From 85f173bfe6d1023d9cc7cb4679e351d113cb97be Mon Sep 17 00:00:00 2001 From: hickert Date: Tue, 28 Oct 2008 13:14:02 +0000 Subject: [PATCH] Updated user-filter handling. -The filter was very slow due to the fact that the complete department and all included objects were checked by every request. -No only the requested object is checked. -Added a new ldap method which allows to check filter settings on a single object. ldap->object_match_filter($dn,"cn=h*") git-svn-id: https://oss.gonicus.de/repositories/gosa/trunk@12788 594d385d-05f5-0310-b6e9-bd551577e9d8 --- gosa-core/include/class_ldap.inc | 13 +++++++++++++ gosa-core/include/class_userinfo.inc | 16 +--------------- 2 files changed, 14 insertions(+), 15 deletions(-) diff --git a/gosa-core/include/class_ldap.inc b/gosa-core/include/class_ldap.inc index 02f4c9573..2a0055bee 100644 --- a/gosa-core/include/class_ldap.inc +++ b/gosa-core/include/class_ldap.inc @@ -293,6 +293,19 @@ class LDAP{ } } + function object_match_filter($dn,$filter) + { + if($this->hascon){ + if ($this->reconnect) $this->connect(); + $res = @ldap_read($this->cid, LDAP::fix($dn), $filter, array("objectClass")); + $rv = @ldap_count_entries($this->cid, $res); + return($rv); + }else{ + $this->error = "Could not connect to LDAP server"; + return(FALSE); + } + } + function set_size_limit($size) { /* Ignore zero settings */ diff --git a/gosa-core/include/class_userinfo.inc b/gosa-core/include/class_userinfo.inc index 0601a9842..d5bc7419d 100644 --- a/gosa-core/include/class_userinfo.inc +++ b/gosa-core/include/class_userinfo.inc @@ -349,22 +349,8 @@ class userinfo /* With user filter */ if (isset($subacl['filter']) && !empty($subacl['filter'])){ - $sdn = preg_replace("/^[^,]*+,/","",$dn); - $ldap->cd($sdn); - $ldap->ls($subacl['filter'],$sdn); - if(!$ldap->count()){ + if(!$ldap->object_match_filter($dn,$subacl['filter'])){ continue; - }else{ - $found = FALSE; - while($attrs = $ldap->fetch()){ - if($attrs['dn'] == $dn){ - $found = TRUE; - break; - } - } - if(!$found){ - continue; - } } } -- 2.30.2