/**
* Return the groups the given user is a member of
*
* @param User $user
*
* @return array
*/
public function getMemberships(User $user)
{
if ($this->isMemberAttributeAmbiguous()) {
$queryValue = $user->getUsername();
} elseif (($queryValue = $user->getAdditional('ldap_dn')) === null) {
$userQuery = $this->ds->select()->from($this->userClass)->where($this->userNameAttribute, $user->getUsername())->setBase($this->userBaseDn)->setUsePagedResults(false);
if ($this->userFilter) {
$userQuery->setNativeFilter($this->userFilter);
}
if (($queryValue = $userQuery->fetchDn()) === null) {
return array();
}
}
if ($this->nestedGroupSearch) {
$groupMemberAttribute = $this->groupMemberAttribute . ':1.2.840.113556.1.4.1941:';
} else {
$groupMemberAttribute = $this->groupMemberAttribute;
}
$groupQuery = $this->ds->select()->from($this->groupClass, array($this->groupNameAttribute))->where($groupMemberAttribute, $queryValue)->setBase($this->groupBaseDn);
if ($this->groupFilter) {
$groupQuery->setNativeFilter($this->groupFilter);
}
$groups = array();
foreach ($groupQuery as $row) {
$groups[] = $row->{$this->groupNameAttribute};
}
return $groups;
}
/**
* Return the groups the given user is a member of
*
* @param User $user
*
* @return array
*/
public function getMemberships(User $user)
{
if ($this->isAmbiguous($this->groupClass, $this->groupMemberAttribute)) {
$queryValue = $user->getUsername();
} elseif (($queryValue = $user->getAdditional('ldap_dn')) === null) {
$userQuery = $this->ds->select()->from($this->userClass)->where($this->userNameAttribute, $user->getUsername())->setBase($this->userBaseDn)->setUsePagedResults(false);
if ($this->userFilter) {
$userQuery->where(new Expression($this->userFilter));
}
if (($queryValue = $userQuery->fetchDn()) === null) {
return array();
}
}
$groupQuery = $this->ds->select()->from($this->groupClass, array($this->groupNameAttribute))->where($this->groupMemberAttribute, $queryValue)->setBase($this->groupBaseDn);
if ($this->groupFilter) {
$groupQuery->where(new Expression($this->groupFilter));
}
$groups = array();
foreach ($groupQuery as $row) {
$groups[] = $row->{$this->groupNameAttribute};
}
return $groups;
}
/**
* Return the groups the given user is a member of
*
* @param User $user
*
* @return array
*/
public function getMemberships(User $user)
{
if ($this->groupClass === 'posixGroup') {
// Posix group only uses simple user name
$userDn = $user->getUsername();
} else {
// LDAP groups use the complete DN
if (($userDn = $user->getAdditional('ldap_dn')) === null) {
$userQuery = $this->ds->select()->from($this->userClass)->where($this->userNameAttribute, $user->getUsername())->setBase($this->userBaseDn)->setUsePagedResults(false);
if ($this->userFilter) {
$userQuery->where(new Expression($this->userFilter));
}
if (($userDn = $userQuery->fetchDn()) === null) {
return array();
}
}
}
$groupQuery = $this->ds->select()->from($this->groupClass, array($this->groupNameAttribute))->where($this->groupMemberAttribute, $userDn)->setBase($this->groupBaseDn);
if ($this->groupFilter) {
$groupQuery->where(new Expression($this->groupFilter));
}
Logger::debug('Fetching groups for user %s using filter %s.', $user->getUsername(), $groupQuery->__toString());
$groups = array();
foreach ($groupQuery as $row) {
$groups[] = $row->{$this->groupNameAttribute};
}
Logger::debug('Fetched %d groups: %s.', count($groups), join(', ', $groups));
return $groups;
}
