Commit 2a4f18e3 authored by Côme Chilliet's avatar Côme Chilliet
Browse files

🚑 fix(ldap) Fix error handling documentation

issue #1
parent 61263119
Pipeline #8983 failed with stages
in 53 seconds
......@@ -25,19 +25,22 @@ declare(strict_types = 1);
namespace FusionDirectory\Ldap;
/**
* This class parses LDAP ACLs in parts
*/
class Acl
{
/**
* @var int
*/
* @var int
*/
protected $index;
/**
* @var array<string,string>|string
*/
* @var array<string,string>|string
*/
protected $to;
/**
* @var array<int,array>
*/
* @var array<int,array>
*/
protected $by = [];
/*
......@@ -63,6 +66,12 @@ class Acl
<control> ::= [stop | continue | break]
*/
/**
* Acl constructor
*
* @param string $acl The ACL string from LDAP
* @throws \FusionDirectory\Ldap\Exception
*/
public function __construct (string $acl)
{
if (preg_match('/^{(\d+)}/', $acl, $m) !== 1) {
......@@ -71,14 +80,15 @@ class Acl
}
$tokens = preg_split('/\s/', $acl);
if (($tokens === FALSE) || ($tokens[0] != 'to')) {
throw new \Exception('Invalid ACL format: missing "to" keyword');
throw new Exception('Invalid ACL format: missing "to" keyword');
}
$this->parseTo($tokens, 1);
}
/**
* @param array<string> $tokens
*/
* @param array<string> $tokens
* @throws \FusionDirectory\Ldap\Exception
*/
protected function parseTo (array $tokens, int $i): void
{
/*
......@@ -119,8 +129,9 @@ class Acl
}
/**
* @param array<string> $tokens
*/
* @param array<string> $tokens
* @throws \FusionDirectory\Ldap\Exception
*/
protected function parseBy (array $tokens, int $i): void
{
/* [by <who> [<access>] [<control>]]+ */
......
......@@ -38,9 +38,10 @@ use DateTime, DateTimeZone;
class GeneralizedTime
{
/**
* @brief Convert from LDAP GeneralizedTime formatted string to DateTime object
* @param string $string GeneralizedTime formatted string to convert
*/
* @brief Convert from LDAP GeneralizedTime formatted string to DateTime object
* @param string $string GeneralizedTime formatted string to convert
* @throws \FusionDirectory\Ldap\Exception
*/
public static function fromString (string $string): DateTime
{
// century = 2(%x30-39) ; "00" to "99"
......@@ -88,19 +89,23 @@ class GeneralizedTime
if (!isset($m['fraction']) || ($m['fraction'] === '')) {
$m['fraction'] = '0';
}
$date = new DateTime($m['year'].'-'.$m['month'].'-'.$m['day'].'T'.$m['hour'].':'.$m['minute'].':'.$m['second'].'.'.$m['fraction'].$m['timezone']);
$date->setTimezone(new DateTimeZone('UTC'));
return $date;
try {
$date = new DateTime($m['year'].'-'.$m['month'].'-'.$m['day'].'T'.$m['hour'].':'.$m['minute'].':'.$m['second'].'.'.$m['fraction'].$m['timezone']);
$date->setTimezone(new DateTimeZone('UTC'));
return $date;
} catch (\Exception $e) {
throw new Exception("Failed to create DateTime object:".$e->getMessage(), 0, $e);
}
} else {
throw new Exception("$string does not match LDAP GeneralizedTime format");
}
}
/**
* @brief Convert from DateTime object to LDAP GeneralizedTime formatted string
* @param DateTime $date DateTime object to convert
* @param boolean $setToUTC Whether or not to set the date timezone to UTC. Defaults to TRUE.
*/
* @brief Convert from DateTime object to LDAP GeneralizedTime formatted string
* @param DateTime $date DateTime object to convert
* @param boolean $setToUTC Whether or not to set the date timezone to UTC. Defaults to TRUE.
*/
public static function toString (DateTime $date, bool $setToUTC = TRUE): string
{
if ($setToUTC) {
......
......@@ -58,6 +58,8 @@ class Link
/**
* Actually open the connection and bind to the LDAP server.
* Uses EXTERNAL for the bind.
*
* @throws \FusionDirectory\Ldap\Exception
*/
public function bind (): void
{
......@@ -87,6 +89,8 @@ class Link
* @param array<string> $attrs Which attributes to fetch
* @param string $scope One of 'base','one' or 'subtree'
* @param array<array> $controls Controls to pass along with the search
*
* @throws \FusionDirectory\Ldap\Exception
*/
public function search (string $basedn, string $filter, array $attrs = [], string $scope = 'subtree', array $controls = NULL): Result
{
......@@ -112,6 +116,8 @@ class Link
* @param string $dn The LDAP node to modify
* @param array<string,string|array<string>> $attrs The attributes values to add
* @param array<array> $controls Controls to send along with the request
*
* @throws \FusionDirectory\Ldap\Exception
*/
public function mod_add (string $dn, array $attrs, array $controls = []): Result
{
......@@ -129,6 +135,8 @@ class Link
* @param string $dn The LDAP node to modify
* @param array<string,string|array<string>> $attrs The attributes values to replace
* @param array<array> $controls Controls to send along with the request
*
* @throws \FusionDirectory\Ldap\Exception
*/
public function mod_replace (string $dn, array $attrs, array $controls = []): Result
{
......@@ -146,6 +154,8 @@ class Link
* @param string $dn The LDAP node to modify
* @param array<string,string|array<string>> $attrs The attributes values to delete
* @param array<array> $controls Controls to send along with the request
*
* @throws \FusionDirectory\Ldap\Exception
*/
public function mod_del (string $dn, array $attrs, array $controls = []): Result
{
......@@ -162,6 +172,8 @@ class Link
*
* @param string $dn The LDAP node to delete
* @param array<array> $controls Controls to send along with the request
*
* @throws \FusionDirectory\Ldap\Exception
*/
public function delete (string $dn, array $controls = []): Result
{
......@@ -175,6 +187,8 @@ class Link
/**
* @return array<string,array<string,string|true|array<string>>>
*
* @throws \FusionDirectory\Ldap\Exception
*/
public function getObjectClasses (): array
{
......@@ -272,7 +286,7 @@ class Link
if (preg_match('/\$/', $value) === 1) {
$container = preg_split('/\s*\$\s*/', $value);
if ($container === FALSE) {
throw new Exception('Failed to split value');
$container = $value;
}
} else {
$container = $value;
......
......@@ -64,9 +64,11 @@ class Result implements \Iterator,\Countable
protected $cur;
/**
* @param resource $link
* @param resource $result
*/
* @param resource $link
* @param resource $result
*
* @throws \FusionDirectory\Ldap\Exception
*/
public function __construct ($link, $result)
{
$this->link = $link;
......@@ -77,6 +79,11 @@ class Result implements \Iterator,\Countable
}
}
/**
* Assert that the result represents a successful LDAP operation, or throw an exception with the error message
*
* @throws \FusionDirectory\Ldap\Exception
*/
public function assert (): void
{
if ($this->errcode != 0) {
......@@ -97,6 +104,8 @@ class Result implements \Iterator,\Countable
{
assert(is_resource($this->cur));
$att = [];
/* @phpstan-ignore-next-line
* phpstan has an outdated signature for php-ldap functions */
for ($a = ldap_first_attribute($this->link, $this->cur); $a !== FALSE; $a = ldap_next_attribute($this->link, $this->cur)) {
$att[$a] = ldap_get_values($this->link, $this->cur, $a);
unset($att[$a]['count']);
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment