Bonjour à tous,
J'ai commencé à implémenter cette nouvelle fonctionnalité PHP 5.4 qui va
permettre enfin de contourner ces problèmes de sizelimit LDAP.
J'ai donc ajouté une option qui permet de définir si on utilise les
résultats par page (c'est à dire si on peut, si on est en PHP 5.4) et si
oui de définir la taille de la page.
J'ai testé sur un openldap avec 1600 users (et une limite de recherche
niveau serveur à 500 entrées), en récupérant par page de 200.
Je n'ai pas encore modifié tous les ldap_search, ça va venir rapidement
(il en reste 2).
Walid.
Index: trunk/install/mysql/glpi-0.84-empty.sql
===================================================================
--- trunk/install/mysql/glpi-0.84-empty.sql (revision 18209)
+++ trunk/install/mysql/glpi-0.84-empty.sql (revision 18210)
@@ -71,6 +71,8 @@
`email2_field` varchar(255) COLLATE utf8_unicode_ci DEFAULT NULL,
`email3_field` varchar(255) COLLATE utf8_unicode_ci DEFAULT NULL,
`email4_field` varchar(255) COLLATE utf8_unicode_ci DEFAULT NULL,
+ `pagesize` int(11) NOT NULL DEFAULT '0',
+ `can_support_pagesize` tinyint(1) NOT NULL DEFAULT '0',
PRIMARY KEY (`id`),
KEY `date_mod` (`date_mod`),
KEY `is_default` (`is_default`),
Index: trunk/install/update_0831_084.php
===================================================================
--- trunk/install/update_0831_084.php (revision 18209)
+++ trunk/install/update_0831_084.php (revision 18210)
@@ -1481,8 +1481,9 @@
$migration->dropField('glpi_profiles', 'view_ocsng');
$migration->dropField('glpi_profiles', 'clean_ocsng');
}
-
-
+ $migration->addField('glpi_authldaps', 'pagesize', 'integer');
+ $migration->addField('glpi_authldaps', 'can_support_pagesize', 'bool');
+
// ************ Keep it at the end **************
//TRANS: %s is the table or item to migrate
$migration->displayMessage(sprintf(__('Data migration - %s'), 'glpi_displaypreferences'));
Index: trunk/inc/authldap.class.php
===================================================================
--- trunk/inc/authldap.class.php (revision 18209)
+++ trunk/inc/authldap.class.php (revision 18210)
@@ -134,6 +134,8 @@
$this->fields['entity_field'] = 'ou';
$this->fields['entity_condition'] = '(objectclass=organizationalUnit)';
$this->fields['use_dn'] = 1 ;
+ $this->fields['can_support_pagesize'] = 1 ;
+ $this->fields['pagesize'] = '1000';
break;
default:
@@ -318,6 +320,23 @@
echo"</td></tr>";
echo "<tr class='tab_bg_1'>";
+ echo "<td>" . __('Use paged results') . "</td><td>";
+ if (self::isLdapPageSizeAvailable(false, false)) {
+ Dropdown::showYesNo('can_support_pagesize', $this->fields["can_support_pagesize"]);
+ } else {
+ echo "<input type='hidden' name='can_support_pagesize' value='0'>".__('No');
+ }
+ echo "</td>";
+ if (self::isLdapPageSizeAvailable(false, false)) {
+ echo "<td>" . __('Page size') . "</td><td>";
+ Dropdown::showInteger("pagesize", $this->fields['pagesize'], 100, 100000, 100);
+ } else {
+ echo "</td>";
+ echo "<input type='hidden' name=pagesize' value='0'>";
+ }
+ echo"</td></tr>";
+
+ echo "<tr class='tab_bg_1'>";
echo "<td>" . __('How LDAP aliases should be handled') . "</td><td colspan='4'>";
$alias_options[LDAP_DEREF_NEVER] = __('Never dereferenced (default)');
$alias_options[LDAP_DEREF_ALWAYS] = __('Always dereferenced');
@@ -330,7 +349,9 @@
echo "<tr class='tab_bg_2'><td class='center' colspan='4'>";
echo "<input type='submit' name='update' class='submit' value=\"".__s('Save')."\">";
echo "</td></tr>";
+
echo "</table></form></div>";
+
}
@@ -1090,6 +1111,67 @@
}
+ static function searchForUsers($ds, $values, $filter, $attrs, &$limitexceeded, &$user_infos,
+ &$ldap_users, $config_ldap) {
+
+ //If paged results cannot be used (PHP < 5.4)
+ $cookie = '';
+ do {
+ if (self::isLdapPageSizeAvailable($config_ldap)) {
+ ldap_control_paged_result($ds, $config_ldap->fields['pagesize'], true,$cookie);
+ }
+ $sr = @ldap_search($ds, $values['basedn'], $filter, $attrs);
+ if ($sr) {
+ if (in_array(ldap_errno($ds),array(4,11))) {
+ // openldap return 4 for Size limit exceeded
+ $limitexceeded = true;
+ }
+ $info = self::get_entries_clean($ds, $sr);
+ if (in_array(ldap_errno($ds),array(4,11))) {
+ $limitexceeded = true;
+ }
+ //$user_infos = array();
+
+ for ($ligne = 0 ; $ligne < $info["count"] ; $ligne++) {
+ //If ldap add
+ if ($values['mode'] == self::ACTION_IMPORT) {
+ if (in_array($config_ldap->fields['login_field'], $info[$ligne])) {
+ $ldap_users[$info[$ligne][$config_ldap->fields['login_field']][0]]
+ = $info[$ligne][$config_ldap->fields['login_field']][0];
+ $user_infos[$info[$ligne][$config_ldap->fields['login_field']][0]]["timestamp"]
+ = self::ldapStamp2UnixStamp($info[$ligne]['modifytimestamp'][0],
+ $config_ldap->fields['time_offset']);
+ $user_infos[$info[$ligne][$config_ldap->fields['login_field']][0]]["user_dn"]
+ = $info[$ligne]['dn'];
+ }
+
+ } else {
+ //If ldap synchronisation
+ if (in_array($config_ldap->fields['login_field'],$info[$ligne])) {
+ $ldap_users[$info[$ligne][$config_ldap->fields['login_field']][0]]
+ = self::ldapStamp2UnixStamp($info[$ligne]['modifytimestamp'][0],
+ $config_ldap->fields['time_offset']);
+ $user_infos[$info[$ligne][$config_ldap->fields['login_field']][0]]["timestamp"]
+ = self::ldapStamp2UnixStamp($info[$ligne]['modifytimestamp'][0],
+ $config_ldap->fields['time_offset']);
+ $user_infos[$info[$ligne][$config_ldap->fields['login_field']][0]]["user_dn"]
+ = $info[$ligne]['dn'];
+ $user_infos[$info[$ligne][$config_ldap->fields['login_field']][0]]["name"]
+ = $info[$ligne][$config_ldap->fields['login_field']][0];
+ }
+ }
+ }
+ } else {
+ return false;
+ }
+ if (self::isLdapPageSizeAvailable($config_ldap)) {
+ ldap_control_paged_result_response($ds, $sr, $cookie);
+ }
+
+ } while($cookie !== null && $cookie != '');
+ return true;
+ }
+
/** Get the list of LDAP users to add/synchronize
*
* @param $options array of possible options:
@@ -1155,55 +1237,16 @@
$values['end_date']);
$filter = "(&$filter $filter_timestamp)";
}
- $sr = @ldap_search($ds, $values['basedn'], $filter, $attrs);
-
- if ($sr) {
- if (in_array(ldap_errno($ds),array(4,11))) {
- // openldap return 4 for Size limit exceeded
- $limitexceeded = true;
- }
- $info = self::get_entries_clean($ds, $sr);
- if (in_array(ldap_errno($ds),array(4,11))) {
- $limitexceeded = true;
- }
- $user_infos = array();
-
- for ($ligne = 0 ; $ligne < $info["count"] ; $ligne++) {
- //If ldap add
- if ($values['mode'] == self::ACTION_IMPORT) {
- if (in_array($config_ldap->fields['login_field'], $info[$ligne])) {
- $ldap_users[$info[$ligne][$config_ldap->fields['login_field']][0]]
- = $info[$ligne][$config_ldap->fields['login_field']][0];
- $user_infos[$info[$ligne][$config_ldap->fields['login_field']][0]]["timestamp"]
- = self::ldapStamp2UnixStamp($info[$ligne]['modifytimestamp'][0],
- $config_ldap->fields['time_offset']);
- $user_infos[$info[$ligne][$config_ldap->fields['login_field']][0]]["user_dn"]
- = $info[$ligne]['dn'];
- }
-
- } else {
- //If ldap synchronisation
- if (in_array($config_ldap->fields['login_field'],$info[$ligne])) {
- $ldap_users[$info[$ligne][$config_ldap->fields['login_field']][0]]
- = self::ldapStamp2UnixStamp($info[$ligne]['modifytimestamp'][0],
- $config_ldap->fields['time_offset']);
- $user_infos[$info[$ligne][$config_ldap->fields['login_field']][0]]["timestamp"]
- = self::ldapStamp2UnixStamp($info[$ligne]['modifytimestamp'][0],
- $config_ldap->fields['time_offset']);
- $user_infos[$info[$ligne][$config_ldap->fields['login_field']][0]]["user_dn"]
- = $info[$ligne]['dn'];
- $user_infos[$info[$ligne][$config_ldap->fields['login_field']][0]]["name"]
- = $info[$ligne][$config_ldap->fields['login_field']][0];
- }
- }
- }
- } else {
+
+ $result = self::searchForUsers($ds, $values, $filter, $attrs, $limitexceeded,
+ $user_infos, $ldap_users, $config_ldap);
+ if (!$result) {
return false;
}
-
} else {
return false;
}
+
$glpi_users = array();
$sql = "SELECT `id`, `name`, `date_sync`, `user_dn`
FROM `glpi_users`";
@@ -2764,5 +2807,18 @@
return $replicates;
}
+ /**
+ *
+ * Check if ldap results can be paged or not
+ * This functionnality is available for PHP 5.4 and higer
+ * @since 0.84
+ * return true if maxPageSize can be used, false otherwise
+ */
+ static function isLdapPageSizeAvailable($config_ldap, $check_config_value = true) {
+ return ((!$check_config_value
+ || ($check_config_value && $config_ldap->fields['can_support_pagesize']))
+ && function_exists('ldap_control_paged_result')
+ && function_exists('ldap_control_paged_result_response'));
+ }
}
-?>
\ No newline at end of file
+?>
_______________________________________________
Glpi-dev mailing list
[email protected]
https://mail.gna.org/listinfo/glpi-dev
