optimize fetching of group member attributes

Author: simonLeary42

resources/lib/UnityGroup.php

@@ -470,4 +470,13 @@ public static function ownerMail2GID(string $email): string
         $ownerUid = $entry->getAttribute("cn")[0];
         return self::PI_PREFIX . $ownerUid;
     }
+
+    public function getGroupMembersAttributes(array $attributes, array $default_values = [])
+    {
+        return $this->LDAP->getUsersAttributes(
+            $this->getGroupMemberUIDs(),
+            $attributes,
+            $default_values,
+        );
+    }
 }

resources/lib/UnityLDAP.php

@@ -2,6 +2,8 @@
 
 namespace UnityWebPortal\lib;
 
+use UnityWebPortal\lib\exceptions\EntryNotFoundException;
+use ValueError;
 use PHPOpenLDAPer\LDAPConn;
 use PHPOpenLDAPer\LDAPEntry;
 
@@ -487,4 +489,50 @@ public function getSortedGroupsForRedis(): array
         sort($groups);
         return $groups;
     }
+
+    /**
+     * returns an array with each UID as an array key
+     * @throws \UnityWebPortal\lib\exceptions\EntryNotFoundException
+     */
+    public function getUsersAttributes(
+        array $uids,
+        array $attributes,
+        array $default_values = [],
+    ): array {
+        if (count($uids) === 0) {
+            throw new ValueError("uids cannot be empty");
+        }
+        $attributes = array_map("strtolower", $attributes);
+        if (in_array("uid", $attributes)) {
+            $asked_for_uid_attribute = true;
+        } else {
+            $asked_for_uid_attribute = false;
+            array_push($attributes, "uid");
+        }
+        $uids = array_map(fn($x) => ldap_escape($x, "", LDAP_ESCAPE_FILTER), $uids);
+        $filter =
+            "(&(objectClass=posixAccount)(|" .
+            implode("", array_map(fn($x) => "(uid=$x)", $uids)) .
+            "))";
+        $entries = $this->baseOU->getChildrenArrayStrict(
+            $attributes,
+            true,
+            $filter,
+            $default_values,
+        );
+        $output = [];
+        foreach ($entries as $entry) {
+            $uid = $entry["uid"][0];
+            if (!$asked_for_uid_attribute) {
+                unset($entry["uid"]);
+            }
+            $output[$uid] = $entry;
+        }
+        $uids_not_found = array_diff($uids, array_keys($output));
+        if (count($uids_not_found) > 0) {
+            throw new EntryNotFoundException(jsonEncode($uids_not_found));
+        }
+        ksort($output);
+        return $output;
+    }
 }

webroot/admin/ajax/get_group_members.php

@@ -14,13 +14,13 @@
 }
 
 $group = new UnityGroup($_GET["gid"], $LDAP, $SQL, $MAILER, $REDIS, $WEBHOOK);
-$members = $group->getGroupMembers();
+$members = $group->getGroupMembersAttributes(["gecos", "mail"]);
 $requests = $group->getRequests();
 
 $i = 0;
 $count = count($members) + count($requests);
-foreach ($members as $member) {
-    if ($member->uid == $group->getOwner()->uid) {
+foreach ($members as $uid => $attributes) {
+    if ($uid == $group->getOwner()->uid) {
         continue;
     }
 
@@ -29,22 +29,23 @@
     } else {
         echo "<tr class='expanded $i'>";
     }
-
-    echo "<td>" . $member->getFullname() . "</td>";
-    echo "<td>" . $member->uid . "</td>";
-    echo "<td><a href='mailto:" . $member->getMail() . "'>" . $member->getMail() . "</a></td>";
+    $fullname = $attributes["gecos"][0];
+    $mail = $attributes["mail"][0];
+    echo "<td>$fullname</td>";
+    echo "<td>$uid</td>";
+    echo "<td><a href='mailto:$mail'>$mail</a></td>";
     echo "<td>";
     echo "
         <form
             action=''
             method='POST'
             onsubmit='
-                return confirm(\"Are you sure you want to remove $member->uid from this group?\");
+                return confirm(\"Are you sure you want to remove $uid from this group?\");
             '
         >
         <input type='hidden' name='form_type' value='remUserChild'>
-        <input type='hidden' name='uid' value='" . $member->uid . "'>
-        <input type='hidden' name='pi' value='" . $group->gid . "'>
+        <input type='hidden' name='uid' value='$uid'>
+        <input type='hidden' name='pi' value='$group->gid'>
         <input type='submit' value='Remove'>
         </form>
     ";

webroot/panel/ajax/get_group_members.php

@@ -13,10 +13,10 @@
 if (!$group->memberExists($USER)) {
     UnityHTTPD::forbidden("not a group member");
 }
-$members = $group->getGroupMembers();
+$members = $group->getGroupMembersAttributes(["gecos", "mail"]);
 $count = count($members);
-foreach ($members as $key => $member) {
-    if ($member->uid == $group->getOwner()->uid) {
+foreach ($members as $uid => $attributes) {
+    if ($uid == $group->getOwner()->uid) {
         continue;
     }
 
@@ -25,10 +25,11 @@
     } else {
         echo "<tr class='expanded $key'>";
     }
-
-    echo "<td>" . $member->getFullname() . "</td>";
-    echo "<td>" . $member->uid . "</td>";
-    echo "<td><a href='mailto:" . $member->getMail() . "'>" . $member->getMail() . "</a></td>";
-    echo "<td><input type='hidden' name='uid' value='" . $member->uid . "'></td>";
+    $fullname = $attributes["gecos"][0];
+    $mail = $attributes["mail"][0];
+    echo "<td>$fullname</td>";
+    echo "<td>$uid</td>";
+    echo "<td><a href='mailto:$mail'>$mail</a></td>";
+    echo "<td><input type='hidden' name='uid' value='$uid'></td>";
     echo "</tr>";
 }