapper;
@@ -149,7 +149,7 @@ 
 	 * @return AbstractMapping
 	 */
 	public function getGroupMapper() {
-		if(is_null($this->groupMapper)) {
+		if (is_null($this->groupMapper)) {
 			throw new \Exception('GroupMapper was not assigned to this Access instance.');
 		}
 		return $this->groupMapper;
@@ -182,14 +182,14 @@ 
 	 * @throws ServerNotAvailableException
 	 */
 	public function readAttribute($dn, $attr, $filter = 'objectClass=*') {
-		if(!$this->checkConnection()) {
+		if (!$this->checkConnection()) {
 			\OCP\Util::writeLog('user_ldap',
 				'No LDAP Connector assigned, access impossible for readAttribute.',
 				ILogger::WARN);
 			return false;
 		}
 		$cr = $this->connection->getConnectionResource();
-		if(!$this->ldap->isResource($cr)) {
+		if (!$this->ldap->isResource($cr)) {
 			//LDAP not available
 			\OCP\Util::writeLog('user_ldap', 'LDAP resource not available.', ILogger::DEBUG);
 			return false;
@@ -199,7 +199,7 @@ 
 		$this->abandonPagedSearch();
 		// openLDAP requires that we init a new Paged Search. Not needed by AD,
 		// but does not hurt either.
-		$pagingSize = (int)$this->connection->ldapPagingSize;
+		$pagingSize = (int) $this->connection->ldapPagingSize;
 		// 0 won't result in replies, small numbers may leave out groups
 		// (cf. #12306), 500 is default for paging and should work everywhere.
 		$maxResults = $pagingSize > 20 ? $pagingSize : 500;
@@ -212,7 +212,7 @@ 
 		$isRangeRequest = false;
 		do {
 			$result = $this->executeRead($cr, $dn, $attrToRead, $filter, $maxResults);
-			if(is_bool($result)) {
+			if (is_bool($result)) {
 				// when an exists request was run and it was successful, an empty
 				// array must be returned
 				return $result ? [] : false;
@@ -229,22 +229,22 @@ 
 			$result = $this->extractRangeData($result, $attr);
 			if (!empty($result)) {
 				$normalizedResult = $this->extractAttributeValuesFromResult(
-					[ $attr => $result['values'] ],
+					[$attr => $result['values']],
 					$attr
 				);
 				$values = array_merge($values, $normalizedResult);
 
-				if($result['rangeHigh'] === '*') {
+				if ($result['rangeHigh'] === '*') {
 					// when server replies with * as high range value, there are
 					// no more results left
 					return $values;
 				} else {
-					$low  = $result['rangeHigh'] + 1;
-					$attrToRead = $result['attributeName'] . ';range=' . $low . '-*';
+					$low = $result['rangeHigh'] + 1;
+					$attrToRead = $result['attributeName'].';range='.$low.'-*';
 					$isRangeRequest = true;
 				}
 			}
-		} while($isRangeRequest);
+		} while ($isRangeRequest);
 
 		\OCP\Util::writeLog('user_ldap', 'Requested attribute '.$attr.' not found for '.$dn, ILogger::DEBUG);
 		return false;
@@ -270,13 +270,13 @@ 
 		if (!$this->ldap->isResource($rr)) {
 			if ($attribute !== '') {
 				//do not throw this message on userExists check, irritates
-				\OCP\Util::writeLog('user_ldap', 'readAttribute failed for DN ' . $dn, ILogger::DEBUG);
+				\OCP\Util::writeLog('user_ldap', 'readAttribute failed for DN '.$dn, ILogger::DEBUG);
 			}
 			//in case an error occurs , e.g. object does not exist
 			return false;
 		}
 		if ($attribute === '' && ($filter === 'objectclass=*' || $this->invokeLDAPMethod('countEntries', $cr, $rr) === 1)) {
-			\OCP\Util::writeLog('user_ldap', 'readAttribute: ' . $dn . ' found', ILogger::DEBUG);
+			\OCP\Util::writeLog('user_ldap', 'readAttribute: '.$dn.' found', ILogger::DEBUG);
 			return true;
 		}
 		$er = $this->invokeLDAPMethod('firstEntry', $cr, $rr);
@@ -301,12 +301,12 @@ 
 	 */
 	public function extractAttributeValuesFromResult($result, $attribute) {
 		$values = [];
-		if(isset($result[$attribute]) && $result[$attribute]['count'] > 0) {
+		if (isset($result[$attribute]) && $result[$attribute]['count'] > 0) {
 			$lowercaseAttribute = strtolower($attribute);
-			for($i=0;$i<$result[$attribute]['count'];$i++) {
-				if($this->resemblesDN($attribute)) {
+			for ($i = 0; $i < $result[$attribute]['count']; $i++) {
+				if ($this->resemblesDN($attribute)) {
 					$values[] = $this->helper->sanitizeDN($result[$attribute][$i]);
-				} elseif($lowercaseAttribute === 'objectguid' || $lowercaseAttribute === 'guid') {
+				} elseif ($lowercaseAttribute === 'objectguid' || $lowercaseAttribute === 'guid') {
 					$values[] = $this->convertObjectGUID2Str($result[$attribute][$i]);
 				} else {
 					$values[] = $result[$attribute][$i];
@@ -328,10 +328,10 @@ 
 	 */
 	public function extractRangeData($result, $attribute) {
 		$keys = array_keys($result);
-		foreach($keys as $key) {
-			if($key !== $attribute && strpos($key, $attribute) === 0) {
+		foreach ($keys as $key) {
+			if ($key !== $attribute && strpos($key, $attribute) === 0) {
 				$queryData = explode(';', $key);
-				if(strpos($queryData[1], 'range=') === 0) {
+				if (strpos($queryData[1], 'range=') === 0) {
 					$high = substr($queryData[1], 1 + strpos($queryData[1], '-'));
 					$data = [
 						'values' => $result[$key],
@@ -356,18 +356,18 @@ 
 	 * @throws \Exception
 	 */
 	public function setPassword($userDN, $password) {
-		if((int)$this->connection->turnOnPasswordChange !== 1) {
+		if ((int) $this->connection->turnOnPasswordChange !== 1) {
 			throw new \Exception('LDAP password changes are disabled.');
 		}
 		$cr = $this->connection->getConnectionResource();
-		if(!$this->ldap->isResource($cr)) {
+		if (!$this->ldap->isResource($cr)) {
 			//LDAP not available
 			\OCP\Util::writeLog('user_ldap', 'LDAP resource not available.', ILogger::DEBUG);
 			return false;
 		}
 		try {
 			return @$this->invokeLDAPMethod('modReplace', $cr, $userDN, $password);
-		} catch(ConstraintViolationException $e) {
+		} catch (ConstraintViolationException $e) {
 			throw new HintException('Password change rejected.', \OC::$server->getL10N('user_ldap')->t('Password change rejected. Hint: ').$e->getMessage(), $e->getCode());
 		}
 	}
@@ -409,17 +409,17 @@ 
 	 */
 	public function getDomainDNFromDN($dn) {
 		$allParts = $this->ldap->explodeDN($dn, 0);
-		if($allParts === false) {
+		if ($allParts === false) {
 			//not a valid DN
 			return '';
 		}
 		$domainParts = array();
 		$dcFound = false;
-		foreach($allParts as $part) {
-			if(!$dcFound && strpos($part, 'dc=') === 0) {
+		foreach ($allParts as $part) {
+			if (!$dcFound && strpos($part, 'dc=') === 0) {
 				$dcFound = true;
 			}
-			if($dcFound) {
+			if ($dcFound) {
 				$domainParts[] = $part;
 			}
 		}
@@ -445,7 +445,7 @@ 
 
 		//Check whether the DN belongs to the Base, to avoid issues on multi-
 		//server setups
-		if(is_string($fdn) && $this->isDNPartOfBase($fdn, $this->connection->ldapBaseUsers)) {
+		if (is_string($fdn) && $this->isDNPartOfBase($fdn, $this->connection->ldapBaseUsers)) {
 			return $fdn;
 		}
 
@@ -462,7 +462,7 @@ 
 		//To avoid bypassing the base DN settings under certain circumstances
 		//with the group support, check whether the provided DN matches one of
 		//the given Bases
-		if(!$this->isDNPartOfBase($fdn, $this->connection->ldapBaseGroups)) {
+		if (!$this->isDNPartOfBase($fdn, $this->connection->ldapBaseGroups)) {
 			return false;
 		}
 
@@ -480,11 +480,11 @@ 
 	 */
 	public function groupsMatchFilter($groupDNs) {
 		$validGroupDNs = [];
-		foreach($groupDNs as $dn) {
+		foreach ($groupDNs as $dn) {
 			$cacheKey = 'groupsMatchFilter-'.$dn;
 			$groupMatchFilter = $this->connection->getFromCache($cacheKey);
-			if(!is_null($groupMatchFilter)) {
-				if($groupMatchFilter) {
+			if (!is_null($groupMatchFilter)) {
+				if ($groupMatchFilter) {
 					$validGroupDNs[] = $dn;
 				}
 				continue;
@@ -492,13 +492,13 @@ 
 
 			// Check the base DN first. If this is not met already, we don't
 			// need to ask the server at all.
-			if(!$this->isDNPartOfBase($dn, $this->connection->ldapBaseGroups)) {
+			if (!$this->isDNPartOfBase($dn, $this->connection->ldapBaseGroups)) {
 				$this->connection->writeToCache($cacheKey, false);
 				continue;
 			}
 
 			$result = $this->readAttribute($dn, '', $this->connection->ldapGroupFilter);
-			if(is_array($result)) {
+			if (is_array($result)) {
 				$this->connection->writeToCache($cacheKey, true);
 				$validGroupDNs[] = $dn;
 			} else {
@@ -519,7 +519,7 @@ 
 		//To avoid bypassing the base DN settings under certain circumstances
 		//with the group support, check whether the provided DN matches one of
 		//the given Bases
-		if(!$this->isDNPartOfBase($fdn, $this->connection->ldapBaseUsers)) {
+		if (!$this->isDNPartOfBase($fdn, $this->connection->ldapBaseUsers)) {
 			return false;
 		}
 
@@ -539,7 +539,7 @@ 
 	 */
 	public function dn2ocname($fdn, $ldapName = null, $isUser = true, &$newlyMapped = null, array $record = null) {
 		$newlyMapped = false;
-		if($isUser) {
+		if ($isUser) {
 			$mapper = $this->getUserMapper();
 			$nameAttribute = $this->connection->ldapUserDisplayName;
 			$filter = $this->connection->ldapUserFilter;
@@ -551,15 +551,15 @@ 
 
 		//let's try to retrieve the Nextcloud name from the mappings table
 		$ncName = $mapper->getNameByDN($fdn);
-		if(is_string($ncName)) {
+		if (is_string($ncName)) {
 			return $ncName;
 		}
 
 		//second try: get the UUID and check if it is known. Then, update the DN and return the name.
 		$uuid = $this->getUUID($fdn, $isUser, $record);
-		if(is_string($uuid)) {
+		if (is_string($uuid)) {
 			$ncName = $mapper->getNameByUUID($uuid);
-			if(is_string($ncName)) {
+			if (is_string($ncName)) {
 				$mapper->setDNbyUUID($fdn, $uuid);
 				return $ncName;
 			}
@@ -569,17 +569,17 @@ 
 			return false;
 		}
 
-		if(is_null($ldapName)) {
+		if (is_null($ldapName)) {
 			$ldapName = $this->readAttribute($fdn, $nameAttribute, $filter);
-			if(!isset($ldapName[0]) && empty($ldapName[0])) {
+			if (!isset($ldapName[0]) && empty($ldapName[0])) {
 				\OCP\Util::writeLog('user_ldap', 'No or empty name for '.$fdn.' with filter '.$filter.'.', ILogger::INFO);
 				return false;
 			}
 			$ldapName = $ldapName[0];
 		}
 
-		if($isUser) {
-			$usernameAttribute = (string)$this->connection->ldapExpertUsernameAttr;
+		if ($isUser) {
+			$usernameAttribute = (string) $this->connection->ldapExpertUsernameAttr;
 			if ($usernameAttribute !== '') {
 				$username = $this->readAttribute($fdn, $usernameAttribute);
 				$username = $username[0];
@@ -609,14 +609,14 @@ 
 		// outside of core user management will still cache the user as non-existing.
 		$originalTTL = $this->connection->ldapCacheTTL;
 		$this->connection->setConfiguration(['ldapCacheTTL' => 0]);
-		if( $intName !== ''
+		if ($intName !== ''
 			&& (($isUser && !$this->ncUserManager->userExists($intName))
 				|| (!$isUser && !\OC::$server->getGroupManager()->groupExists($intName))
 			)
 		) {
 			$this->connection->setConfiguration(['ldapCacheTTL' => $originalTTL]);
 			$newlyMapped = $this->mapAndAnnounceIfApplicable($mapper, $fdn, $intName, $uuid, $isUser);
-			if($newlyMapped) {
+			if ($newlyMapped) {
 				return $intName;
 			}
 		}
@@ -624,7 +624,7 @@ 
 		$this->connection->setConfiguration(['ldapCacheTTL' => $originalTTL]);
 		$altName = $this->createAltInternalOwnCloudName($intName, $isUser);
 		if (is_string($altName)) {
-			if($this->mapAndAnnounceIfApplicable($mapper, $fdn, $altName, $uuid, $isUser)) {
+			if ($this->mapAndAnnounceIfApplicable($mapper, $fdn, $altName, $uuid, $isUser)) {
 				$newlyMapped = true;
 				return $altName;
 			}
@@ -642,7 +642,7 @@ 
 		string $uuid,
 		bool $isUser
 	) :bool {
-		if($mapper->map($fdn, $name, $uuid)) {
+		if ($mapper->map($fdn, $name, $uuid)) {
 			if ($this->ncUserManager instanceof PublicEmitter && $isUser) {
 				$this->cacheUserExists($name);
 				$this->ncUserManager->emit('\OC\User', 'assignedUserId', [$name]);
@@ -681,7 +681,7 @@ 
 	 * @throws \Exception
 	 */
 	private function ldap2NextcloudNames($ldapObjects, $isUsers) {
-		if($isUsers) {
+		if ($isUsers) {
 			$nameAttribute = $this->connection->ldapUserDisplayName;
 			$sndAttribute  = $this->connection->ldapUserDisplayName2;
 		} else {
@@ -689,9 +689,9 @@ 
 		}
 		$nextcloudNames = [];
 
-		foreach($ldapObjects as $ldapObject) {
+		foreach ($ldapObjects as $ldapObject) {
 			$nameByLDAP = null;
-			if(    isset($ldapObject[$nameAttribute])
+			if (isset($ldapObject[$nameAttribute])
 				&& is_array($ldapObject[$nameAttribute])
 				&& isset($ldapObject[$nameAttribute][0])
 			) {
@@ -700,19 +700,19 @@ 
 			}
 
 			$ncName = $this->dn2ocname($ldapObject['dn'][0], $nameByLDAP, $isUsers);
-			if($ncName) {
+			if ($ncName) {
 				$nextcloudNames[] = $ncName;
-				if($isUsers) {
+				if ($isUsers) {
 					$this->updateUserState($ncName);
 					//cache the user names so it does not need to be retrieved
 					//again later (e.g. sharing dialogue).
-					if(is_null($nameByLDAP)) {
+					if (is_null($nameByLDAP)) {
 						continue;
 					}
 					$sndName = isset($ldapObject[$sndAttribute][0])
 						? $ldapObject[$sndAttribute][0] : '';
 					$this->cacheUserDisplayName($ncName, $nameByLDAP, $sndName);
-				} else if($nameByLDAP !== null) {
+				} else if ($nameByLDAP !== null) {
 					$this->cacheGroupDisplayName($ncName, $nameByLDAP);
 				}
 			}
@@ -728,7 +728,7 @@ 
 	 */
 	public function updateUserState($ncname) {
 		$user = $this->userManager->get($ncname);
-		if($user instanceof OfflineUser) {
+		if ($user instanceof OfflineUser) {
 			$user->unmark();
 		}
 	}
@@ -759,7 +759,7 @@ 
 	 */
 	public function cacheUserDisplayName($ocName, $displayName, $displayName2 = '') {
 		$user = $this->userManager->get($ocName);
-		if($user === null) {
+		if ($user === null) {
 			return;
 		}
 		$displayName = $user->composeAndStoreDisplayName($displayName, $displayName2);
@@ -768,7 +768,7 @@ 
 	}
 
 	public function cacheGroupDisplayName(string $ncName, string $displayName): void {
-		$cacheKey = 'group_getDisplayName' . $ncName;
+		$cacheKey = 'group_getDisplayName'.$ncName;
 		$this->connection->writeToCache($cacheKey, $displayName);
 	}
 
@@ -784,9 +784,9 @@ 
 		$attempts = 0;
 		//while loop is just a precaution. If a name is not generated within
 		//20 attempts, something else is very wrong. Avoids infinite loop.
-		while($attempts < 20){
-			$altName = $name . '_' . rand(1000,9999);
-			if(!$this->ncUserManager->userExists($altName)) {
+		while ($attempts < 20) {
+			$altName = $name.'_'.rand(1000, 9999);
+			if (!$this->ncUserManager->userExists($altName)) {
 				return $altName;
 			}
 			$attempts++;
@@ -808,25 +808,25 @@ 
 	 */
 	private function _createAltInternalOwnCloudNameForGroups($name) {
 		$usedNames = $this->groupMapper->getNamesBySearch($name, "", '_%');
-		if(!$usedNames || count($usedNames) === 0) {
+		if (!$usedNames || count($usedNames) === 0) {
 			$lastNo = 1; //will become name_2
 		} else {
 			natsort($usedNames);
 			$lastName = array_pop($usedNames);
-			$lastNo = (int)substr($lastName, strrpos($lastName, '_') + 1);
+			$lastNo = (int) substr($lastName, strrpos($lastName, '_') + 1);
 		}
-		$altName = $name.'_'. (string)($lastNo+1);
+		$altName = $name.'_'.(string) ($lastNo + 1);
 		unset($usedNames);
 
 		$attempts = 1;
-		while($attempts < 21){
+		while ($attempts < 21) {
 			// Check to be really sure it is unique
 			// while loop is just a precaution. If a name is not generated within
 			// 20 attempts, something else is very wrong. Avoids infinite loop.
-			if(!\OC::$server->getGroupManager()->groupExists($altName)) {
+			if (!\OC::$server->getGroupManager()->groupExists($altName)) {
 				return $altName;
 			}
-			$altName = $name . '_' . ($lastNo + $attempts);
+			$altName = $name.'_'.($lastNo + $attempts);
 			$attempts++;
 		}
 		return false;
@@ -841,7 +841,7 @@ 
 	private function createAltInternalOwnCloudName($name, $isUser) {
 		$originalTTL = $this->connection->ldapCacheTTL;
 		$this->connection->setConfiguration(array('ldapCacheTTL' => 0));
-		if($isUser) {
+		if ($isUser) {
 			$altName = $this->_createAltInternalOwnCloudNameForUsers($name);
 		} else {
 			$altName = $this->_createAltInternalOwnCloudNameForGroups($name);
@@ -889,13 +889,13 @@ 
 	public function fetchListOfUsers($filter, $attr, $limit = null, $offset = null, $forceApplyAttributes = false) {
 		$ldapRecords = $this->searchUsers($filter, $attr, $limit, $offset);
 		$recordsToUpdate = $ldapRecords;
-		if(!$forceApplyAttributes) {
+		if (!$forceApplyAttributes) {
 			$isBackgroundJobModeAjax = $this->config
 					->getAppValue('core', 'backgroundjobs_mode', 'ajax') === 'ajax';
 			$recordsToUpdate = array_filter($ldapRecords, function($record) use ($isBackgroundJobModeAjax) {
 				$newlyMapped = false;
 				$uid = $this->dn2ocname($record['dn'][0], null, true, $newlyMapped, $record);
-				if(is_string($uid)) {
+				if (is_string($uid)) {
 					$this->cacheUserExists($uid);
 				}
 				return ($uid !== false) && ($newlyMapped || $isBackgroundJobModeAjax);
@@ -913,15 +913,15 @@ 
 	 * @param array $ldapRecords
 	 * @throws \Exception
 	 */
-	public function batchApplyUserAttributes(array $ldapRecords){
+	public function batchApplyUserAttributes(array $ldapRecords) {
 		$displayNameAttribute = strtolower($this->connection->ldapUserDisplayName);
-		foreach($ldapRecords as $userRecord) {
-			if(!isset($userRecord[$displayNameAttribute])) {
+		foreach ($ldapRecords as $userRecord) {
+			if (!isset($userRecord[$displayNameAttribute])) {
 				// displayName is obligatory
 				continue;
 			}
-			$ocName  = $this->dn2ocname($userRecord['dn'][0], null, true);
-			if($ocName === false) {
+			$ocName = $this->dn2ocname($userRecord['dn'][0], null, true);
+			if ($ocName === false) {
 				continue;
 			}
 			$this->updateUserState($ocName);
@@ -954,8 +954,8 @@ 
 	 * @return array
 	 */
 	private function fetchList($list, $manyAttributes) {
-		if(is_array($list)) {
-			if($manyAttributes) {
+		if (is_array($list)) {
+			if ($manyAttributes) {
 				return $list;
 			} else {
 				$list = array_reduce($list, function($carry, $item) {
@@ -983,7 +983,7 @@ 
 	 */
 	public function searchUsers($filter, $attr = null, $limit = null, $offset = null) {
 		$result = [];
-		foreach($this->connection->ldapBaseUsers as $base) {
+		foreach ($this->connection->ldapBaseUsers as $base) {
 			$result = array_merge($result, $this->search($filter, [$base], $attr, $limit, $offset));
 		}
 		return $result;
@@ -998,9 +998,9 @@ 
 	 */
 	public function countUsers($filter, $attr = array('dn'), $limit = null, $offset = null) {
 		$result = false;
-		foreach($this->connection->ldapBaseUsers as $base) {
+		foreach ($this->connection->ldapBaseUsers as $base) {
 			$count = $this->count($filter, [$base], $attr, $limit, $offset);
-			$result = is_int($count) ? (int)$result + $count : $result;
+			$result = is_int($count) ? (int) $result + $count : $result;
 		}
 		return $result;
 	}
@@ -1017,7 +1017,7 @@ 
 	 */
 	public function searchGroups($filter, $attr = null, $limit = null, $offset = null) {
 		$result = [];
-		foreach($this->connection->ldapBaseGroups as $base) {
+		foreach ($this->connection->ldapBaseGroups as $base) {
 			$result = array_merge($result, $this->search($filter, [$base], $attr, $limit, $offset));
 		}
 		return $result;
@@ -1033,9 +1033,9 @@ 
 	 */
 	public function countGroups($filter, $attr = array('dn'), $limit = null, $offset = null) {
 		$result = false;
-		foreach($this->connection->ldapBaseGroups as $base) {
+		foreach ($this->connection->ldapBaseGroups as $base) {
 			$count = $this->count($filter, [$base], $attr, $limit, $offset);
-			$result = is_int($count) ? (int)$result + $count : $result;
+			$result = is_int($count) ? (int) $result + $count : $result;
 		}
 		return $result;
 	}
@@ -1049,9 +1049,9 @@ 
 	 */
 	public function countObjects($limit = null, $offset = null) {
 		$result = false;
-		foreach($this->connection->ldapBase as $base) {
+		foreach ($this->connection->ldapBase as $base) {
 			$count = $this->count('objectclass=*', [$base], ['dn'], $limit, $offset);
-			$result = is_int($count) ? (int)$result + $count : $result;
+			$result = is_int($count) ? (int) $result + $count : $result;
 		}
 		return $result;
 	}
@@ -1076,7 +1076,7 @@ 
 		// php no longer supports call-time pass-by-reference
 		// thus cannot support controlPagedResultResponse as the third argument
 		// is a reference
-		$doMethod = function () use ($command, &$arguments) {
+		$doMethod = function() use ($command, &$arguments) {
 			if ($command == 'controlPagedResultResponse') {
 				throw new \InvalidArgumentException('Invoker does not support controlPagedResultResponse, call LDAP Wrapper directly instead.');
 			} else {
@@ -1094,7 +1094,7 @@ 
 			$this->connection->resetConnectionResource();
 			$cr = $this->connection->getConnectionResource();
 
-			if(!$this->ldap->isResource($cr)) {
+			if (!$this->ldap->isResource($cr)) {
 				// Seems like we didn't find any resource.
 				\OCP\Util::writeLog('user_ldap', "Could not $command, because resource is missing.", ILogger::DEBUG);
 				throw $e;
@@ -1119,13 +1119,13 @@ 
 	 * @throws ServerNotAvailableException
 	 */
 	private function executeSearch($filter, $base, &$attr = null, $limit = null, $offset = null) {
-		if(!is_null($attr) && !is_array($attr)) {
+		if (!is_null($attr) && !is_array($attr)) {
 			$attr = array(mb_strtolower($attr, 'UTF-8'));
 		}
 
 		// See if we have a resource, in case not cancel with message
 		$cr = $this->connection->getConnectionResource();
-		if(!$this->ldap->isResource($cr)) {
+		if (!$this->ldap->isResource($cr)) {
 			// Seems like we didn't find any resource.
 			// Return an empty array just like before.
 			\OCP\Util::writeLog('user_ldap', 'Could not search, because resource is missing.', ILogger::DEBUG);
@@ -1133,13 +1133,13 @@ 
 		}
 
 		//check whether paged search should be attempted
-		$pagedSearchOK = $this->initPagedSearch($filter, $base, $attr, (int)$limit, $offset);
+		$pagedSearchOK = $this->initPagedSearch($filter, $base, $attr, (int) $limit, $offset);
 
 		$linkResources = array_pad(array(), count($base), $cr);
 		$sr = $this->invokeLDAPMethod('search', $linkResources, $base, $filter, $attr);
 		// cannot use $cr anymore, might have changed in the previous call!
 		$error = $this->ldap->errno($this->connection->getConnectionResource());
-		if(!is_array($sr) || $error !== 0) {
+		if (!is_array($sr) || $error !== 0) {
 			\OCP\Util::writeLog('user_ldap', 'Attempt for Paging?  '.print_r($pagedSearchOK, true), ILogger::ERROR);
 			return false;
 		}
@@ -1162,29 +1162,29 @@ 
 	 */
 	private function processPagedSearchStatus($sr, $filter, $base, $iFoundItems, $limit, $offset, $pagedSearchOK, $skipHandling) {
 		$cookie = null;
-		if($pagedSearchOK) {
+		if ($pagedSearchOK) {
 			$cr = $this->connection->getConnectionResource();
-			foreach($sr as $key => $res) {
-				if($this->ldap->controlPagedResultResponse($cr, $res, $cookie)) {
+			foreach ($sr as $key => $res) {
+				if ($this->ldap->controlPagedResultResponse($cr, $res, $cookie)) {
 					$this->setPagedResultCookie($base[$key], $filter, $limit, $offset, $cookie);
 				}
 			}
 
 			//browsing through prior pages to get the cookie for the new one
-			if($skipHandling) {
+			if ($skipHandling) {
 				return false;
 			}
 			// if count is bigger, then the server does not support
 			// paged search. Instead, he did a normal search. We set a
 			// flag here, so the callee knows how to deal with it.
-			if($iFoundItems <= $limit) {
+			if ($iFoundItems <= $limit) {
 				$this->pagedSearchedSuccessful = true;
 			}
 		} else {
-			if(!is_null($limit) && (int)$this->connection->ldapPagingSize !== 0) {
+			if (!is_null($limit) && (int) $this->connection->ldapPagingSize !== 0) {
 				\OC::$server->getLogger()->debug(
 					'Paged search was not available',
-					[ 'app' => 'user_ldap' ]
+					['app' => 'user_ldap']
 				);
 			}
 		}
@@ -1213,8 +1213,8 @@ 
 	private function count($filter, $base, $attr = null, $limit = null, $offset = null, $skipHandling = false) {
 		\OCP\Util::writeLog('user_ldap', 'Count filter:  '.print_r($filter, true), ILogger::DEBUG);
 
-		$limitPerPage = (int)$this->connection->ldapPagingSize;
-		if(!is_null($limit) && $limit < $limitPerPage && $limit > 0) {
+		$limitPerPage = (int) $this->connection->ldapPagingSize;
+		if (!is_null($limit) && $limit < $limitPerPage && $limit > 0) {
 			$limitPerPage = $limit;
 		}
 
@@ -1224,7 +1224,7 @@ 
 
 		do {
 			$search = $this->executeSearch($filter, $base, $attr, $limitPerPage, $offset);
-			if($search === false) {
+			if ($search === false) {
 				return $counter > 0 ? $counter : false;
 			}
 			list($sr, $pagedSearchOK) = $search;
@@ -1243,7 +1243,7 @@ 
 			 * Continue now depends on $hasMorePages value
 			 */
 			$continue = $pagedSearchOK && $hasMorePages;
-		} while($continue && (is_null($limit) || $limit <= 0 || $limit > $counter));
+		} while ($continue && (is_null($limit) || $limit <= 0 || $limit > $counter));
 
 		return $counter;
 	}
@@ -1255,8 +1255,8 @@ 
 	private function countEntriesInSearchResults($searchResults) {
 		$counter = 0;
 
-		foreach($searchResults as $res) {
-			$count = (int)$this->invokeLDAPMethod('countEntries', $this->connection->getConnectionResource(), $res);
+		foreach ($searchResults as $res) {
+			$count = (int) $this->invokeLDAPMethod('countEntries', $this->connection->getConnectionResource(), $res);
 			$counter += $count;
 		}
 
@@ -1276,8 +1276,8 @@ 
 	 * @throws ServerNotAvailableException
 	 */
 	public function search($filter, $base, $attr = null, $limit = null, $offset = null, $skipHandling = false) {
-		$limitPerPage = (int)$this->connection->ldapPagingSize;
-		if(!is_null($limit) && $limit < $limitPerPage && $limit > 0) {
+		$limitPerPage = (int) $this->connection->ldapPagingSize;
+		if (!is_null($limit) && $limit < $limitPerPage && $limit > 0) {
 			$limitPerPage = $limit;
 		}
 
@@ -1291,13 +1291,13 @@ 
 		$savedoffset = $offset;
 		do {
 			$search = $this->executeSearch($filter, $base, $attr, $limitPerPage, $offset);
-			if($search === false) {
+			if ($search === false) {
 				return [];
 			}
 			list($sr, $pagedSearchOK) = $search;
 			$cr = $this->connection->getConnectionResource();
 
-			if($skipHandling) {
+			if ($skipHandling) {
 				//i.e. result do not need to be fetched, we just need the cookie
 				//thus pass 1 or any other value as $iFoundItems because it is not
 				//used
@@ -1308,7 +1308,7 @@ 
 			}
 
 			$iFoundItems = 0;
-			foreach($sr as $res) {
+			foreach ($sr as $res) {
 				$findings = array_merge($findings, $this->invokeLDAPMethod('getEntries', $cr, $res));
 				$iFoundItems = max($iFoundItems, $findings['count']);
 				unset($findings['count']);
@@ -1324,27 +1324,27 @@ 
 
 		// if we're here, probably no connection resource is returned.
 		// to make Nextcloud behave nicely, we simply give back an empty array.
-		if(is_null($findings)) {
+		if (is_null($findings)) {
 			return array();
 		}
 
-		if(!is_null($attr)) {
+		if (!is_null($attr)) {
 			$selection = [];
 			$i = 0;
-			foreach($findings as $item) {
-				if(!is_array($item)) {
+			foreach ($findings as $item) {
+				if (!is_array($item)) {
 					continue;
 				}
 				$item = \OCP\Util::mb_array_change_key_case($item, MB_CASE_LOWER, 'UTF-8');
-				foreach($attr as $key) {
-					if(isset($item[$key])) {
-						if(is_array($item[$key]) && isset($item[$key]['count'])) {
+				foreach ($attr as $key) {
+					if (isset($item[$key])) {
+						if (is_array($item[$key]) && isset($item[$key]['count'])) {
 							unset($item[$key]['count']);
 						}
-						if($key !== 'dn') {
-							if($this->resemblesDN($key)) {
+						if ($key !== 'dn') {
+							if ($this->resemblesDN($key)) {
 								$selection[$i][$key] = $this->helper->sanitizeDN($item[$key]);
-							} else if($key === 'objectguid' || $key === 'guid') {
+							} else if ($key === 'objectguid' || $key === 'guid') {
 								$selection[$i][$key] = [$this->convertObjectGUID2Str($item[$key][0])];
 							} else {
 								$selection[$i][$key] = $item[$key];
@@ -1362,14 +1362,14 @@ 
 		//we slice the findings, when
 		//a) paged search unsuccessful, though attempted
 		//b) no paged search, but limit set
-		if((!$this->getPagedSearchResultState()
+		if ((!$this->getPagedSearchResultState()
 			&& $pagedSearchOK)
 			|| (
 				!$pagedSearchOK
 				&& !is_null($limit)
 			)
 		) {
-			$findings = array_slice($findings, (int)$offset, $limit);
+			$findings = array_slice($findings, (int) $offset, $limit);
 		}
 		return $findings;
 	}
@@ -1382,13 +1382,13 @@ 
 	public function sanitizeUsername($name) {
 		$name = trim($name);
 
-		if($this->connection->ldapIgnoreNamingRules) {
+		if ($this->connection->ldapIgnoreNamingRules) {
 			return $name;
 		}
 
 		// Transliteration to ASCII
 		$transliterated = @iconv('UTF-8', 'ASCII//TRANSLIT', $name);
-		if($transliterated !== false) {
+		if ($transliterated !== false) {
 			// depending on system config iconv can work or not
 			$name = $transliterated;
 		}
@@ -1399,7 +1399,7 @@ 
 		// Every remaining disallowed characters will be removed
 		$name = preg_replace('/[^a-zA-Z0-9_.@-]/u', '', $name);
 
-		if($name === '') {
+		if ($name === '') {
 			throw new \InvalidArgumentException('provided name template for username does not contain any allowed characters');
 		}
 
@@ -1414,13 +1414,13 @@ 
 	*/
 	public function escapeFilterPart($input, $allowAsterisk = false) {
 		$asterisk = '';
-		if($allowAsterisk && strlen($input) > 0 && $input[0] === '*') {
+		if ($allowAsterisk && strlen($input) > 0 && $input[0] === '*') {
 			$asterisk = '*';
 			$input = mb_substr($input, 1, null, 'UTF-8');
 		}
 		$search  = array('*', '\\', '(', ')');
 		$replace = array('\\*', '\\\\', '\\(', '\\)');
-		return $asterisk . str_replace($search, $replace, $input);
+		return $asterisk.str_replace($search, $replace, $input);
 	}
 
 	/**
@@ -1450,13 +1450,13 @@ 
 	 */
 	private function combineFilter($filters, $operator) {
 		$combinedFilter = '('.$operator;
-		foreach($filters as $filter) {
+		foreach ($filters as $filter) {
 			if ($filter !== '' && $filter[0] !== '(') {
 				$filter = '('.$filter.')';
 			}
-			$combinedFilter.=$filter;
+			$combinedFilter .= $filter;
 		}
-		$combinedFilter.=')';
+		$combinedFilter .= ')';
 		return $combinedFilter;
 	}
 
@@ -1492,17 +1492,17 @@ 
 	 * @throws \Exception
 	 */
 	private function getAdvancedFilterPartForSearch($search, $searchAttributes) {
-		if(!is_array($searchAttributes) || count($searchAttributes) < 2) {
+		if (!is_array($searchAttributes) || count($searchAttributes) < 2) {
 			throw new \Exception('searchAttributes must be an array with at least two string');
 		}
 		$searchWords = explode(' ', trim($search));
 		$wordFilters = array();
-		foreach($searchWords as $word) {
+		foreach ($searchWords as $word) {
 			$word = $this->prepareSearchTerm($word);
 			//every word needs to appear at least once
 			$wordMatchOneAttrFilters = array();
-			foreach($searchAttributes as $attr) {
-				$wordMatchOneAttrFilters[] = $attr . '=' . $word;
+			foreach ($searchAttributes as $attr) {
+				$wordMatchOneAttrFilters[] = $attr.'='.$word;
 			}
 			$wordFilters[] = $this->combineFilterWithOr($wordMatchOneAttrFilters);
 		}
@@ -1520,10 +1520,10 @@ 
 	private function getFilterPartForSearch($search, $searchAttributes, $fallbackAttribute) {
 		$filter = array();
 		$haveMultiSearchAttributes = (is_array($searchAttributes) && count($searchAttributes) > 0);
-		if($haveMultiSearchAttributes && strpos(trim($search), ' ') !== false) {
+		if ($haveMultiSearchAttributes && strpos(trim($search), ' ') !== false) {
 			try {
 				return $this->getAdvancedFilterPartForSearch($search, $searchAttributes);
-			} catch(\Exception $e) {
+			} catch (\Exception $e) {
 				\OCP\Util::writeLog(
 					'user_ldap',
 					'Creating advanced filter for search failed, falling back to simple method.',
@@ -1533,17 +1533,17 @@ 
 		}
 
 		$search = $this->prepareSearchTerm($search);
-		if(!is_array($searchAttributes) || count($searchAttributes) === 0) {
+		if (!is_array($searchAttributes) || count($searchAttributes) === 0) {
 			if ($fallbackAttribute === '') {
 				return '';
 			}
-			$filter[] = $fallbackAttribute . '=' . $search;
+			$filter[] = $fallbackAttribute.'='.$search;
 		} else {
-			foreach($searchAttributes as $attribute) {
-				$filter[] = $attribute . '=' . $search;
+			foreach ($searchAttributes as $attribute) {
+				$filter[] = $attribute.'='.$search;
 			}
 		}
-		if(count($filter) === 1) {
+		if (count($filter) === 1) {
 			return '('.$filter[0].')';
 		}
 		return $this->combineFilterWithOr($filter);
@@ -1564,7 +1564,7 @@ 
 		if ($term === '') {
 			$result = '*';
 		} else if ($allowEnum !== 'no') {
-			$result = $term . '*';
+			$result = $term.'*';
 		}
 		return $result;
 	}
@@ -1576,7 +1576,7 @@ 
 	public function getFilterForUserCount() {
 		$filter = $this->combineFilterWithAnd(array(
 			$this->connection->ldapUserFilter,
-			$this->connection->ldapUserDisplayName . '=*'
+			$this->connection->ldapUserDisplayName.'=*'
 		));
 
 		return $filter;
@@ -1594,7 +1594,7 @@ 
 			'ldapAgentName' => $name,
 			'ldapAgentPassword' => $password
 		);
-		if(!$testConnection->setConfiguration($credentials)) {
+		if (!$testConnection->setConfiguration($credentials)) {
 			return false;
 		}
 		return $testConnection->bind();
@@ -1616,30 +1616,30 @@ 
 			// Sacrebleu! The UUID attribute is unknown :( We need first an
 			// existing DN to be able to reliably detect it.
 			$result = $this->search($filter, $base, ['dn'], 1);
-			if(!isset($result[0]) || !isset($result[0]['dn'])) {
+			if (!isset($result[0]) || !isset($result[0]['dn'])) {
 				throw new \Exception('Cannot determine UUID attribute');
 			}
 			$dn = $result[0]['dn'][0];
-			if(!$this->detectUuidAttribute($dn, true)) {
+			if (!$this->detectUuidAttribute($dn, true)) {
 				throw new \Exception('Cannot determine UUID attribute');
 			}
 		} else {
 			// The UUID attribute is either known or an override is given.
 			// By calling this method we ensure that $this->connection->$uuidAttr
 			// is definitely set
-			if(!$this->detectUuidAttribute('', true)) {
+			if (!$this->detectUuidAttribute('', true)) {
 				throw new \Exception('Cannot determine UUID attribute');
 			}
 		}
 
 		$uuidAttr = $this->connection->ldapUuidUserAttribute;
-		if($uuidAttr === 'guid' || $uuidAttr === 'objectguid') {
+		if ($uuidAttr === 'guid' || $uuidAttr === 'objectguid') {
 			$uuid = $this->formatGuid2ForFilterUser($uuid);
 		}
 
-		$filter = $uuidAttr . '=' . $uuid;
+		$filter = $uuidAttr.'='.$uuid;
 		$result = $this->searchUsers($filter, ['dn'], 2);
-		if(is_array($result) && isset($result[0]) && isset($result[0]['dn']) && count($result) === 1) {
+		if (is_array($result) && isset($result[0]) && isset($result[0]['dn']) && count($result) === 1) {
 			// we put the count into account to make sure that this is
 			// really unique
 			return $result[0]['dn'][0];
@@ -1658,7 +1658,7 @@ 
 	 * @return bool true on success, false otherwise
 	 */
 	private function detectUuidAttribute($dn, $isUser = true, $force = false, array $ldapRecord = null) {
-		if($isUser) {
+		if ($isUser) {
 			$uuidAttr     = 'ldapUuidUserAttribute';
 			$uuidOverride = $this->connection->ldapExpertUUIDUserAttr;
 		} else {
@@ -1666,7 +1666,7 @@ 
 			$uuidOverride = $this->connection->ldapExpertUUIDGroupAttr;
 		}
 
-		if(($this->connection->$uuidAttr !== 'auto') && !$force) {
+		if (($this->connection->$uuidAttr !== 'auto') && !$force) {
 			return true;
 		}
 
@@ -1675,10 +1675,10 @@ 
 			return true;
 		}
 
-		foreach(self::UUID_ATTRIBUTES as $attribute) {
-			if($ldapRecord !== null) {
+		foreach (self::UUID_ATTRIBUTES as $attribute) {
+			if ($ldapRecord !== null) {
 				// we have the info from LDAP already, we don't need to talk to the server again
-				if(isset($ldapRecord[$attribute])) {
+				if (isset($ldapRecord[$attribute])) {
 					$this->connection->$uuidAttr = $attribute;
 					return true;
 				} else {
@@ -1687,7 +1687,7 @@ 
 			}
 
 			$value = $this->readAttribute($dn, $attribute);
-			if(is_array($value) && isset($value[0]) && !empty($value[0])) {
+			if (is_array($value) && isset($value[0]) && !empty($value[0])) {
 				\OCP\Util::writeLog(
 					'user_ldap',
 					'Setting '.$attribute.' as '.$uuidAttr,
@@ -1713,7 +1713,7 @@ 
 	 * @return bool|string
 	 */
 	public function getUUID($dn, $isUser = true, $ldapRecord = null) {
-		if($isUser) {
+		if ($isUser) {
 			$uuidAttr     = 'ldapUuidUserAttribute';
 			$uuidOverride = $this->connection->ldapExpertUUIDUserAttr;
 		} else {
@@ -1722,10 +1722,10 @@ 
 		}
 
 		$uuid = false;
-		if($this->detectUuidAttribute($dn, $isUser, false, $ldapRecord)) {
+		if ($this->detectUuidAttribute($dn, $isUser, false, $ldapRecord)) {
 			$attr = $this->connection->$uuidAttr;
 			$uuid = isset($ldapRecord[$attr]) ? $ldapRecord[$attr] : $this->readAttribute($dn, $attr);
-			if( !is_array($uuid)
+			if (!is_array($uuid)
 				&& $uuidOverride !== ''
 				&& $this->detectUuidAttribute($dn, $isUser, true, $ldapRecord))
 			{
@@ -1733,7 +1733,7 @@ 
 					? $ldapRecord[$this->connection->$uuidAttr]
 					: $this->readAttribute($dn, $this->connection->$uuidAttr);
 			}
-			if(is_array($uuid) && isset($uuid[0]) && !empty($uuid[0])) {
+			if (is_array($uuid) && isset($uuid[0]) && !empty($uuid[0])) {
 				$uuid = $uuid[0];
 			}
 		}
@@ -1750,19 +1750,19 @@ 
 	private function convertObjectGUID2Str($oguid) {
 		$hex_guid = bin2hex($oguid);
 		$hex_guid_to_guid_str = '';
-		for($k = 1; $k <= 4; ++$k) {
+		for ($k = 1; $k <= 4; ++$k) {
 			$hex_guid_to_guid_str .= substr($hex_guid, 8 - 2 * $k, 2);
 		}
 		$hex_guid_to_guid_str .= '-';
-		for($k = 1; $k <= 2; ++$k) {
+		for ($k = 1; $k <= 2; ++$k) {
 			$hex_guid_to_guid_str .= substr($hex_guid, 12 - 2 * $k, 2);
 		}
 		$hex_guid_to_guid_str .= '-';
-		for($k = 1; $k <= 2; ++$k) {
+		for ($k = 1; $k <= 2; ++$k) {
 			$hex_guid_to_guid_str .= substr($hex_guid, 16 - 2 * $k, 2);
 		}
-		$hex_guid_to_guid_str .= '-' . substr($hex_guid, 16, 4);
-		$hex_guid_to_guid_str .= '-' . substr($hex_guid, 20);
+		$hex_guid_to_guid_str .= '-'.substr($hex_guid, 16, 4);
+		$hex_guid_to_guid_str .= '-'.substr($hex_guid, 20);
 
 		return strtoupper($hex_guid_to_guid_str);
 	}
@@ -1779,11 +1779,11 @@ 
 	 * @return string
 	 */
 	public function formatGuid2ForFilterUser($guid) {
-		if(!is_string($guid)) {
+		if (!is_string($guid)) {
 			throw new \InvalidArgumentException('String expected');
 		}
 		$blocks = explode('-', $guid);
-		if(count($blocks) !== 5) {
+		if (count($blocks) !== 5) {
 			/*
 			 * Why not throw an Exception instead? This method is a utility
 			 * called only when trying to figure out whether a "missing" known
@@ -1796,20 +1796,20 @@ 
 			 * user. Instead we write a log message.
 			 */
 			\OC::$server->getLogger()->info(
-				'Passed string does not resemble a valid GUID. Known UUID ' .
+				'Passed string does not resemble a valid GUID. Known UUID '.
 				'({uuid}) probably does not match UUID configuration.',
-				[ 'app' => 'user_ldap', 'uuid' => $guid ]
+				['app' => 'user_ldap', 'uuid' => $guid]
 			);
 			return $guid;
 		}
-		for($i=0; $i < 3; $i++) {
+		for ($i = 0; $i < 3; $i++) {
 			$pairs = str_split($blocks[$i], 2);
 			$pairs = array_reverse($pairs);
 			$blocks[$i] = implode('', $pairs);
 		}
-		for($i=0; $i < 5; $i++) {
+		for ($i = 0; $i < 5; $i++) {
 			$pairs = str_split($blocks[$i], 2);
-			$blocks[$i] = '\\' . implode('\\', $pairs);
+			$blocks[$i] = '\\'.implode('\\', $pairs);
 		}
 		return implode('', $blocks);
 	}
@@ -1823,12 +1823,12 @@ 
 		$domainDN = $this->getDomainDNFromDN($dn);
 		$cacheKey = 'getSID-'.$domainDN;
 		$sid = $this->connection->getFromCache($cacheKey);
-		if(!is_null($sid)) {
+		if (!is_null($sid)) {
 			return $sid;
 		}
 
 		$objectSid = $this->readAttribute($domainDN, 'objectsid');
-		if(!is_array($objectSid) || empty($objectSid)) {
+		if (!is_array($objectSid) || empty($objectSid)) {
 			$this->connection->writeToCache($cacheKey, false);
 			return false;
 		}
@@ -1886,12 +1886,12 @@ 
 		$belongsToBase = false;
 		$bases = $this->helper->sanitizeDN($bases);
 
-		foreach($bases as $base) {
+		foreach ($bases as $base) {
 			$belongsToBase = true;
-			if(mb_strripos($dn, $base, 0, 'UTF-8') !== (mb_strlen($dn, 'UTF-8')-mb_strlen($base, 'UTF-8'))) {
+			if (mb_strripos($dn, $base, 0, 'UTF-8') !== (mb_strlen($dn, 'UTF-8') - mb_strlen($base, 'UTF-8'))) {
 				$belongsToBase = false;
 			}
-			if($belongsToBase) {
+			if ($belongsToBase) {
 				break;
 			}
 		}
@@ -1920,16 +1920,16 @@ 
 	 * @return string containing the key or empty if none is cached
 	 */
 	private function getPagedResultCookie($base, $filter, $limit, $offset) {
-		if($offset === 0) {
+		if ($offset === 0) {
 			return '';
 		}
 		$offset -= $limit;
 		//we work with cache here
-		$cacheKey = 'lc' . crc32($base) . '-' . crc32($filter) . '-' . (int)$limit . '-' . (int)$offset;
+		$cacheKey = 'lc'.crc32($base).'-'.crc32($filter).'-'.(int) $limit.'-'.(int) $offset;
 		$cookie = '';
-		if(isset($this->cookies[$cacheKey])) {
+		if (isset($this->cookies[$cacheKey])) {
 			$cookie = $this->cookies[$cacheKey];
-			if(is_null($cookie)) {
+			if (is_null($cookie)) {
 				$cookie = '';
 			}
 		}
@@ -1947,7 +1947,7 @@ 
 	 * @return bool
 	 */
 	public function hasMoreResults() {
-		if(empty($this->lastCookie) && $this->lastCookie !== '0') {
+		if (empty($this->lastCookie) && $this->lastCookie !== '0') {
 			// as in RFC 2696, when all results are returned, the cookie will
 			// be empty.
 			return false;
@@ -1967,8 +1967,8 @@ 
 	 */
 	private function setPagedResultCookie($base, $filter, $limit, $offset, $cookie) {
 		// allow '0' for 389ds
-		if(!empty($cookie) || $cookie === '0') {
-			$cacheKey = 'lc' . crc32($base) . '-' . crc32($filter) . '-' . (int)$limit . '-' . (int)$offset;
+		if (!empty($cookie) || $cookie === '0') {
+			$cacheKey = 'lc'.crc32($base).'-'.crc32($filter).'-'.(int) $limit.'-'.(int) $offset;
 			$this->cookies[$cacheKey] = $cookie;
 			$this->lastCookie = $cookie;
 		}
@@ -1996,16 +1996,16 @@ 
 	private function initPagedSearch($filter, $bases, $attr, $limit, $offset) {
 		$pagedSearchOK = false;
 		if ($limit !== 0) {
-			$offset = (int)$offset; //can be null
+			$offset = (int) $offset; //can be null
 			\OCP\Util::writeLog('user_ldap',
 				'initializing paged search for  Filter '.$filter.' base '.print_r($bases, true)
-				.' attr '.print_r($attr, true). ' limit ' .$limit.' offset '.$offset,
+				.' attr '.print_r($attr, true).' limit '.$limit.' offset '.$offset,
 				ILogger::DEBUG);
 			//get the cookie from the search for the previous search, required by LDAP
-			foreach($bases as $base) {
+			foreach ($bases as $base) {
 
 				$cookie = $this->getPagedResultCookie($base, $filter, $limit, $offset);
-				if(empty($cookie) && $cookie !== "0" && ($offset > 0)) {
+				if (empty($cookie) && $cookie !== "0" && ($offset > 0)) {
 					// no cookie known from a potential previous search. We need
 					// to start from 0 to come to the desired page. cookie value
 					// of '0' is valid, because 389ds
@@ -2015,17 +2015,17 @@ 
 					//still no cookie? obviously, the server does not like us. Let's skip paging efforts.
 					// '0' is valid, because 389ds
 					//TODO: remember this, probably does not change in the next request...
-					if(empty($cookie) && $cookie !== '0') {
+					if (empty($cookie) && $cookie !== '0') {
 						$cookie = null;
 					}
 				}
-				if(!is_null($cookie)) {
+				if (!is_null($cookie)) {
 					//since offset = 0, this is a new search. We abandon other searches that might be ongoing.
 					$this->abandonPagedSearch();
 					$pagedSearchOK = $this->invokeLDAPMethod('controlPagedResult',
 						$this->connection->getConnectionResource(), $limit,
 						false, $cookie);
-					if(!$pagedSearchOK) {
+					if (!$pagedSearchOK) {
 						return false;
 					}
 					\OCP\Util::writeLog('user_ldap', 'Ready for a paged search', ILogger::DEBUG);
@@ -2048,7 +2048,7 @@ 
 			$this->abandonPagedSearch();
 			// in case someone set it to 0 … use 500, otherwise no results will
 			// be returned.
-			$pageSize = (int)$this->connection->ldapPagingSize > 0 ? (int)$this->connection->ldapPagingSize : 500;
+			$pageSize = (int) $this->connection->ldapPagingSize > 0 ? (int) $this->connection->ldapPagingSize : 500;
 			$pagedSearchOK = $this->invokeLDAPMethod('controlPagedResult',
 				$this->connection->getConnectionResource(),
 				$pageSize, false, '');

apps/user_ldap/lib/Group_LDAP.php

Spacing +97 added lines, -97 removed lines

@@ -71,7 +71,7 @@ 
 		parent::__construct($access);
 		$filter = $this->access->connection->ldapGroupFilter;
 		$gassoc = $this->access->connection->ldapGroupMemberAssocAttr;
-		if(!empty($filter) && !empty($gassoc)) {
+		if (!empty($filter) && !empty($gassoc)) {
 			$this->enabled = true;
 		}
 
@@ -90,25 +90,25 @@ 
 	 * Checks whether the user is member of a group or not.
 	 */
 	public function inGroup($uid, $gid) {
-		if(!$this->enabled) {
+		if (!$this->enabled) {
 			return false;
 		}
 		$cacheKey = 'inGroup'.$uid.':'.$gid;
 		$inGroup = $this->access->connection->getFromCache($cacheKey);
-		if(!is_null($inGroup)) {
-			return (bool)$inGroup;
+		if (!is_null($inGroup)) {
+			return (bool) $inGroup;
 		}
 
 		$userDN = $this->access->username2dn($uid);
 
-		if(isset($this->cachedGroupMembers[$gid])) {
+		if (isset($this->cachedGroupMembers[$gid])) {
 			$isInGroup = in_array($userDN, $this->cachedGroupMembers[$gid]);
 			return $isInGroup;
 		}
 
 		$cacheKeyMembers = 'inGroup-members:'.$gid;
 		$members = $this->access->connection->getFromCache($cacheKeyMembers);
-		if(!is_null($members)) {
+		if (!is_null($members)) {
 			$this->cachedGroupMembers[$gid] = $members;
 			$isInGroup = in_array($userDN, $members);
 			$this->access->connection->writeToCache($cacheKey, $isInGroup);
@@ -117,13 +117,13 @@ 
 
 		$groupDN = $this->access->groupname2dn($gid);
 		// just in case
-		if(!$groupDN || !$userDN) {
+		if (!$groupDN || !$userDN) {
 			$this->access->connection->writeToCache($cacheKey, false);
 			return false;
 		}
 
 		//check primary group first
-		if($gid === $this->getUserPrimaryGroup($userDN)) {
+		if ($gid === $this->getUserPrimaryGroup($userDN)) {
 			$this->access->connection->writeToCache($cacheKey, true);
 			return true;
 		}
@@ -131,21 +131,21 @@ 
 		//usually, LDAP attributes are said to be case insensitive. But there are exceptions of course.
 		$members = $this->_groupMembers($groupDN);
 		$members = array_keys($members); // uids are returned as keys
-		if(!is_array($members) || count($members) === 0) {
+		if (!is_array($members) || count($members) === 0) {
 			$this->access->connection->writeToCache($cacheKey, false);
 			return false;
 		}
 
 		//extra work if we don't get back user DNs
-		if(strtolower($this->access->connection->ldapGroupMemberAssocAttr) === 'memberuid') {
+		if (strtolower($this->access->connection->ldapGroupMemberAssocAttr) === 'memberuid') {
 			$dns = array();
 			$filterParts = array();
 			$bytes = 0;
-			foreach($members as $mid) {
+			foreach ($members as $mid) {
 				$filter = str_replace('%uid', $mid, $this->access->connection->ldapLoginFilter);
 				$filterParts[] = $filter;
 				$bytes += strlen($filter);
-				if($bytes >= 9000000) {
+				if ($bytes >= 9000000) {
 					// AD has a default input buffer of 10 MB, we do not want
 					// to take even the chance to exceed it
 					$filter = $this->access->combineFilterWithOr($filterParts);
@@ -155,7 +155,7 @@ 
 					$dns = array_merge($dns, $users);
 				}
 			}
-			if(count($filterParts) > 0) {
+			if (count($filterParts) > 0) {
 				$filter = $this->access->combineFilterWithOr($filterParts);
 				$users = $this->access->fetchListOfUsers($filter, 'dn', count($filterParts));
 				$dns = array_merge($dns, $users);
@@ -198,14 +198,14 @@ 
 			$pos = strpos($memberURLs[0], '(');
 			if ($pos !== false) {
 				$memberUrlFilter = substr($memberURLs[0], $pos);
-				$foundMembers = $this->access->searchUsers($memberUrlFilter,'dn');
+				$foundMembers = $this->access->searchUsers($memberUrlFilter, 'dn');
 				$dynamicMembers = array();
-				foreach($foundMembers as $value) {
+				foreach ($foundMembers as $value) {
 					$dynamicMembers[$value['dn'][0]] = 1;
 				}
 			} else {
 				\OCP\Util::writeLog('user_ldap', 'No search filter found on member url '.
-					'of group ' . $dnGroup, ILogger::DEBUG);
+					'of group '.$dnGroup, ILogger::DEBUG);
 			}
 		}
 		return $dynamicMembers;
@@ -229,7 +229,7 @@ 
 		// used extensively in cron job, caching makes sense for nested groups
 		$cacheKey = '_groupMembers'.$dnGroup;
 		$groupMembers = $this->access->connection->getFromCache($cacheKey);
-		if($groupMembers !== null) {
+		if ($groupMembers !== null) {
 			return $groupMembers;
 		}
 		$seen[$dnGroup] = 1;
@@ -289,10 +289,10 @@ 
 		$recordMode = is_array($list) && isset($list[0]) && is_array($list[0]) && isset($list[0]['dn'][0]);
 
 		if ($nesting !== 1) {
-			if($recordMode) {
+			if ($recordMode) {
 				// the keys are numeric, but should hold the DN
-				return array_reduce($list, function ($transformed, $record) use ($dn) {
-					if($record['dn'][0] != $dn) {
+				return array_reduce($list, function($transformed, $record) use ($dn) {
+					if ($record['dn'][0] != $dn) {
 						$transformed[$record['dn'][0]] = $record;
 					}
 					return $transformed;
@@ -323,9 +323,9 @@ 
 	 * @return string|bool
 	 */
 	public function gidNumber2Name($gid, $dn) {
-		$cacheKey = 'gidNumberToName' . $gid;
+		$cacheKey = 'gidNumberToName'.$gid;
 		$groupName = $this->access->connection->getFromCache($cacheKey);
-		if(!is_null($groupName) && isset($groupName)) {
+		if (!is_null($groupName) && isset($groupName)) {
 			return $groupName;
 		}
 
@@ -333,10 +333,10 @@ 
 		$filter = $this->access->combineFilterWithAnd([
 			$this->access->connection->ldapGroupFilter,
 			'objectClass=posixGroup',
-			$this->access->connection->ldapGidNumber . '=' . $gid
+			$this->access->connection->ldapGidNumber.'='.$gid
 		]);
 		$result = $this->access->searchGroups($filter, array('dn'), 1);
-		if(empty($result)) {
+		if (empty($result)) {
 			return false;
 		}
 		$dn = $result[0]['dn'][0];
@@ -359,7 +359,7 @@ 
 	 */
 	private function getEntryGidNumber($dn, $attribute) {
 		$value = $this->access->readAttribute($dn, $attribute);
-		if(is_array($value) && !empty($value)) {
+		if (is_array($value) && !empty($value)) {
 			return $value[0];
 		}
 		return false;
@@ -381,9 +381,9 @@ 
 	 */
 	public function getUserGidNumber($dn) {
 		$gidNumber = false;
-		if($this->access->connection->hasGidNumber) {
+		if ($this->access->connection->hasGidNumber) {
 			$gidNumber = $this->getEntryGidNumber($dn, $this->access->connection->ldapGidNumber);
-			if($gidNumber === false) {
+			if ($gidNumber === false) {
 				$this->access->connection->hasGidNumber = false;
 			}
 		}
@@ -400,7 +400,7 @@ 
 	 */
 	private function prepareFilterForUsersHasGidNumber($groupDN, $search = '') {
 		$groupID = $this->getGroupGidNumber($groupDN);
-		if($groupID === false) {
+		if ($groupID === false) {
 			throw new \Exception('Not a valid group');
 		}
 
@@ -409,7 +409,7 @@ 
 		if ($search !== '') {
 			$filterParts[] = $this->access->getFilterPartForUserSearch($search);
 		}
-		$filterParts[] = $this->access->connection->ldapGidNumber .'=' . $groupID;
+		$filterParts[] = $this->access->connection->ldapGidNumber.'='.$groupID;
 
 		return $this->access->combineFilterWithAnd($filterParts);
 	}
@@ -451,7 +451,7 @@ 
 		try {
 			$filter = $this->prepareFilterForUsersHasGidNumber($groupDN, $search);
 			$users = $this->access->countUsers($filter, ['dn'], $limit, $offset);
-			return (int)$users;
+			return (int) $users;
 		} catch (\Exception $e) {
 			return 0;
 		}
@@ -464,9 +464,9 @@ 
 	 */
 	public function getUserGroupByGid($dn) {
 		$groupID = $this->getUserGidNumber($dn);
-		if($groupID !== false) {
+		if ($groupID !== false) {
 			$groupName = $this->gidNumber2Name($groupID, $dn);
-			if($groupName !== false) {
+			if ($groupName !== false) {
 				return $groupName;
 			}
 		}
@@ -483,22 +483,22 @@ 
 	public function primaryGroupID2Name($gid, $dn) {
 		$cacheKey = 'primaryGroupIDtoName';
 		$groupNames = $this->access->connection->getFromCache($cacheKey);
-		if(!is_null($groupNames) && isset($groupNames[$gid])) {
+		if (!is_null($groupNames) && isset($groupNames[$gid])) {
 			return $groupNames[$gid];
 		}
 
 		$domainObjectSid = $this->access->getSID($dn);
-		if($domainObjectSid === false) {
+		if ($domainObjectSid === false) {
 			return false;
 		}
 
 		//we need to get the DN from LDAP
 		$filter = $this->access->combineFilterWithAnd(array(
 			$this->access->connection->ldapGroupFilter,
-			'objectsid=' . $domainObjectSid . '-' . $gid
+			'objectsid='.$domainObjectSid.'-'.$gid
 		));
 		$result = $this->access->searchGroups($filter, array('dn'), 1);
-		if(empty($result)) {
+		if (empty($result)) {
 			return false;
 		}
 		$dn = $result[0]['dn'][0];
@@ -521,7 +521,7 @@ 
 	 */
 	private function getEntryGroupID($dn, $attribute) {
 		$value = $this->access->readAttribute($dn, $attribute);
-		if(is_array($value) && !empty($value)) {
+		if (is_array($value) && !empty($value)) {
 			return $value[0];
 		}
 		return false;
@@ -543,9 +543,9 @@ 
 	 */
 	public function getUserPrimaryGroupIDs($dn) {
 		$primaryGroupID = false;
-		if($this->access->connection->hasPrimaryGroups) {
+		if ($this->access->connection->hasPrimaryGroups) {
 			$primaryGroupID = $this->getEntryGroupID($dn, 'primaryGroupID');
-			if($primaryGroupID === false) {
+			if ($primaryGroupID === false) {
 				$this->access->connection->hasPrimaryGroups = false;
 			}
 		}
@@ -562,7 +562,7 @@ 
 	 */
 	private function prepareFilterForUsersInPrimaryGroup($groupDN, $search = '') {
 		$groupID = $this->getGroupPrimaryGroupID($groupDN);
-		if($groupID === false) {
+		if ($groupID === false) {
 			throw new \Exception('Not a valid group');
 		}
 
@@ -571,7 +571,7 @@ 
 		if ($search !== '') {
 			$filterParts[] = $this->access->getFilterPartForUserSearch($search);
 		}
-		$filterParts[] = 'primaryGroupID=' . $groupID;
+		$filterParts[] = 'primaryGroupID='.$groupID;
 
 		return $this->access->combineFilterWithAnd($filterParts);
 	}
@@ -613,7 +613,7 @@ 
 		try {
 			$filter = $this->prepareFilterForUsersInPrimaryGroup($groupDN, $search);
 			$users = $this->access->countUsers($filter, array('dn'), $limit, $offset);
-			return (int)$users;
+			return (int) $users;
 		} catch (\Exception $e) {
 			return 0;
 		}
@@ -626,9 +626,9 @@ 
 	 */
 	public function getUserPrimaryGroup($dn) {
 		$groupID = $this->getUserPrimaryGroupIDs($dn);
-		if($groupID !== false) {
+		if ($groupID !== false) {
 			$groupName = $this->primaryGroupID2Name($groupID, $dn);
-			if($groupName !== false) {
+			if ($groupName !== false) {
 				return $groupName;
 			}
 		}
@@ -647,16 +647,16 @@ 
 	 * This function includes groups based on dynamic group membership.
 	 */
 	public function getUserGroups($uid) {
-		if(!$this->enabled) {
+		if (!$this->enabled) {
 			return array();
 		}
 		$cacheKey = 'getUserGroups'.$uid;
 		$userGroups = $this->access->connection->getFromCache($cacheKey);
-		if(!is_null($userGroups)) {
+		if (!is_null($userGroups)) {
 			return $userGroups;
 		}
 		$userDN = $this->access->username2dn($uid);
-		if(!$userDN) {
+		if (!$userDN) {
 			$this->access->connection->writeToCache($cacheKey, array());
 			return array();
 		}
@@ -670,14 +670,14 @@ 
 		if (!empty($dynamicGroupMemberURL)) {
 			// look through dynamic groups to add them to the result array if needed
 			$groupsToMatch = $this->access->fetchListOfGroups(
-				$this->access->connection->ldapGroupFilter,array('dn',$dynamicGroupMemberURL));
-			foreach($groupsToMatch as $dynamicGroup) {
+				$this->access->connection->ldapGroupFilter, array('dn', $dynamicGroupMemberURL));
+			foreach ($groupsToMatch as $dynamicGroup) {
 				if (!array_key_exists($dynamicGroupMemberURL, $dynamicGroup)) {
 					continue;
 				}
 				$pos = strpos($dynamicGroup[$dynamicGroupMemberURL][0], '(');
 				if ($pos !== false) {
-					$memberUrlFilter = substr($dynamicGroup[$dynamicGroupMemberURL][0],$pos);
+					$memberUrlFilter = substr($dynamicGroup[$dynamicGroupMemberURL][0], $pos);
 					// apply filter via ldap search to see if this user is in this
 					// dynamic group
 					$userMatch = $this->access->readAttribute(
@@ -688,7 +688,7 @@ 
 					if ($userMatch !== false) {
 						// match found so this user is in this group
 						$groupName = $this->access->dn2groupname($dynamicGroup['dn'][0]);
-						if(is_string($groupName)) {
+						if (is_string($groupName)) {
 							// be sure to never return false if the dn could not be
 							// resolved to a name, for whatever reason.
 							$groups[] = $groupName;
@@ -696,7 +696,7 @@ 
 					}
 				} else {
 					\OCP\Util::writeLog('user_ldap', 'No search filter found on member url '.
-						'of group ' . print_r($dynamicGroup, true), ILogger::DEBUG);
+						'of group '.print_r($dynamicGroup, true), ILogger::DEBUG);
 				}
 			}
 		}
@@ -704,15 +704,15 @@ 
 		// if possible, read out membership via memberOf. It's far faster than
 		// performing a search, which still is a fallback later.
 		// memberof doesn't support memberuid, so skip it here.
-		if((int)$this->access->connection->hasMemberOfFilterSupport === 1
-			&& (int)$this->access->connection->useMemberOfToDetectMembership === 1
+		if ((int) $this->access->connection->hasMemberOfFilterSupport === 1
+			&& (int) $this->access->connection->useMemberOfToDetectMembership === 1
 		    && strtolower($this->access->connection->ldapGroupMemberAssocAttr) !== 'memberuid'
 		    ) {
 			$groupDNs = $this->_getGroupDNsFromMemberOf($userDN);
 			if (is_array($groupDNs)) {
 				foreach ($groupDNs as $dn) {
 					$groupName = $this->access->dn2groupname($dn);
-					if(is_string($groupName)) {
+					if (is_string($groupName)) {
 						// be sure to never return false if the dn could not be
 						// resolved to a name, for whatever reason.
 						$groups[] = $groupName;
@@ -720,10 +720,10 @@ 
 				}
 			}
 
-			if($primaryGroup !== false) {
+			if ($primaryGroup !== false) {
 				$groups[] = $primaryGroup;
 			}
-			if($gidGroupName !== false) {
+			if ($gidGroupName !== false) {
 				$groups[] = $gidGroupName;
 			}
 			$this->access->connection->writeToCache($cacheKey, $groups);
@@ -731,14 +731,14 @@ 
 		}
 
 		//uniqueMember takes DN, memberuid the uid, so we need to distinguish
-		if((strtolower($this->access->connection->ldapGroupMemberAssocAttr) === 'uniquemember')
+		if ((strtolower($this->access->connection->ldapGroupMemberAssocAttr) === 'uniquemember')
 			|| (strtolower($this->access->connection->ldapGroupMemberAssocAttr) === 'member')
 		) {
 			$uid = $userDN;
-		} else if(strtolower($this->access->connection->ldapGroupMemberAssocAttr) === 'memberuid') {
+		} else if (strtolower($this->access->connection->ldapGroupMemberAssocAttr) === 'memberuid') {
 			$result = $this->access->readAttribute($userDN, 'uid');
 			if ($result === false) {
-				\OCP\Util::writeLog('user_ldap', 'No uid attribute found for DN ' . $userDN . ' on '.
+				\OCP\Util::writeLog('user_ldap', 'No uid attribute found for DN '.$userDN.' on '.
 					$this->access->connection->ldapHost, ILogger::DEBUG);
 			}
 			$uid = $result[0];
@@ -747,7 +747,7 @@ 
 			$uid = $userDN;
 		}
 
-		if(isset($this->cachedGroupsByMember[$uid])) {
+		if (isset($this->cachedGroupsByMember[$uid])) {
 			$groups = array_merge($groups, $this->cachedGroupsByMember[$uid]);
 		} else {
 			$groupsByMember = array_values($this->getGroupsByMember($uid));
@@ -756,10 +756,10 @@ 
 			$groups = array_merge($groups, $groupsByMember);
 		}
 
-		if($primaryGroup !== false) {
+		if ($primaryGroup !== false) {
 			$groups[] = $primaryGroup;
 		}
-		if($gidGroupName !== false) {
+		if ($gidGroupName !== false) {
 			$groups[] = $gidGroupName;
 		}
 
@@ -788,8 +788,8 @@ 
 		$groups = $this->access->fetchListOfGroups($filter,
 			[$this->access->connection->ldapGroupDisplayName, 'dn']);
 		if (is_array($groups)) {
-			$fetcher = function ($dn, &$seen) {
-				if(is_array($dn) && isset($dn['dn'][0])) {
+			$fetcher = function($dn, &$seen) {
+				if (is_array($dn) && isset($dn['dn'][0])) {
 					$dn = $dn['dn'][0];
 				}
 				return $this->getGroupsByMember($dn, $seen);
@@ -810,33 +810,33 @@ 
 	 * @return array with user ids
 	 */
 	public function usersInGroup($gid, $search = '', $limit = -1, $offset = 0) {
-		if(!$this->enabled) {
+		if (!$this->enabled) {
 			return array();
 		}
-		if(!$this->groupExists($gid)) {
+		if (!$this->groupExists($gid)) {
 			return array();
 		}
 		$search = $this->access->escapeFilterPart($search, true);
 		$cacheKey = 'usersInGroup-'.$gid.'-'.$search.'-'.$limit.'-'.$offset;
 		// check for cache of the exact query
 		$groupUsers = $this->access->connection->getFromCache($cacheKey);
-		if(!is_null($groupUsers)) {
+		if (!is_null($groupUsers)) {
 			return $groupUsers;
 		}
 
 		// check for cache of the query without limit and offset
 		$groupUsers = $this->access->connection->getFromCache('usersInGroup-'.$gid.'-'.$search);
-		if(!is_null($groupUsers)) {
+		if (!is_null($groupUsers)) {
 			$groupUsers = array_slice($groupUsers, $offset, $limit);
 			$this->access->connection->writeToCache($cacheKey, $groupUsers);
 			return $groupUsers;
 		}
 
-		if($limit === -1) {
+		if ($limit === -1) {
 			$limit = null;
 		}
 		$groupDN = $this->access->groupname2dn($gid);
-		if(!$groupDN) {
+		if (!$groupDN) {
 			// group couldn't be found, return empty resultset
 			$this->access->connection->writeToCache($cacheKey, array());
 			return array();
@@ -845,7 +845,7 @@ 
 		$primaryUsers = $this->getUsersInPrimaryGroup($groupDN, $search, $limit, $offset);
 		$posixGroupUsers = $this->getUsersInGidNumber($groupDN, $search, $limit, $offset);
 		$members = $this->_groupMembers($groupDN);
-		if(!$members && empty($posixGroupUsers) && empty($primaryUsers)) {
+		if (!$members && empty($posixGroupUsers) && empty($primaryUsers)) {
 			//in case users could not be retrieved, return empty result set
 			$this->access->connection->writeToCache($cacheKey, []);
 			return [];
@@ -854,29 +854,29 @@ 
 		$groupUsers = array();
 		$isMemberUid = (strtolower($this->access->connection->ldapGroupMemberAssocAttr) === 'memberuid');
 		$attrs = $this->access->userManager->getAttributes(true);
-		foreach($members as $member) {
-			if($isMemberUid) {
+		foreach ($members as $member) {
+			if ($isMemberUid) {
 				//we got uids, need to get their DNs to 'translate' them to user names
 				$filter = $this->access->combineFilterWithAnd(array(
 					str_replace('%uid', trim($member), $this->access->connection->ldapLoginFilter),
 					$this->access->getFilterPartForUserSearch($search)
 				));
 				$ldap_users = $this->access->fetchListOfUsers($filter, $attrs, 1);
-				if(count($ldap_users) < 1) {
+				if (count($ldap_users) < 1) {
 					continue;
 				}
 				$groupUsers[] = $this->access->dn2username($ldap_users[0]['dn'][0]);
 			} else {
 				//we got DNs, check if we need to filter by search or we can give back all of them
 				if ($search !== '') {
-					if(!$this->access->readAttribute($member,
+					if (!$this->access->readAttribute($member,
 						$this->access->connection->ldapUserDisplayName,
 						$this->access->getFilterPartForUserSearch($search))) {
 						continue;
 					}
 				}
 				// dn2username will also check if the users belong to the allowed base
-				if($ocname = $this->access->dn2username($member)) {
+				if ($ocname = $this->access->dn2username($member)) {
 					$groupUsers[] = $ocname;
 				}
 			}
@@ -904,16 +904,16 @@ 
 		}
 
 		$cacheKey = 'countUsersInGroup-'.$gid.'-'.$search;
-		if(!$this->enabled || !$this->groupExists($gid)) {
+		if (!$this->enabled || !$this->groupExists($gid)) {
 			return false;
 		}
 		$groupUsers = $this->access->connection->getFromCache($cacheKey);
-		if(!is_null($groupUsers)) {
+		if (!is_null($groupUsers)) {
 			return $groupUsers;
 		}
 
 		$groupDN = $this->access->groupname2dn($gid);
-		if(!$groupDN) {
+		if (!$groupDN) {
 			// group couldn't be found, return empty result set
 			$this->access->connection->writeToCache($cacheKey, false);
 			return false;
@@ -921,7 +921,7 @@ 
 
 		$members = $this->_groupMembers($groupDN);
 		$primaryUserCount = $this->countUsersInPrimaryGroup($groupDN, '');
-		if(!$members && $primaryUserCount === 0) {
+		if (!$members && $primaryUserCount === 0) {
 			//in case users could not be retrieved, return empty result set
 			$this->access->connection->writeToCache($cacheKey, false);
 			return false;
@@ -946,27 +946,27 @@ 
 		//For now this is not important, because the only use of this method
 		//does not supply a search string
 		$groupUsers = array();
-		foreach($members as $member) {
-			if($isMemberUid) {
+		foreach ($members as $member) {
+			if ($isMemberUid) {
 				//we got uids, need to get their DNs to 'translate' them to user names
 				$filter = $this->access->combineFilterWithAnd(array(
 					str_replace('%uid', $member, $this->access->connection->ldapLoginFilter),
 					$this->access->getFilterPartForUserSearch($search)
 				));
 				$ldap_users = $this->access->fetchListOfUsers($filter, 'dn', 1);
-				if(count($ldap_users) < 1) {
+				if (count($ldap_users) < 1) {
 					continue;
 				}
 				$groupUsers[] = $this->access->dn2username($ldap_users[0]);
 			} else {
 				//we need to apply the search filter now
-				if(!$this->access->readAttribute($member,
+				if (!$this->access->readAttribute($member,
 					$this->access->connection->ldapUserDisplayName,
 					$this->access->getFilterPartForUserSearch($search))) {
 					continue;
 				}
 				// dn2username will also check if the users belong to the allowed base
-				if($ocname = $this->access->dn2username($member)) {
+				if ($ocname = $this->access->dn2username($member)) {
 					$groupUsers[] = $ocname;
 				}
 			}
@@ -989,7 +989,7 @@ 
 	 * Returns a list with all groups (used by getGroups)
 	 */
 	protected function getGroupsChunk($search = '', $limit = -1, $offset = 0) {
-		if(!$this->enabled) {
+		if (!$this->enabled) {
 			return array();
 		}
 		$cacheKey = 'getGroups-'.$search.'-'.$limit.'-'.$offset;
@@ -997,13 +997,13 @@ 
 		//Check cache before driving unnecessary searches
 		\OCP\Util::writeLog('user_ldap', 'getGroups '.$cacheKey, ILogger::DEBUG);
 		$ldap_groups = $this->access->connection->getFromCache($cacheKey);
-		if(!is_null($ldap_groups)) {
+		if (!is_null($ldap_groups)) {
 			return $ldap_groups;
 		}
 
 		// if we'd pass -1 to LDAP search, we'd end up in a Protocol
 		// error. With a limit of 0, we get 0 results. So we pass null.
-		if($limit <= 0) {
+		if ($limit <= 0) {
 			$limit = null;
 		}
 		$filter = $this->access->combineFilterWithAnd(array(
@@ -1035,11 +1035,11 @@ 
 	 * (active directory has a limit of 1000 by default)
 	 */
 	public function getGroups($search = '', $limit = -1, $offset = 0) {
-		if(!$this->enabled) {
+		if (!$this->enabled) {
 			return array();
 		}
 		$search = $this->access->escapeFilterPart($search, true);
-		$pagingSize = (int)$this->access->connection->ldapPagingSize;
+		$pagingSize = (int) $this->access->connection->ldapPagingSize;
 		if ($pagingSize <= 0) {
 			return $this->getGroupsChunk($search, $limit, $offset);
 		}
@@ -1082,20 +1082,20 @@ 
 	 */
 	public function groupExists($gid) {
 		$groupExists = $this->access->connection->getFromCache('groupExists'.$gid);
-		if(!is_null($groupExists)) {
-			return (bool)$groupExists;
+		if (!is_null($groupExists)) {
+			return (bool) $groupExists;
 		}
 
 		//getting dn, if false the group does not exist. If dn, it may be mapped
 		//only, requires more checking.
 		$dn = $this->access->groupname2dn($gid);
-		if(!$dn) {
+		if (!$dn) {
 			$this->access->connection->writeToCache('groupExists'.$gid, false);
 			return false;
 		}
 
 		//if group really still exists, we will be able to read its objectclass
-		if(!is_array($this->access->readAttribute($dn, ''))) {
+		if (!is_array($this->access->readAttribute($dn, ''))) {
 			$this->access->connection->writeToCache('groupExists'.$gid, false);
 			return false;
 		}
@@ -1113,7 +1113,7 @@ 
 	* compared with GroupInterface::CREATE_GROUP etc.
 	*/
 	public function implementsActions($actions) {
-		return (bool)((GroupInterface::COUNT_USERS |
+		return (bool) ((GroupInterface::COUNT_USERS |
 				$this->groupPluginManager->getImplementedActions()) & $actions);
 	}
 
@@ -1230,7 +1230,7 @@ 
 			return $this->groupPluginManager->getDisplayName($gid);
 		}
 
-		$cacheKey = 'group_getDisplayName' . $gid;
+		$cacheKey = 'group_getDisplayName'.$gid;
 		if (!is_null($displayName = $this->access->connection->getFromCache($cacheKey))) {
 			return $displayName;
 		}