You are here

Home » API reference » Lightweight Directory Access Protocol (LDAP) 8.3 » Server.php » Server

private function Server::getNestedGroupDnFilters in Lightweight Directory Access Protocol (LDAP) 8.3

Search within the nested groups for further filters.

Parameters

array $allGroupDns: Currently set groups.

array $orFilters: Filters before diving deeper.

int $level: Last relevant nesting leven.

Return value

array Nested group filters.

1 call to Server::getNestedGroupDnFilters()
Server::groupUserMembershipsFromUserAttr in ldap_servers/src/Entity/Server.php
Get list of groups that a user is a member of using the memberOf attribute.

File

ldap_servers/src/Entity/Server.php, line 1809

Class

Server
Defines the Server entity.

Namespace

Drupal\ldap_servers\Entity

Code

private function getNestedGroupDnFilters(array $allGroupDns, array $orFilters, $level) {

  // Only 50 or so per query.
  for ($key = 0; $key < count($orFilters); $key = $key + self::LDAP_SERVER_LDAP_QUERY_CHUNK) {
    $currentOrFilters = array_slice($orFilters, $key, self::LDAP_SERVER_LDAP_QUERY_CHUNK);

    // Example 1: (|(cn=group1)(cn=group2))
    // Example 2: (|(dn=cn=group1,ou=blah...)(dn=cn=group2,ou=blah...))
    $orFilter = '(|(' . implode(")(", $currentOrFilters) . '))';
    $queryForParentGroups = '(&(objectClass=' . $this
      ->groupObjectClass() . ')' . $orFilter . ')';

    // Need to search on all base DN one at a time.
    foreach ($this
      ->getBaseDn() as $basedn) {

      // No attributes, just dns needed.
      $groupEntries = $this
        ->search($basedn, $queryForParentGroups);
      if ($groupEntries !== FALSE && $level < self::LDAP_SERVER_LDAP_QUERY_RECURSION_LIMIT) {
        $testedGroupIds = [];
        $this
          ->groupMembershipsFromEntryRecursive($groupEntries, $allGroupDns, $testedGroupIds, $level + 1, self::LDAP_SERVER_LDAP_QUERY_RECURSION_LIMIT);
      }
    }
  }
  return $allGroupDns;
}