Merge branch 'main' into prg

Author: simonLeary42

resources/lib/UnityGroup.php

@@ -460,22 +460,8 @@ public function getRequests()
 
     public function getGroupMembers($ignorecache = false)
     {
-        if (!$ignorecache) {
-            $cached_val = $this->REDIS->getCache($this->getPIUID(), "members");
-            if (!is_null($cached_val)) {
-                $members = $cached_val;
-            }
-        }
-
-        $updatecache = false;
-        if (!isset($members)) {
-            $pi_group = $this->getLDAPPiGroup();
-            $members = $pi_group->getAttribute("memberuid");
-            $updatecache = true;
-        }
-
+        $members = $this->getGroupMemberUIDs($ignorecache);
         $out = array();
-        $cache_arr = array();
         $owner_uid = $this->getOwner()->getUID();
         foreach ($members as $member) {
                 $user_obj = new UnityUser(
@@ -487,22 +473,28 @@ public function getGroupMembers($ignorecache = false)
                     $this->WEBHOOK
                 );
                 array_push($out, $user_obj);
-                array_push($cache_arr, $user_obj->getUID());
-        }
-
-        if (!$ignorecache && $updatecache) {
-            sort($cache_arr);
-            $this->REDIS->setCache($this->getPIUID(), "members", $cache_arr);
         }
-
         return $out;
     }
 
-    public function getGroupMemberUIDs()
+    public function getGroupMemberUIDs($ignorecache = false)
     {
-        $pi_group = $this->getLDAPPiGroup();
-        $members = $pi_group->getAttribute("memberuid");
-
+        if (!$ignorecache) {
+            $cached_val = $this->REDIS->getCache($this->getPIUID(), "members");
+            if (!is_null($cached_val)) {
+                $members = $cached_val;
+            }
+        }
+        $updatecache = false;
+        if (!isset($members)) {
+            $pi_group = $this->getLDAPPiGroup();
+            $members = $pi_group->getAttribute("memberuid");
+            $updatecache = true;
+        }
+        if (!$ignorecache && $updatecache) {
+            sort($members);
+            $this->REDIS->setCache($this->getPIUID(), "members", $members);
+        }
         return $members;
     }
 

resources/lib/UnityLDAP.php

@@ -124,7 +124,7 @@ public function getNextUIDNumber($UnitySQL)
         $max_uid = $UnitySQL->getSiteVar('MAX_UID');
         $new_uid = $max_uid + 1;
 
-        while ($this->UIDNumInUse($new_uid)) {
+        while ($this->IDNumInUse($new_uid)) {
             $new_uid++;
         }
 
@@ -138,7 +138,7 @@ public function getNextPiGIDNumber($UnitySQL)
         $max_pigid = $UnitySQL->getSiteVar('MAX_PIGID');
         $new_pigid = $max_pigid + 1;
 
-        while ($this->PIGIDNumInUse($new_pigid)) {
+        while ($this->IDNumInUse($new_pigid)) {
             $new_pigid++;
         }
 
@@ -152,7 +152,7 @@ public function getNextOrgGIDNumber($UnitySQL)
         $max_gid = $UnitySQL->getSiteVar('MAX_GID');
         $new_gid = $max_gid + 1;
 
-        while ($this->GIDNumInUse($new_gid)) {
+        while ($this->IDNumInUse($new_gid)) {
             $new_gid++;
         }
 
@@ -161,32 +161,24 @@ public function getNextOrgGIDNumber($UnitySQL)
         return $new_gid;
     }
 
-    private function UIDNumInUse($id)
+    private function IDNumInUse($id)
     {
+        // id reserved for debian packages
+        if (($id >= 100 && $id <= 999) || ($id >= 60000 && $id <= 64999)) {
+            return true;
+        }
         $users = $this->userOU->getChildrenArray(true);
         foreach ($users as $user) {
             if ($user["uidnumber"][0] == $id) {
                 return true;
             }
         }
-
-        return false;
-    }
-
-    private function PIGIDNumInUse($id)
-    {
         $pi_groups = $this->pi_groupOU->getChildrenArray(true);
         foreach ($pi_groups as $pi_group) {
             if ($pi_group["gidnumber"][0] == $id) {
                 return true;
             }
         }
-
-        return false;
-    }
-
-    private function GIDNumInUse($id)
-    {
         $groups = $this->groupOU->getChildrenArray(true);
         foreach ($groups as $group) {
             if ($group["gidnumber"][0] == $id) {
@@ -212,7 +204,7 @@ public function getUnassignedID($uid, $UnitySQL)
 
                     if ($uid == $netid_match || $netid == $netid_match) {
                         // found a match
-                        if (!$this->UIDNumInUse($uid_match) && !$this->GIDNumInUse($uid_match)) {
+                        if (!$this->IDNumInUse($uid_match)) {
                             return $uid_match;
                         }
                     }
@@ -340,4 +332,35 @@ public function getOrgGroupEntry($gid)
         $gid = ldap_escape($gid, LDAP_ESCAPE_DN);
         return $this->getEntry(unityLDAP::RDN . "=$gid," . $this->STR_ORGGROUPOU);
     }
+
+    public static function parseUserChildrenArray(array $userChildrenArray): array
+    {
+        // input comes from LdapEntry::getChildrenArray on a UnityUser
+        $output = [];
+        $required_string_attributes = [
+            "gidnumber",
+            "givenname",
+            "homedirectory",
+            "loginshell",
+            "mail",
+            "o",
+            "sn",
+            "uid",
+            "uidnumber",
+            "gecos",
+        ];
+        foreach ($required_string_attributes as $key) {
+            $output[$key] = $userChildrenArray[$key][0];
+        }
+        $output["firstname"] = $output["givenname"];
+        $output["lastname"] = $output["sn"];
+        $output["org"] = $output["o"];
+        $output["objectclass"] = $userChildrenArray["objectclass"];
+        if (array_key_exists("sspublickey", $userChildrenArray)) {
+            $output["sshpublickey"] = $userChildrenArray["sshpublickey"];
+        } else {
+            $output["sshpublickey"] = [];
+        }
+        return $output;
+    }
 }

resources/lib/UnityRedis.php

@@ -95,4 +95,9 @@ public function removeCacheArray($object, $key, $value)
             $this->setCache($object, $key, $cached_val);
         }
     }
+
+    public function flushAll()
+    {
+        $this->client->flushAll();
+    }
 }

resources/lib/UnitySite.php

@@ -7,7 +7,7 @@
 
 class UnitySite
 {
-    public static function die($x = null)
+    public static function die($x = null, $show_user = false)
     {
         if (@$GLOBALS["PHPUNIT_NO_DIE_PLEASE"] == true) {
             if (is_null($x)) {
@@ -16,18 +16,18 @@ public static function die($x = null)
                 throw new PhpUnitNoDieException($x);
             }
         } else {
-            if (is_null($x)) {
-                die();
-            } else {
+            if (!is_null($x) and $show_user) {
                 die($x);
+            } else {
+                die();
             }
         }
     }
 
     public static function redirect($destination)
     {
         header("Location: $destination");
-        self::die("Redirect failed, click <a href='$destination'>here</a> to continue.");
+        self::die("Redirect failed, click <a href='$destination'>here</a> to continue.", true);
     }
 
     private static function headerResponseCode(int $code, string $reason)
@@ -55,14 +55,14 @@ public static function badRequest($message)
     {
         self::headerResponseCode(400, "bad request");
         self::errorLog("bad request", $message);
-        self::die();
+        self::die($message);
     }
 
     public static function forbidden($message)
     {
         self::headerResponseCode(403, "forbidden");
         self::errorLog("forbidden", $message);
-        self::die();
+        self::die($message);
     }
 
     public static function arrayGetOrBadRequest(array $array, ...$keys)