From e67afed7064be4349231dc38306ad38f1e9b25bd Mon Sep 17 00:00:00 2001 From: Simon Leary Date: Sat, 5 Jul 2025 12:49:37 -0400 Subject: [PATCH 1/5] store entry as property --- resources/lib/UnityGroup.php | 21 ++++++------- resources/lib/UnityUser.php | 52 ++++++++++++++------------------- test/functional/NewUserTest.php | 6 ++-- 3 files changed, 34 insertions(+), 45 deletions(-) diff --git a/resources/lib/UnityGroup.php b/resources/lib/UnityGroup.php index 4a79b444..b8dd7560 100644 --- a/resources/lib/UnityGroup.php +++ b/resources/lib/UnityGroup.php @@ -12,6 +12,7 @@ class UnityGroup public const PI_PREFIX = "pi_"; public $gid; + private $entry; // Services private $LDAP; @@ -30,6 +31,7 @@ class UnityGroup public function __construct($gid, $LDAP, $SQL, $MAILER, $REDIS, $WEBHOOK) { $this->gid = $gid; + $this->entry = $LDAP->getPIGroupEntry($pi_uid); $this->LDAP = $LDAP; $this->SQL = $SQL; @@ -59,7 +61,7 @@ public function __toString() */ public function exists() { - return $this->getLDAPPiGroup()->exists(); + return $this->entry->exists(); } // @@ -255,7 +257,7 @@ public function cancelGroupJoinRequest($user, $send_mail = true) // $users = $this->getGroupMembers(); // // now we delete the ldap entry - // $ldapPiGroupEntry = $this->getLDAPPiGroup(); + // $ldapPiGroupEntry = $this->entry; // if ($ldapPiGroupEntry->exists()) { // $ldapPiGroupEntry->delete(); // $this->REDIS->removeCacheArray("sorted_groups", "", $this->gid); @@ -486,7 +488,7 @@ public function getGroupMemberUIDs($ignorecache = false) } $updatecache = false; if (!isset($members)) { - $pi_group = $this->getLDAPPiGroup(); + $pi_group = $this->entry; $members = $pi_group->getAttribute("memberuid"); $updatecache = true; } @@ -521,7 +523,7 @@ private function init() $owner = $this->getOwner(); // (1) Create LDAP PI group - $ldapPiGroupEntry = $this->getLDAPPiGroup(); + $ldapPiGroupEntry = $this->entry; if (!$ldapPiGroupEntry->exists()) { $nextGID = $this->LDAP->getNextPiGIDNumber($this->SQL); @@ -540,7 +542,7 @@ private function init() private function addUserToGroup($new_user) { // Add to LDAP Group - $pi_group = $this->getLDAPPiGroup(); + $pi_group = $this->entry; $pi_group->appendAttribute("memberuid", $new_user->uid); $pi_group->write(); $this->REDIS->appendCacheArray($this->gid, "members", $new_user->uid); @@ -550,7 +552,7 @@ private function addUserToGroup($new_user) private function removeUserFromGroup($old_user) { // Remove from LDAP Group - $pi_group = $this->getLDAPPiGroup(); + $pi_group = $this->entry; $pi_group->removeAttributeEntryByValue("memberuid", $old_user->uid); $pi_group->write(); $this->REDIS->removeCacheArray($this->gid, "members", $old_user->uid); @@ -583,12 +585,7 @@ public function getOwner() ); } - public function getLDAPPiGroup() - { - return $this->LDAP->getPIGroupEntry($this->gid); - } - - public static function ownerUID2GID($uid) + public static function getPIUIDfromUID($uid) { return self::PI_PREFIX . $uid; } diff --git a/resources/lib/UnityUser.php b/resources/lib/UnityUser.php index 77639a81..66414dd8 100644 --- a/resources/lib/UnityUser.php +++ b/resources/lib/UnityUser.php @@ -10,6 +10,7 @@ class UnityUser private const HOME_DIR = "/home/"; public $uid; + private $entry; // service stack private $LDAP; @@ -21,6 +22,7 @@ class UnityUser public function __construct($uid, $LDAP, $SQL, $MAILER, $REDIS, $WEBHOOK) { $this->uid = $uid; + $this->entry = $LDAP->getUserEntry($uid); $this->LDAP = $LDAP; $this->SQL = $SQL; @@ -70,7 +72,7 @@ public function init($firstname, $lastname, $email, $org, $send_mail = true) // // Create LDAP user // - $ldapUserEntry = $this->getLDAPUser(); + $ldapUserEntry = $this->entry; if (!$ldapUserEntry->exists()) { $ldapUserEntry->setAttribute("objectclass", UnityLDAP::POSIX_ACCOUNT_CLASS); @@ -141,16 +143,6 @@ public function init($firstname, $lastname, $email, $org, $send_mail = true) } } - /** - * Returns the ldap account entry corresponding to the user - * - * @return ldapEntry posix account - */ - public function getLDAPUser() - { - return $this->LDAP->getUserEntry($this->uid); - } - /** * Returns the ldap group entry corresponding to the user * @@ -163,7 +155,7 @@ public function getLDAPGroup() public function exists() { - return $this->getLDAPUser()->exists() && $this->getLDAPGroup()->exists(); + return $this->entry->exists() && $this->getLDAPGroup()->exists(); } // @@ -172,7 +164,7 @@ public function exists() public function setOrg($org) { - $ldap_user = $this->getLDAPUser(); + $ldap_user = $this->entry; $ldap_user->setAttribute("o", $org); $ldap_user->write(); $this->REDIS->setCache($this->uid, "org", $org); @@ -189,13 +181,13 @@ public function getOrg($ignorecache = false) } if ($this->exists()) { - $org = $this->getLDAPUser()->getAttribute("o")[0]; + $org = $this->entry->getAttribute("o")[0]; if (!$ignorecache) { $this->REDIS->setCache($this->uid, "org", $org); } - return $this->getLDAPUser()->getAttribute("o")[0]; + return $this->entry->getAttribute("o")[0]; } return null; @@ -208,7 +200,7 @@ public function getOrg($ignorecache = false) */ public function setFirstname($firstname, $operator = null) { - $ldap_user = $this->getLDAPUser(); + $ldap_user = $this->entry; $ldap_user->setAttribute("givenname", $firstname); $operator = is_null($operator) ? $this->uid : $operator->uid; @@ -239,7 +231,7 @@ public function getFirstname($ignorecache = false) } if ($this->exists()) { - $firstname = $this->getLDAPUser()->getAttribute("givenname")[0]; + $firstname = $this->entry->getAttribute("givenname")[0]; if (!$ignorecache) { $this->REDIS->setCache($this->uid, "firstname", $firstname); @@ -258,7 +250,7 @@ public function getFirstname($ignorecache = false) */ public function setLastname($lastname, $operator = null) { - $ldap_user = $this->getLDAPUser(); + $ldap_user = $this->entry; $ldap_user->setAttribute("sn", $lastname); $operator = is_null($operator) ? $this->uid : $operator->uid; @@ -269,7 +261,7 @@ public function setLastname($lastname, $operator = null) $this->uid ); - $this->getLDAPUser()->write(); + $this->entry->write(); $this->REDIS->setCache($this->uid, "lastname", $lastname); } @@ -289,7 +281,7 @@ public function getLastname($ignorecache = false) } if ($this->exists()) { - $lastname = $this->getLDAPUser()->getAttribute("sn")[0]; + $lastname = $this->entry->getAttribute("sn")[0]; if (!$ignorecache) { $this->REDIS->setCache($this->uid, "lastname", $lastname); @@ -314,7 +306,7 @@ public function getFullname() */ public function setMail($email, $operator = null) { - $ldap_user = $this->getLDAPUser(); + $ldap_user = $this->entry; $ldap_user->setAttribute("mail", $email); $operator = is_null($operator) ? $this->uid : $operator->uid; @@ -325,7 +317,7 @@ public function setMail($email, $operator = null) $this->uid ); - $this->getLDAPUser()->write(); + $this->entry->write(); $this->REDIS->setCache($this->uid, "mail", $email); } @@ -345,7 +337,7 @@ public function getMail($ignorecache = false) } if ($this->exists()) { - $mail = $this->getLDAPUser()->getAttribute("mail")[0]; + $mail = $this->entry->getAttribute("mail")[0]; if (!$ignorecache) { $this->REDIS->setCache($this->uid, "mail", $mail); @@ -364,8 +356,8 @@ public function getMail($ignorecache = false) */ public function setSSHKeys($keys, $operator = null, $send_mail = true) { - $ldapUser = $this->getLDAPUser(); - $operator = is_null($operator) ? $this->uid : $operator->uid; + $ldapUser = $this->entry; + $operator = is_null($operator) ? $this->getUID() : $operator->uid; $keys_filt = array_values(array_unique($keys)); if ($ldapUser->exists()) { $ldapUser->setAttribute("sshpublickey", $keys_filt); @@ -409,7 +401,7 @@ public function getSSHKeys($ignorecache = false) } if ($this->exists()) { - $ldapUser = $this->getLDAPUser(); + $ldapUser = $this->entry; $result = $ldapUser->getAttribute("sshpublickey"); if (is_null($result)) { $keys = array(); @@ -444,7 +436,7 @@ public function setLoginShell($shell, $operator = null, $send_mail = true) if (empty($shell)) { throw new Exception("login shell must not be empty!"); } - $ldapUser = $this->getLDAPUser(); + $ldapUser = $this->entry; if ($ldapUser->exists()) { $ldapUser->setAttribute("loginshell", $shell); $ldapUser->write(); @@ -486,7 +478,7 @@ public function getLoginShell($ignorecache = false) } if ($this->exists()) { - $ldapUser = $this->getLDAPUser(); + $ldapUser = $this->entry; $loginshell = $ldapUser->getAttribute("loginshell")[0]; @@ -502,7 +494,7 @@ public function getLoginShell($ignorecache = false) public function setHomeDir($home, $operator = null) { - $ldapUser = $this->getLDAPUser(); + $ldapUser = $this->entry; if ($ldapUser->exists()) { $ldapUser->setAttribute("homedirectory", $home); $ldapUser->write(); @@ -535,7 +527,7 @@ public function getHomeDir($ignorecache = false) } if ($this->exists()) { - $ldapUser = $this->getLDAPUser(); + $ldapUser = $this->entry; $homedir = $ldapUser->getAttribute("homedirectory"); diff --git a/test/functional/NewUserTest.php b/test/functional/NewUserTest.php index 4da13cce..8664aee1 100644 --- a/test/functional/NewUserTest.php +++ b/test/functional/NewUserTest.php @@ -65,7 +65,7 @@ private function ensureUserDoesNotExist() $org->removeUser($USER); assert(!$org->inOrg($USER)); } - $USER->getLDAPUser()->delete(); + $LDAP->getUserEntry($USER->getUID())->delete(); assert(!$USER->exists()); } $all_users_group = $LDAP->getUserGroup(); @@ -102,9 +102,9 @@ private function ensureUserNotInPIGroup(UnityGroup $pi_group) private function ensurePIGroupDoesNotExist() { - global $USER; + global $USER, $LDAP; if ($USER->getPIGroup()->exists()) { - $USER->getPIGroup()->getLDAPPIGroup()->delete(); + $LDAP->getPIGroupEntry($USER->getPIGroup()->getPIUID())->delete(); assert(!$USER->getPIGroup()->exists()); } } From 5b0169ca64a89c6d200bf872e462a01c7c93af13 Mon Sep 17 00:00:00 2001 From: Simon Leary Date: Sat, 5 Jul 2025 12:52:02 -0400 Subject: [PATCH 2/5] don't store extra variable for $this->entry --- resources/lib/UnityGroup.php | 39 +++++++---------- resources/lib/UnityUser.php | 84 +++++++++++++++--------------------- 2 files changed, 51 insertions(+), 72 deletions(-) diff --git a/resources/lib/UnityGroup.php b/resources/lib/UnityGroup.php index b8dd7560..ca4ec804 100644 --- a/resources/lib/UnityGroup.php +++ b/resources/lib/UnityGroup.php @@ -257,9 +257,8 @@ public function cancelGroupJoinRequest($user, $send_mail = true) // $users = $this->getGroupMembers(); // // now we delete the ldap entry - // $ldapPiGroupEntry = $this->entry; - // if ($ldapPiGroupEntry->exists()) { - // $ldapPiGroupEntry->delete(); + // if ($this->entry->exists()) { + // $this->entry->delete(); // $this->REDIS->removeCacheArray("sorted_groups", "", $this->gid); // foreach ($users as $user) { // $this->REDIS->removeCacheArray($user->uid, "groups", $this->gid); @@ -488,8 +487,7 @@ public function getGroupMemberUIDs($ignorecache = false) } $updatecache = false; if (!isset($members)) { - $pi_group = $this->entry; - $members = $pi_group->getAttribute("memberuid"); + $members = $this->entry->getAttribute("memberuid"); $updatecache = true; } if (!$ignorecache && $updatecache) { @@ -522,16 +520,13 @@ private function init() // make this user a PI $owner = $this->getOwner(); - // (1) Create LDAP PI group - $ldapPiGroupEntry = $this->entry; - - if (!$ldapPiGroupEntry->exists()) { + if (!$this->entry->exists()) { $nextGID = $this->LDAP->getNextPiGIDNumber($this->SQL); - $ldapPiGroupEntry->setAttribute("objectclass", UnityLDAP::POSIX_GROUP_CLASS); - $ldapPiGroupEntry->setAttribute("gidnumber", strval($nextGID)); - $ldapPiGroupEntry->setAttribute("memberuid", array($owner->uid)); - $ldapPiGroupEntry->write(); + $this->entry->setAttribute("objectclass", UnityLDAP::POSIX_GROUP_CLASS); + $this->entry->setAttribute("gidnumber", strval($nextGID)); + $this->entry->setAttribute("memberuid", array($owner->uid)); + $this->entry->write(); } $this->REDIS->appendCacheArray("sorted_groups", "", $this->gid); @@ -542,21 +537,19 @@ private function init() private function addUserToGroup($new_user) { // Add to LDAP Group - $pi_group = $this->entry; - $pi_group->appendAttribute("memberuid", $new_user->uid); - $pi_group->write(); - $this->REDIS->appendCacheArray($this->gid, "members", $new_user->uid); - $this->REDIS->appendCacheArray($new_user->uid, "groups", $this->gid); + $this->entry->appendAttribute("memberuid", $new_user->getUID()); + $this->entry->write(); + $this->REDIS->appendCacheArray($this->getPIUID(), "members", $new_user->uid); + $this->REDIS->appendCacheArray($new_user->getUID(), "groups", $this->gid); } private function removeUserFromGroup($old_user) { // Remove from LDAP Group - $pi_group = $this->entry; - $pi_group->removeAttributeEntryByValue("memberuid", $old_user->uid); - $pi_group->write(); - $this->REDIS->removeCacheArray($this->gid, "members", $old_user->uid); - $this->REDIS->removeCacheArray($old_user->uid, "groups", $this->gid); + $this->entry->removeAttributeEntryByValue("memberuid", $old_user->uid); + $this->entry->write(); + $this->REDIS->removeCacheArray($this->getPIUID(), "members", $old_user->uid); + $this->REDIS->removeCacheArray($old_user->getUID(), "groups", $this->gid); } public function userExists($user) diff --git a/resources/lib/UnityUser.php b/resources/lib/UnityUser.php index 66414dd8..e09f2a13 100644 --- a/resources/lib/UnityUser.php +++ b/resources/lib/UnityUser.php @@ -72,24 +72,22 @@ public function init($firstname, $lastname, $email, $org, $send_mail = true) // // Create LDAP user // - $ldapUserEntry = $this->entry; - - if (!$ldapUserEntry->exists()) { - $ldapUserEntry->setAttribute("objectclass", UnityLDAP::POSIX_ACCOUNT_CLASS); - $ldapUserEntry->setAttribute("uid", $this->uid); - $ldapUserEntry->setAttribute("givenname", $firstname); - $ldapUserEntry->setAttribute("sn", $lastname); - $ldapUserEntry->setAttribute( + if (!$this->entry->exists()) { + $this->entry->setAttribute("objectclass", UnityLDAP::POSIX_ACCOUNT_CLASS); + $this->entry->setAttribute("uid", $this->uid); + $this->entry->setAttribute("givenname", $firstname); + $this->entry->setAttribute("sn", $lastname); + $this->entry->setAttribute( "gecos", \transliterator_transliterate("Latin-ASCII", "$firstname $lastname") ); - $ldapUserEntry->setAttribute("mail", $email); - $ldapUserEntry->setAttribute("o", $org); - $ldapUserEntry->setAttribute("homedirectory", self::HOME_DIR . $this->uid); - $ldapUserEntry->setAttribute("loginshell", $this->LDAP->getDefUserShell()); - $ldapUserEntry->setAttribute("uidnumber", strval($id)); - $ldapUserEntry->setAttribute("gidnumber", strval($id)); - $ldapUserEntry->write(); + $this->entry->setAttribute("mail", $email); + $this->entry->setAttribute("o", $org); + $this->entry->setAttribute("homedirectory", self::HOME_DIR . $this->uid); + $this->entry->setAttribute("loginshell", $this->LDAP->getDefUserShell()); + $this->entry->setAttribute("uidnumber", strval($id)); + $this->entry->setAttribute("gidnumber", strval($id)); + $this->entry->write(); } // update cache @@ -164,9 +162,8 @@ public function exists() public function setOrg($org) { - $ldap_user = $this->entry; - $ldap_user->setAttribute("o", $org); - $ldap_user->write(); + $this->entry->setAttribute("o", $org); + $this->entry->write(); $this->REDIS->setCache($this->uid, "org", $org); } @@ -200,9 +197,8 @@ public function getOrg($ignorecache = false) */ public function setFirstname($firstname, $operator = null) { - $ldap_user = $this->entry; - $ldap_user->setAttribute("givenname", $firstname); - $operator = is_null($operator) ? $this->uid : $operator->uid; + $this->entry->setAttribute("givenname", $firstname); + $operator = is_null($operator) ? $this->getUID() : $operator->uid; $this->SQL->addLog( $operator, @@ -211,7 +207,7 @@ public function setFirstname($firstname, $operator = null) $this->uid ); - $ldap_user->write(); + $this->entry->write(); $this->REDIS->setCache($this->uid, "firstname", $firstname); } @@ -250,9 +246,8 @@ public function getFirstname($ignorecache = false) */ public function setLastname($lastname, $operator = null) { - $ldap_user = $this->entry; - $ldap_user->setAttribute("sn", $lastname); - $operator = is_null($operator) ? $this->uid : $operator->uid; + $this->entry->setAttribute("sn", $lastname); + $operator = is_null($operator) ? $this->getUID() : $operator->uid; $this->SQL->addLog( $operator, @@ -306,9 +301,8 @@ public function getFullname() */ public function setMail($email, $operator = null) { - $ldap_user = $this->entry; - $ldap_user->setAttribute("mail", $email); - $operator = is_null($operator) ? $this->uid : $operator->uid; + $this->entry->setAttribute("mail", $email); + $operator = is_null($operator) ? $this->getUID() : $operator->uid; $this->SQL->addLog( $operator, @@ -356,12 +350,11 @@ public function getMail($ignorecache = false) */ public function setSSHKeys($keys, $operator = null, $send_mail = true) { - $ldapUser = $this->entry; $operator = is_null($operator) ? $this->getUID() : $operator->uid; $keys_filt = array_values(array_unique($keys)); - if ($ldapUser->exists()) { - $ldapUser->setAttribute("sshpublickey", $keys_filt); - $ldapUser->write(); + if ($this->entry->exists()) { + $this->entry->setAttribute("sshpublickey", $keys_filt); + $this->entry->write(); } $this->REDIS->setCache($this->uid, "sshkeys", $keys_filt); @@ -401,8 +394,7 @@ public function getSSHKeys($ignorecache = false) } if ($this->exists()) { - $ldapUser = $this->entry; - $result = $ldapUser->getAttribute("sshpublickey"); + $result = $this->entry->getAttribute("sshpublickey"); if (is_null($result)) { $keys = array(); } else { @@ -436,10 +428,9 @@ public function setLoginShell($shell, $operator = null, $send_mail = true) if (empty($shell)) { throw new Exception("login shell must not be empty!"); } - $ldapUser = $this->entry; - if ($ldapUser->exists()) { - $ldapUser->setAttribute("loginshell", $shell); - $ldapUser->write(); + if ($this->entry->exists()) { + $this->entry->setAttribute("loginshell", $shell); + $this->entry->write(); } $operator = is_null($operator) ? $this->uid : $operator->uid; @@ -478,9 +469,7 @@ public function getLoginShell($ignorecache = false) } if ($this->exists()) { - $ldapUser = $this->entry; - - $loginshell = $ldapUser->getAttribute("loginshell")[0]; + $loginshell = $this->entry->getAttribute("loginshell")[0]; if (!$ignorecache) { $this->REDIS->setCache($this->uid, "loginshell", $loginshell); @@ -494,11 +483,10 @@ public function getLoginShell($ignorecache = false) public function setHomeDir($home, $operator = null) { - $ldapUser = $this->entry; - if ($ldapUser->exists()) { - $ldapUser->setAttribute("homedirectory", $home); - $ldapUser->write(); - $operator = is_null($operator) ? $this->uid : $operator->uid; + if ($this->entry->exists()) { + $this->entry->setAttribute("homedirectory", $home); + $this->entry->write(); + $operator = is_null($operator) ? $this->getUID() : $operator->uid; $this->SQL->addLog( $operator, @@ -527,9 +515,7 @@ public function getHomeDir($ignorecache = false) } if ($this->exists()) { - $ldapUser = $this->entry; - - $homedir = $ldapUser->getAttribute("homedirectory"); + $homedir = $this->entry->getAttribute("homedirectory"); if (!$ignorecache) { $this->REDIS->setCache($this->uid, "homedir", $homedir); From 8b01414cc70cb73bfdabc96513fea97e06e3fe24 Mon Sep 17 00:00:00 2001 From: Simon Leary Date: Fri, 11 Jul 2025 09:57:08 -0400 Subject: [PATCH 3/5] UnityOrg as well --- resources/lib/UnityOrg.php | 32 ++++++++++++-------------------- test/functional/NewUserTest.php | 4 ++-- 2 files changed, 14 insertions(+), 22 deletions(-) diff --git a/resources/lib/UnityOrg.php b/resources/lib/UnityOrg.php index 3f3ad111..8e6b9797 100644 --- a/resources/lib/UnityOrg.php +++ b/resources/lib/UnityOrg.php @@ -7,6 +7,7 @@ class UnityOrg { public $gid; + private $entry; private $MAILER; private $SQL; @@ -17,6 +18,7 @@ class UnityOrg public function __construct($gid, $LDAP, $SQL, $MAILER, $REDIS, $WEBHOOK) { $this->gid = $gid; + $this->entry = $LDAP->getOrgGroupEntry($this->gid); $this->LDAP = $LDAP; $this->SQL = $SQL; @@ -27,14 +29,12 @@ public function __construct($gid, $LDAP, $SQL, $MAILER, $REDIS, $WEBHOOK) public function init() { - $org_group = $this->getLDAPOrgGroup(); - - if (!$org_group->exists()) { + if (!$this->entry->exists()) { $nextGID = $this->LDAP->getNextOrgGIDNumber($this->SQL); - $org_group->setAttribute("objectclass", UnityLDAP::POSIX_GROUP_CLASS); - $org_group->setAttribute("gidnumber", strval($nextGID)); - $org_group->write(); + $this->entry->setAttribute("objectclass", UnityLDAP::POSIX_GROUP_CLASS); + $this->entry->setAttribute("gidnumber", strval($nextGID)); + $this->entry->write(); } $this->REDIS->appendCacheArray("sorted_orgs", "", $this->gid); @@ -42,12 +42,7 @@ public function init() public function exists() { - return $this->getLDAPOrgGroup()->exists(); - } - - public function getLDAPOrgGroup() - { - return $this->LDAP->getOrgGroupEntry($this->gid); + return $this->entry->exists(); } public function inOrg($user, $ignorecache = false) @@ -83,8 +78,7 @@ public function getOrgMemberUIDs($ignorecache = false) } $updatecache = false; if (!isset($members)) { - $org_group = $this->getLDAPOrgGroup(); - $members = $org_group->getAttribute("memberuid"); + $members = $this->entry->getAttribute("memberuid"); $updatecache = true; } if (!$ignorecache && $updatecache) { @@ -96,17 +90,15 @@ public function getOrgMemberUIDs($ignorecache = false) public function addUser($user) { - $org_group = $this->getLDAPOrgGroup(); - $org_group->appendAttribute("memberuid", $user->uid); - $org_group->write(); + $this->entry->appendAttribute("memberuid", $user->uid); + $this->entry->write(); $this->REDIS->appendCacheArray($this->gid, "members", $user->uid); } public function removeUser($user) { - $org_group = $this->getLDAPOrgGroup(); - $org_group->removeAttributeEntryByValue("memberuid", $user->uid); - $org_group->write(); + $this->entry->removeAttributeEntryByValue("memberuid", $user->uid); + $this->entry->write(); $this->REDIS->removeCacheArray($this->gid, "members", $user->uid); } } diff --git a/test/functional/NewUserTest.php b/test/functional/NewUserTest.php index 8664aee1..600a1001 100644 --- a/test/functional/NewUserTest.php +++ b/test/functional/NewUserTest.php @@ -84,9 +84,9 @@ private function ensureUserDoesNotExist() private function ensureOrgGroupDoesNotExist() { global $USER, $SSO, $LDAP, $SQL, $MAILER, $REDIS, $WEBHOOK; - $org_group = new UnityOrg($SSO["org"], $LDAP, $SQL, $MAILER, $REDIS, $WEBHOOK); + $org_group = $LDAP->getOrgGroupEntry($SSO["org"]); if ($org_group->exists()) { - $org_group->getLDAPOrgGroup()->delete(); + $org_group->delete(); assert(!$org_group->exists()); } } From fe6aaa056e6beb219c026099f3433e46957edf8c Mon Sep 17 00:00:00 2001 From: Simon Leary Date: Fri, 11 Jul 2025 10:15:03 -0400 Subject: [PATCH 4/5] fixes from uid/gid change --- resources/lib/UnityGroup.php | 14 +++++++------- resources/lib/UnityUser.php | 10 +++++----- test/functional/NewUserTest.php | 4 ++-- 3 files changed, 14 insertions(+), 14 deletions(-) diff --git a/resources/lib/UnityGroup.php b/resources/lib/UnityGroup.php index ca4ec804..4340611c 100644 --- a/resources/lib/UnityGroup.php +++ b/resources/lib/UnityGroup.php @@ -31,7 +31,7 @@ class UnityGroup public function __construct($gid, $LDAP, $SQL, $MAILER, $REDIS, $WEBHOOK) { $this->gid = $gid; - $this->entry = $LDAP->getPIGroupEntry($pi_uid); + $this->entry = $LDAP->getPIGroupEntry($gid); $this->LDAP = $LDAP; $this->SQL = $SQL; @@ -537,10 +537,10 @@ private function init() private function addUserToGroup($new_user) { // Add to LDAP Group - $this->entry->appendAttribute("memberuid", $new_user->getUID()); + $this->entry->appendAttribute("memberuid", $new_user->uid); $this->entry->write(); - $this->REDIS->appendCacheArray($this->getPIUID(), "members", $new_user->uid); - $this->REDIS->appendCacheArray($new_user->getUID(), "groups", $this->gid); + $this->REDIS->appendCacheArray($this->gid, "members", $new_user->uid); + $this->REDIS->appendCacheArray($new_user->uid, "groups", $this->gid); } private function removeUserFromGroup($old_user) @@ -548,8 +548,8 @@ private function removeUserFromGroup($old_user) // Remove from LDAP Group $this->entry->removeAttributeEntryByValue("memberuid", $old_user->uid); $this->entry->write(); - $this->REDIS->removeCacheArray($this->getPIUID(), "members", $old_user->uid); - $this->REDIS->removeCacheArray($old_user->getUID(), "groups", $this->gid); + $this->REDIS->removeCacheArray($this->gid, "members", $old_user->uid); + $this->REDIS->removeCacheArray($old_user->uid, "groups", $this->gid); } public function userExists($user) @@ -578,7 +578,7 @@ public function getOwner() ); } - public static function getPIUIDfromUID($uid) + public static function ownerUID2GID($uid) { return self::PI_PREFIX . $uid; } diff --git a/resources/lib/UnityUser.php b/resources/lib/UnityUser.php index e09f2a13..1c1a34ce 100644 --- a/resources/lib/UnityUser.php +++ b/resources/lib/UnityUser.php @@ -198,7 +198,7 @@ public function getOrg($ignorecache = false) public function setFirstname($firstname, $operator = null) { $this->entry->setAttribute("givenname", $firstname); - $operator = is_null($operator) ? $this->getUID() : $operator->uid; + $operator = is_null($operator) ? $this->uid : $operator->uid; $this->SQL->addLog( $operator, @@ -247,7 +247,7 @@ public function getFirstname($ignorecache = false) public function setLastname($lastname, $operator = null) { $this->entry->setAttribute("sn", $lastname); - $operator = is_null($operator) ? $this->getUID() : $operator->uid; + $operator = is_null($operator) ? $this->uid : $operator->uid; $this->SQL->addLog( $operator, @@ -302,7 +302,7 @@ public function getFullname() public function setMail($email, $operator = null) { $this->entry->setAttribute("mail", $email); - $operator = is_null($operator) ? $this->getUID() : $operator->uid; + $operator = is_null($operator) ? $this->uid : $operator->uid; $this->SQL->addLog( $operator, @@ -350,7 +350,7 @@ public function getMail($ignorecache = false) */ public function setSSHKeys($keys, $operator = null, $send_mail = true) { - $operator = is_null($operator) ? $this->getUID() : $operator->uid; + $operator = is_null($operator) ? $this->uid : $operator->uid; $keys_filt = array_values(array_unique($keys)); if ($this->entry->exists()) { $this->entry->setAttribute("sshpublickey", $keys_filt); @@ -486,7 +486,7 @@ public function setHomeDir($home, $operator = null) if ($this->entry->exists()) { $this->entry->setAttribute("homedirectory", $home); $this->entry->write(); - $operator = is_null($operator) ? $this->getUID() : $operator->uid; + $operator = is_null($operator) ? $this->uid : $operator->uid; $this->SQL->addLog( $operator, diff --git a/test/functional/NewUserTest.php b/test/functional/NewUserTest.php index 600a1001..26e72ba5 100644 --- a/test/functional/NewUserTest.php +++ b/test/functional/NewUserTest.php @@ -65,7 +65,7 @@ private function ensureUserDoesNotExist() $org->removeUser($USER); assert(!$org->inOrg($USER)); } - $LDAP->getUserEntry($USER->getUID())->delete(); + $LDAP->getUserEntry($USER->uid)->delete(); assert(!$USER->exists()); } $all_users_group = $LDAP->getUserGroup(); @@ -104,7 +104,7 @@ private function ensurePIGroupDoesNotExist() { global $USER, $LDAP; if ($USER->getPIGroup()->exists()) { - $LDAP->getPIGroupEntry($USER->getPIGroup()->getPIUID())->delete(); + $LDAP->getPIGroupEntry($USER->getPIGroup()->gid)->delete(); assert(!$USER->getPIGroup()->exists()); } } From 8b07d77737b3f1035fac72db660d067ecee03e87 Mon Sep 17 00:00:00 2001 From: Simon Leary Date: Sun, 13 Jul 2025 12:11:28 -0400 Subject: [PATCH 5/5] rename getLDAPGroup to getGroupEntry --- resources/lib/UnityUser.php | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/resources/lib/UnityUser.php b/resources/lib/UnityUser.php index 1c1a34ce..ed340261 100644 --- a/resources/lib/UnityUser.php +++ b/resources/lib/UnityUser.php @@ -60,7 +60,7 @@ public function init($firstname, $lastname, $email, $org, $send_mail = true) // // Create LDAP group // - $ldapGroupEntry = $this->getLDAPGroup(); + $ldapGroupEntry = $this->getGroupEntry(); $id = $this->LDAP->getUnassignedID($this->uid, $this->SQL); if (!$ldapGroupEntry->exists()) { @@ -146,14 +146,14 @@ public function init($firstname, $lastname, $email, $org, $send_mail = true) * * @return ldapEntry posix group */ - public function getLDAPGroup() + public function getGroupEntry() { return $this->LDAP->getGroupEntry($this->uid); } public function exists() { - return $this->entry->exists() && $this->getLDAPGroup()->exists(); + return $this->entry->exists() && $this->getGroupEntry()->exists(); } //