plugins/kolab_auth
Aleksander Machniak
machniak at kolabsys.com
Thu Sep 19 11:47:34 CEST 2013
plugins/kolab_auth/kolab_auth.php | 52 ++++++++++++++++++++++-----------
plugins/kolab_auth/kolab_auth_ldap.php | 12 +++++++
2 files changed, 48 insertions(+), 16 deletions(-)
New commits:
commit 6556c1a1d4441a9b55c05618ed5f1e1516653d91
Author: Aleksander Machniak <machniak at kolabsys.com>
Date: Thu Sep 19 11:46:19 2013 +0200
Improved performance of load_user_role_plugins_and_settings(), we cache
some data in session so we can skip LDAP connection + bind + search
on every request (Bug #2241)
diff --git a/plugins/kolab_auth/kolab_auth.php b/plugins/kolab_auth/kolab_auth.php
index b8c5996..b13ea93 100644
--- a/plugins/kolab_auth/kolab_auth.php
+++ b/plugins/kolab_auth/kolab_auth.php
@@ -63,25 +63,28 @@ class kolab_auth extends rcube_plugin
$rcmail->config->set('ldap_debug', true);
$rcmail->config->set('smtp_debug', true);
}
-
}
public function startup($args)
{
- // Arguments are task / action, not interested
- if (!empty($_SESSION['user_roledns'])) {
- $this->load_user_role_plugins_and_settings($_SESSION['user_roledns']);
- }
+ $this->load_user_role_plugins_and_settings();
return $args;
}
- public function load_user_role_plugins_and_settings($role_dns)
+ /**
+ * Modifies list of plugins and settings according to
+ * specified LDAP roles
+ */
+ public function load_user_role_plugins_and_settings()
{
+ if (empty($_SESSION['user_roledns'])) {
+ return;
+ }
+
$rcmail = rcube::get_instance();
$this->load_config();
- // Check role dependent plugins to enable and settings to modify
// Example 'kolab_auth_role_plugins' =
//
@@ -109,25 +112,19 @@ class kolab_auth extends rcube_plugin
$role_settings = $rcmail->config->get('kolab_auth_role_settings');
- $ldap = self::ldap();
- if (!$ldap || !$ldap->ready) {
- $args['abort'] = true;
- return $args;
- }
-
if (!empty($role_plugins)) {
foreach ($role_plugins as $role_dn => $plugins) {
- $role_plugins[$ldap->parse_vars($role_dn)] = $plugins;
+ $role_plugins[self::parse_ldap_vars($role_dn)] = $plugins;
}
}
if (!empty($role_settings)) {
foreach ($role_settings as $role_dn => $settings) {
- $role_settings[$ldap->parse_vars($role_dn)] = $settings;
+ $role_settings[self::parse_ldap_vars($role_dn)] = $settings;
}
}
- foreach ($role_dns as $role_dn) {
+ foreach ($_SESSION['user_roledns'] as $role_dn) {
if (isset($role_plugins[$role_dn]) && is_array($role_plugins[$role_dn])) {
foreach ($role_plugins[$role_dn] as $plugin) {
$this->require_plugin($plugin);
@@ -404,6 +401,12 @@ class kolab_auth extends rcube_plugin
$_SESSION['kolab_uid'] = is_array($record['uid']) ? $record['uid'][0] : $record['uid'];
$_SESSION['kolab_dn'] = $record['dn'];
+ // Store LDAP replacement variables used for current user
+ // This improves performance of load_user_role_plugins_and_settings()
+ // which is executed on every request (via startup hook) and where
+ // we don't like to use LDAP (connection + bind + search)
+ $_SESSION['kolab_auth_vars'] = $ldap->get_parse_vars();
+
// Set user login
if ($login_attr) {
$this->data['user_login'] = is_array($record[$login_attr]) ? $record[$login_attr][0] : $record[$login_attr];
@@ -559,4 +562,21 @@ class kolab_auth extends rcube_plugin
return self::$ldap;
}
+
+ /**
+ * Parses LDAP DN string with replacing supported variables.
+ * See kolab_auth_ldap::parse_vars()
+ *
+ * @param string $str LDAP DN string
+ *
+ * @return string Parsed DN string
+ */
+ public static function parse_ldap_vars($str)
+ {
+ if (!empty($_SESSION['kolab_auth_vars'])) {
+ $str = strtr($str, $_SESSION['kolab_auth_vars']);
+ }
+
+ return $str;
+ }
}
diff --git a/plugins/kolab_auth/kolab_auth_ldap.php b/plugins/kolab_auth/kolab_auth_ldap.php
index 9592b6c..94c10a0 100644
--- a/plugins/kolab_auth/kolab_auth_ldap.php
+++ b/plugins/kolab_auth/kolab_auth_ldap.php
@@ -415,6 +415,8 @@ class kolab_auth_ldap extends rcube_ldap_generic
$replaces = array('%dc' => $dc, '%d' => $d, '%fu' => $user, '%u' => $u);
+ $this->parse_replaces = $replaces;
+
return strtr($str, $replaces);
}
@@ -462,6 +464,16 @@ class kolab_auth_ldap extends rcube_ldap_generic
}
/**
+ * Returns variables used for replacement in (last) parse_vars() call
+ *
+ * @return array Variable-value hash array
+ */
+ public function get_parse_vars()
+ {
+ return $this->parse_replaces;
+ }
+
+ /**
* HTML-safe DN string encoding
*
* @param string $str DN string
More information about the commits
mailing list