lunax/snipe_it
1
0
Fork 0
Code Issues Pull requests Projects Releases Wiki Activity Actions

Caches manager lookups in LDAP for performance boost

Browse source
This commit is contained in:
Brady Wetherington 2022-10-20 16:52:40 -07:00
parent edf191b724
commit bc78d341a0
1 changed files with 37 additions and 27 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

14
app/Console/Commands/LdapSync.php
View file

@ -175,6 +175,8 @@ class LdapSync extends Command
$tmp_pass = substr(str_shuffle('0123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ'), 0, 20); $tmp_pass = substr(str_shuffle('0123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ'), 0, 20);
$pass = bcrypt($tmp_pass); $pass = bcrypt($tmp_pass);
$manager_cache = [];
for ($i = 0; $i < $results['count']; $i++) { for ($i = 0; $i < $results['count']; $i++) {
$item = []; $item = [];
$item['username'] = isset($results[$i][$ldap_result_username][0]) ? $results[$i][$ldap_result_username][0] : ''; $item['username'] = isset($results[$i][$ldap_result_username][0]) ? $results[$i][$ldap_result_username][0] : '';
@ -217,11 +219,16 @@ class LdapSync extends Command
$user->department_id = $department->id; $user->department_id = $department->id;
if($item['manager'] != null) { if($item['manager'] != null) {
// Check Cache first
if (isset($manager_cache[$item['manager']])) {
// found in cache; use that and avoid extra lookups
$user->manager_id = $manager_cache[$item['manager']];
} else {
// Get the LDAP Manager // Get the LDAP Manager
try { try {
$ldap_manager = Ldap::findLdapUsers($item['manager'], -1, $this->option('filter')); $ldap_manager = Ldap::findLdapUsers($item['manager'], -1, $this->option('filter'));
} catch (\Exception $e) { } catch (\Exception $e) {
\Log::warn("Manager lookup caused an exception: ".$e->getMessage().". Falling back to direct username lookup"); \Log::warn("Manager lookup caused an exception: " . $e->getMessage() . ". Falling back to direct username lookup");
// Hail-mary for Okta manager 'shortnames' - will only work if // Hail-mary for Okta manager 'shortnames' - will only work if
// Okta configuration is using full email-address-style usernames // Okta configuration is using full email-address-style usernames
$ldap_manager = [ $ldap_manager = [
@ -241,11 +248,14 @@ class LdapSync extends Command
// Get User from Manager username. // Get User from Manager username.
$ldap_manager = User::where('username', $ldapManagerUsername)->first(); $ldap_manager = User::where('username', $ldapManagerUsername)->first();
if ( $ldap_manager && isset($ldap_manager->id) ) { if ($ldap_manager && isset($ldap_manager->id)) {
// Link user to manager id. // Link user to manager id.
$user->manager_id = $ldap_manager->id; $user->manager_id = $ldap_manager->id;
} }
} }
$manager_cache[$item['manager']] = $ldap_manager && isset($ldap_manager->id) ? $ldap_manager->id : null; // Store results in cache, even if 'failed'
}
} }
// Sync activated state for Active Directory. // Sync activated state for Active Directory.