studieren-ohne-grenzen /
dashboard
Duplicate code is one of the most pungent code smells. A rule that is often used is to re-structure code once it is duplicated in three or more places.
Common duplication problems, and corresponding solutions are:
Complex classes like LdapAdapter often do a lot of different things. To break such a class down, we need to identify a cohesive component within that class. A common approach to find such a component is to look for fields/methods that share the same prefixes, or suffixes. You can also have a look at the cohesion graph to spot any un-connected, or weakly-connected components.
Once you have determined the fields that belong together, you can apply the Extract Class refactoring. If the component makes sense as a sub-class, Extract Subclass is also a candidate, and is often faster.
While breaking up the class, it is a good idea to analyze how other classes use LdapAdapter, and based on these observations, apply Extract Interface, too.
| 1 | <?php |
||
| 16 | class LdapAdapter extends Ldap |
||
| 17 | { |
||
| 18 | /** |
||
| 19 | * @var string The algorithm used for password generation. |
||
| 20 | */ |
||
| 21 | private $password_algorithm = Attribute::PASSWORD_HASH_SSHA; |
||
| 22 | |||
| 23 | /** |
||
| 24 | * Returns all groups (OUs) with their common names |
||
| 25 | * |
||
| 26 | * @param array $fields A list of fields we want to return from the search |
||
| 27 | * @return bool|\Zend\Ldap\Collection |
||
| 28 | * @throws LdapException |
||
| 29 | */ |
||
| 30 | public function getGroups($fields = ['cn']) |
||
| 41 | |||
| 42 | /** |
||
| 43 | * Retrieves an alphabetically sorted list of all users, by recusively search the tree. |
||
| 44 | * This will find users in ou=active and ou=inactive |
||
| 45 | * Note that this search is subject (as all other searches) to the maximum results returned by the LDAP server, |
||
| 46 | * it might not contain *all* users. |
||
| 47 | * |
||
| 48 | * @return Collection |
||
| 49 | * @throws LdapException |
||
| 50 | */ |
||
| 51 | public function getAllUsers() |
||
| 62 | |||
| 63 | /** |
||
| 64 | * Adds the DN to the given group |
||
| 65 | * |
||
| 66 | * @param string $dnOfUser dn of the user to add |
||
| 67 | * @param string $dnOfGroup dn of the group |
||
| 68 | * @param string $role A groupOfNames attribute, such as owner, pending, member (default) |
||
| 69 | * @throws LdapException |
||
| 70 | */ |
||
| 71 | public function addToGroup($dnOfUser, $dnOfGroup, $role = 'member') |
||
| 77 | |||
| 78 | /** |
||
| 79 | * Removes the DN from the given group |
||
| 80 | * |
||
| 81 | * @param string $dnOfUser dn of the user to remove |
||
| 82 | * @param string $dnOfGroup dn of the group |
||
| 83 | * @param string $role A groupOfNames attribute, such as owner, pending, member (default) |
||
| 84 | * @throws LdapException |
||
| 85 | */ |
||
| 86 | public function removeFromGroup($dnOfUser, $dnOfGroup, $role = 'member') |
||
| 92 | |||
| 93 | /** |
||
| 94 | * Checks whether the given user is member of the given group. |
||
| 95 | * |
||
| 96 | * @param string $dnOfUser |
||
| 97 | * @param string $dnOfGroup |
||
| 98 | * @return bool True if user is member of group, false otherwise |
||
| 99 | * @throws LdapException |
||
| 100 | */ |
||
| 101 | public function isMemberOfGroup($dnOfUser, $dnOfGroup) |
||
| 110 | |||
| 111 | /** |
||
| 112 | * Retrieve the members of the given group with their requested details |
||
| 113 | * |
||
| 114 | * @param string $group_ou OU of the group |
||
| 115 | * @param array $details Attributes to fetch |
||
| 116 | * @return array The details of all owners indexed by their `uid` |
||
| 117 | */ |
||
| 118 | public function getOwnerDetails($group_ou, $details = ['mail']) |
||
| 137 | |||
| 138 | /** |
||
| 139 | * Retrieve the members of the given group |
||
| 140 | * |
||
| 141 | * @param string $group_ou OU of the group |
||
| 142 | * @return bool|Collection |
||
| 143 | */ |
||
| 144 | public function getOwners($group_ou) |
||
| 148 | |||
| 149 | /** |
||
| 150 | * Retrieves all members for the given group CN |
||
| 151 | * |
||
| 152 | * @param string $group_ou The common name of the group for which we want to retrieve the members |
||
| 153 | * @param array $fields A list of fields we want to return from the search |
||
| 154 | * @return bool|\Zend\Ldap\Collection |
||
| 155 | * @throws LdapException |
||
| 156 | */ |
||
| 157 | public function getMembers($group_ou, $fields = ['member']) |
||
| 168 | |||
| 169 | /** |
||
| 170 | * Attempts to retrieve the member or guest (DN) with the given mail address. |
||
| 171 | * |
||
| 172 | * @param string $mail The given mail address |
||
| 173 | * @param string $attribute The name of the mail attribute to check |
||
| 174 | * @return bool|string False if the search returned no results, the users' attributes otherwise. |
||
| 175 | * @throws LdapException |
||
| 176 | */ |
||
| 177 | public function getMemberByMail($mail, $attribute = 'mail-alternative') |
||
| 191 | |||
| 192 | /** |
||
| 193 | * This method can be used to assign the ROLE_GROUP_ADMIN role to a user. It checks if the given DN is a owner |
||
| 194 | * of any group. Further checks should be done somewhere else. |
||
| 195 | * |
||
| 196 | * @param string $user_dn The user DN for which we want to check |
||
| 197 | * @return bool True if the given user is a owner of any group, false otherwise. |
||
| 198 | * @throws LdapException |
||
| 199 | */ |
||
| 200 | public function isOwner($user_dn) |
||
| 206 | |||
| 207 | /** |
||
| 208 | * Returns the groups owned by the user with the given dn |
||
| 209 | * |
||
| 210 | * @param string $user_dn The user DN for which we want to check |
||
| 211 | * @return bool|Collection The groups owned by the user |
||
| 212 | */ |
||
| 213 | public function getOwnedGroups($user_dn) |
||
| 217 | |||
| 218 | /** |
||
| 219 | * Retrieves all memberships for the given DN |
||
| 220 | * |
||
| 221 | * @param string $user_dn The DN for which to get the memberships |
||
| 222 | * @param array $fields A list of fields we want to return from the search |
||
| 223 | * @param string $attribute The attribute which we use for filtering |
||
| 224 | * @return bool|\Zend\Ldap\Collection |
||
| 225 | * @throws LdapException |
||
| 226 | */ |
||
| 227 | public function getMemberships($user_dn, $fields = ['cn'], $attribute = 'member') |
||
| 238 | |||
| 239 | /** |
||
| 240 | * Updates the email for the given DN. |
||
| 241 | * |
||
| 242 | * @param string $dn User's dn |
||
| 243 | * @param string $newEmail The new email address |
||
| 244 | * @throws LdapException |
||
| 245 | */ |
||
| 246 | public function updateEmail($dn, $newEmail) |
||
| 252 | |||
| 253 | |||
| 254 | /** |
||
| 255 | * Updates the password for the given DN. Only the DN him/herself can change the password. |
||
| 256 | * Thus we need to bind as the DN first, update the password and then rebind to the privileged user. |
||
| 257 | * |
||
| 258 | * @param string $dn The DN for which to update the password |
||
| 259 | * @param string $old_password The old password, we need to bind to the DN first |
||
| 260 | * @param string $new_password The new password |
||
| 261 | * @throws LdapException |
||
| 262 | */ |
||
| 263 | public function updatePassword($dn, $old_password, $new_password) |
||
| 277 | |||
| 278 | /** |
||
| 279 | * Force a password update using the privileged user, this is used by the password reset process. |
||
| 280 | * |
||
| 281 | * @param string $dn |
||
| 282 | * @param string $new_password |
||
| 283 | * @throws LdapException |
||
| 284 | */ |
||
| 285 | public function forceUpdatePassword($dn, $new_password) |
||
| 291 | |||
| 292 | |||
| 293 | /** |
||
| 294 | * Adds a new object with the given parameters to the ou=inactive subtree. |
||
| 295 | * |
||
| 296 | * @param string $username The username of the new member |
||
| 297 | * @param string $password The password in plaintext |
||
| 298 | * @param string $firstName The first name of the new member |
||
| 299 | * @param string $lastName The last name of the new member |
||
| 300 | * @param string $mail The users' personal email address |
||
| 301 | * @throws LdapException |
||
| 302 | * @return array All stored attributes of the new member |
||
| 303 | */ |
||
| 304 | public function createMember($username, $password, $firstName, $lastName, $mail) |
||
| 344 | |||
| 345 | /** |
||
| 346 | * Create a guest user, reserved for non-members who should receive messages to a mailing list. |
||
| 347 | * |
||
| 348 | * @param string $name The name of the guest |
||
| 349 | * @param string $mail The guests' email address |
||
| 350 | * @return array The LDAP attributes for the guest |
||
| 351 | * @throws LdapException If adding the DN wasn't successful |
||
| 352 | */ |
||
| 353 | public function createGuest($name, $mail) |
||
| 377 | |||
| 378 | /** |
||
| 379 | * Generates a unique username by replacing some special characters, converting to lowercase and then |
||
| 380 | * appending an optional number if the username already exists. |
||
| 381 | * |
||
| 382 | * @param string $name The given name for the member |
||
| 383 | * @return string The generated unique UID |
||
| 384 | */ |
||
| 385 | public function generateUsername($name) |
||
| 404 | |||
| 405 | /** |
||
| 406 | * Checks if the given username is already taken, looks in the active and inactive subtree |
||
| 407 | * |
||
| 408 | * @param string $uid Does this username already exist? |
||
| 409 | * @return bool True if member exists, false otherwise. |
||
| 410 | */ |
||
| 411 | public function usernameExists($uid) |
||
| 417 | |||
| 418 | /** |
||
| 419 | * Allowing the given user to access the given group. This will move the entry from the `pending` to the `member` |
||
| 420 | * field. |
||
| 421 | * |
||
| 422 | * @param string $uid The username for which to approve the membership in $group |
||
| 423 | * @param string $group The group for which the membership of $user is approved, we expect the `ou` value |
||
| 424 | * @throws LdapException |
||
| 425 | */ |
||
| 426 | View Code Duplication | public function approveGroupMembership($uid, $group) |
|
| 439 | |||
| 440 | /** |
||
| 441 | * Returns the dn of the first user with the given uid |
||
| 442 | * |
||
| 443 | * @param string $uid The uid of the user |
||
| 444 | * @return string dn of the first user with the given uid |
||
| 445 | * @throws LdapException |
||
| 446 | */ |
||
| 447 | public function findUserDN($uid) |
||
| 462 | |||
| 463 | /** |
||
| 464 | * Move a (new) inactive member to the active subtree. Being in ou=active is required for certain actions such as |
||
| 465 | * accessing the Dashboard or Open Atrium. |
||
| 466 | * |
||
| 467 | * @param string $uid The username for the member to be activated |
||
| 468 | * @throws LdapException |
||
| 469 | */ |
||
| 470 | public function activateMember($uid) |
||
| 478 | |||
| 479 | /** |
||
| 480 | * For all groups, update the pending field from the inactive DN to the active DN. |
||
| 481 | * |
||
| 482 | * @param string $from Inactive DN |
||
| 483 | * @param string $to Active DN |
||
| 484 | * @throws LdapException |
||
| 485 | */ |
||
| 486 | private function refreshPendingRequests($from, $to) |
||
| 500 | |||
| 501 | /** |
||
| 502 | * Remove a membership request for $group. This will remove the user's dn from the `pending` attribute of the $group |
||
| 503 | * |
||
| 504 | * @param string $uid The username of the user who has done the request |
||
| 505 | * @param string $group The group for which the request shall be removed, we expect the `ou` value |
||
| 506 | * @throws LdapException If group can't be found or update wasn't successful |
||
| 507 | * @return boolean True, if pending contained $user and the entry has been deleted; false otherwise |
||
| 508 | */ |
||
| 509 | View Code Duplication | public function dropMembershipRequest($uid, $group) |
|
| 524 | |||
| 525 | /** |
||
| 526 | * Requesting access for the given user to $group. This will add an entry to the `pending` attribute of the $group |
||
| 527 | * |
||
| 528 | * @param string $uid The username for which to request the membership in $group |
||
| 529 | * @param string $group The group for which the membership of $user is requested, we expect the `ou` value |
||
| 530 | * @throws LdapException If group can't be found or update wasn't successful |
||
| 531 | * @return boolean True, if pending didn't already contain $user; false otherwise (also when already a member) |
||
| 532 | */ |
||
| 533 | public function requestGroupMembership($uid, $group) |
||
| 548 | |||
| 549 | /** |
||
| 550 | * Move an active member to the inactive subtree, thus preventing him/her from logging on to certain services. |
||
| 551 | * |
||
| 552 | * @param string $uid The username of the member to be deactivated |
||
| 553 | * @throws LdapException |
||
| 554 | */ |
||
| 555 | public function deactivateMember($uid) |
||
| 561 | } |
||
| 562 |
Loading history...
If a method or function can return multiple different values and unless you are sure that you only can receive a single value in this context, we recommend to add an additional type check:
If this a common case that PHP Analyzer should handle natively, please let us know by opening an issue.