/** * Return the groups the given user is a member of * * @param User $user * * @return array */ public function getMemberships(User $user) { if ($this->isMemberAttributeAmbiguous()) { $queryValue = $user->getUsername(); } elseif (($queryValue = $user->getAdditional('ldap_dn')) === null) { $userQuery = $this->ds->select()->from($this->userClass)->where($this->userNameAttribute, $user->getUsername())->setBase($this->userBaseDn)->setUsePagedResults(false); if ($this->userFilter) { $userQuery->setNativeFilter($this->userFilter); } if (($queryValue = $userQuery->fetchDn()) === null) { return array(); } } if ($this->nestedGroupSearch) { $groupMemberAttribute = $this->groupMemberAttribute . ':1.2.840.113556.1.4.1941:'; } else { $groupMemberAttribute = $this->groupMemberAttribute; } $groupQuery = $this->ds->select()->from($this->groupClass, array($this->groupNameAttribute))->where($groupMemberAttribute, $queryValue)->setBase($this->groupBaseDn); if ($this->groupFilter) { $groupQuery->setNativeFilter($this->groupFilter); } $groups = array(); foreach ($groupQuery as $row) { $groups[] = $row->{$this->groupNameAttribute}; } return $groups; }
/** * Return the groups the given user is a member of * * @param User $user * * @return array */ public function getMemberships(User $user) { if ($this->isAmbiguous($this->groupClass, $this->groupMemberAttribute)) { $queryValue = $user->getUsername(); } elseif (($queryValue = $user->getAdditional('ldap_dn')) === null) { $userQuery = $this->ds->select()->from($this->userClass)->where($this->userNameAttribute, $user->getUsername())->setBase($this->userBaseDn)->setUsePagedResults(false); if ($this->userFilter) { $userQuery->where(new Expression($this->userFilter)); } if (($queryValue = $userQuery->fetchDn()) === null) { return array(); } } $groupQuery = $this->ds->select()->from($this->groupClass, array($this->groupNameAttribute))->where($this->groupMemberAttribute, $queryValue)->setBase($this->groupBaseDn); if ($this->groupFilter) { $groupQuery->where(new Expression($this->groupFilter)); } $groups = array(); foreach ($groupQuery as $row) { $groups[] = $row->{$this->groupNameAttribute}; } return $groups; }
/** * Return the groups the given user is a member of * * @param User $user * * @return array */ public function getMemberships(User $user) { if ($this->groupClass === 'posixGroup') { // Posix group only uses simple user name $userDn = $user->getUsername(); } else { // LDAP groups use the complete DN if (($userDn = $user->getAdditional('ldap_dn')) === null) { $userQuery = $this->ds->select()->from($this->userClass)->where($this->userNameAttribute, $user->getUsername())->setBase($this->userBaseDn)->setUsePagedResults(false); if ($this->userFilter) { $userQuery->where(new Expression($this->userFilter)); } if (($userDn = $userQuery->fetchDn()) === null) { return array(); } } } $groupQuery = $this->ds->select()->from($this->groupClass, array($this->groupNameAttribute))->where($this->groupMemberAttribute, $userDn)->setBase($this->groupBaseDn); if ($this->groupFilter) { $groupQuery->where(new Expression($this->groupFilter)); } Logger::debug('Fetching groups for user %s using filter %s.', $user->getUsername(), $groupQuery->__toString()); $groups = array(); foreach ($groupQuery as $row) { $groups[] = $row->{$this->groupNameAttribute}; } Logger::debug('Fetched %d groups: %s.', count($groups), join(', ', $groups)); return $groups; }