From cb26932f87550132c3d13bb23ef1423870160ed6 Mon Sep 17 00:00:00 2001 From: Simon Leary Date: Tue, 9 Sep 2025 13:58:47 -0400 Subject: [PATCH] require entries to exist before doing init --- resources/lib/UnityGroup.php | 24 +++++------ resources/lib/UnityOrg.php | 11 +++-- resources/lib/UnityUser.php | 82 +++++++++++++++++------------------- 3 files changed, 54 insertions(+), 63 deletions(-) diff --git a/resources/lib/UnityGroup.php b/resources/lib/UnityGroup.php index 5eadb0f2..55a1d83e 100644 --- a/resources/lib/UnityGroup.php +++ b/resources/lib/UnityGroup.php @@ -258,12 +258,11 @@ public function cancelGroupJoinRequest($user, $send_mail = true) // $users = $this->getGroupMembers(); // // now we delete the ldap entry - // if ($this->entry->exists()) { - // $this->entry->delete(); - // $this->REDIS->removeCacheArray("sorted_groups", "", $this->gid); - // foreach ($users as $user) { - // $this->REDIS->removeCacheArray($user->uid, "groups", $this->gid); - // } + // assert($this->entry->exists()); + // $this->entry->delete(); + // $this->REDIS->removeCacheArray("sorted_groups", "", $this->gid); + // foreach ($users as $user) { + // $this->REDIS->removeCacheArray($user->uid, "groups", $this->gid); // } // // send email to every user of the now deleted PI group @@ -521,14 +520,13 @@ private function init() // make this user a PI $owner = $this->getOwner(); - if (!$this->entry->exists()) { - $nextGID = $this->LDAP->getNextPiGIDNumber($this->SQL); + assert(!$this->entry->exists()); + $nextGID = $this->LDAP->getNextPiGIDNumber($this->SQL); - $this->entry->setAttribute("objectclass", UnityLDAP::POSIX_GROUP_CLASS); - $this->entry->setAttribute("gidnumber", strval($nextGID)); - $this->entry->setAttribute("memberuid", array($owner->uid)); - $this->entry->write(); - } + $this->entry->setAttribute("objectclass", UnityLDAP::POSIX_GROUP_CLASS); + $this->entry->setAttribute("gidnumber", strval($nextGID)); + $this->entry->setAttribute("memberuid", array($owner->uid)); + $this->entry->write(); $this->REDIS->appendCacheArray("sorted_groups", "", $this->gid); diff --git a/resources/lib/UnityOrg.php b/resources/lib/UnityOrg.php index 0b8f4fd7..1a77df2d 100644 --- a/resources/lib/UnityOrg.php +++ b/resources/lib/UnityOrg.php @@ -30,13 +30,12 @@ public function __construct($gid, $LDAP, $SQL, $MAILER, $REDIS, $WEBHOOK) public function init() { - if (!$this->entry->exists()) { - $nextGID = $this->LDAP->getNextOrgGIDNumber($this->SQL); + assert(!$this->entry->exists()); + $nextGID = $this->LDAP->getNextOrgGIDNumber($this->SQL); - $this->entry->setAttribute("objectclass", UnityLDAP::POSIX_GROUP_CLASS); - $this->entry->setAttribute("gidnumber", strval($nextGID)); - $this->entry->write(); - } + $this->entry->setAttribute("objectclass", UnityLDAP::POSIX_GROUP_CLASS); + $this->entry->setAttribute("gidnumber", strval($nextGID)); + $this->entry->write(); $this->REDIS->appendCacheArray("sorted_orgs", "", $this->gid); } diff --git a/resources/lib/UnityUser.php b/resources/lib/UnityUser.php index 3f0f4d8f..0c21f666 100644 --- a/resources/lib/UnityUser.php +++ b/resources/lib/UnityUser.php @@ -63,33 +63,30 @@ public function init($firstname, $lastname, $email, $org, $send_mail = true) // $ldapGroupEntry = $this->getGroupEntry(); $id = $this->LDAP->getUnassignedID($this->uid, $this->SQL); - - if (!$ldapGroupEntry->exists()) { - $ldapGroupEntry->setAttribute("objectclass", UnityLDAP::POSIX_GROUP_CLASS); - $ldapGroupEntry->setAttribute("gidnumber", strval($id)); - $ldapGroupEntry->write(); - } + assert(!$ldapGroupEntry->exists()); + $ldapGroupEntry->setAttribute("objectclass", UnityLDAP::POSIX_GROUP_CLASS); + $ldapGroupEntry->setAttribute("gidnumber", strval($id)); + $ldapGroupEntry->write(); // // Create LDAP user // - if (!$this->entry->exists()) { - $this->entry->setAttribute("objectclass", UnityLDAP::POSIX_ACCOUNT_CLASS); - $this->entry->setAttribute("uid", $this->uid); - $this->entry->setAttribute("givenname", $firstname); - $this->entry->setAttribute("sn", $lastname); - $this->entry->setAttribute( - "gecos", - \transliterator_transliterate("Latin-ASCII", "$firstname $lastname") - ); - $this->entry->setAttribute("mail", $email); - $this->entry->setAttribute("o", $org); - $this->entry->setAttribute("homedirectory", self::HOME_DIR . $this->uid); - $this->entry->setAttribute("loginshell", $this->LDAP->getDefUserShell()); - $this->entry->setAttribute("uidnumber", strval($id)); - $this->entry->setAttribute("gidnumber", strval($id)); - $this->entry->write(); - } + assert(!$this->entry->exists()); + $this->entry->setAttribute("objectclass", UnityLDAP::POSIX_ACCOUNT_CLASS); + $this->entry->setAttribute("uid", $this->uid); + $this->entry->setAttribute("givenname", $firstname); + $this->entry->setAttribute("sn", $lastname); + $this->entry->setAttribute( + "gecos", + \transliterator_transliterate("Latin-ASCII", "$firstname $lastname") + ); + $this->entry->setAttribute("mail", $email); + $this->entry->setAttribute("o", $org); + $this->entry->setAttribute("homedirectory", self::HOME_DIR . $this->uid); + $this->entry->setAttribute("loginshell", $this->LDAP->getDefUserShell()); + $this->entry->setAttribute("uidnumber", strval($id)); + $this->entry->setAttribute("gidnumber", strval($id)); + $this->entry->write(); // update cache $this->REDIS->setCache($this->uid, "firstname", $firstname); @@ -353,10 +350,9 @@ public function setSSHKeys($keys, $operator = null, $send_mail = true) { $operator = is_null($operator) ? $this->uid : $operator->uid; $keys_filt = array_values(array_unique($keys)); - if ($this->entry->exists()) { - $this->entry->setAttribute("sshpublickey", $keys_filt); - $this->entry->write(); - } + assert($this->entry->exists()); + $this->entry->setAttribute("sshpublickey", $keys_filt); + $this->entry->write(); $this->REDIS->setCache($this->uid, "sshkeys", $keys_filt); @@ -429,10 +425,9 @@ public function setLoginShell($shell, $operator = null, $send_mail = true) if (empty($shell)) { throw new Exception("login shell must not be empty!"); } - if ($this->entry->exists()) { - $this->entry->setAttribute("loginshell", $shell); - $this->entry->write(); - } + assert($this->entry->exists()); + $this->entry->setAttribute("loginshell", $shell); + $this->entry->write(); $operator = is_null($operator) ? $this->uid : $operator->uid; @@ -484,20 +479,19 @@ public function getLoginShell($ignorecache = false) public function setHomeDir($home, $operator = null) { - if ($this->entry->exists()) { - $this->entry->setAttribute("homedirectory", $home); - $this->entry->write(); - $operator = is_null($operator) ? $this->uid : $operator->uid; - - $this->SQL->addLog( - $operator, - $_SERVER['REMOTE_ADDR'], - "homedir_changed", - $this->uid - ); + assert($this->entry->exists()); + $this->entry->setAttribute("homedirectory", $home); + $this->entry->write(); + $operator = is_null($operator) ? $this->uid : $operator->uid; - $this->REDIS->setCache($this->uid, "homedir", $home); - } + $this->SQL->addLog( + $operator, + $_SERVER['REMOTE_ADDR'], + "homedir_changed", + $this->uid + ); + + $this->REDIS->setCache($this->uid, "homedir", $home); } /**