0035070: Unable to retrieve values of arbitrary fields from LDAP.

ID	Project	Category	View Status	Date Submitted	Last Update
0035070	mantisbt	plug-ins	public	2024-12-03 11:13	2025-01-03 17:14

Reporter	raspopov	Assigned To	dregad
Priority	normal	Severity	minor	Reproducibility	always
Status	resolved	Resolution	fixed
Product Version	2.27.0
Target Version	2.28.0	Fixed in Version	2.28.0

Summary	0035070: Unable to retrieve values of arbitrary fields from LDAP.
Description	The ldap_get_field_from_username() function can no longer return field values other than $g_ldap_email_field and $g_ldap_realname_field, due to the use of only cached data in the ldap_cache_user_data() function. This prevents any code and plugins that use ldap_get_field_from_username() from working. For example MantisLdapAvatar.
Additional Information	About commit MantisBT master 353cbd70 Note: ldap_search() fails if keys are missing in the attributes list, so we need to call array_values() after array_unique(). I was surprised by this. Not knowing whether this is a bug or intended behavior with unclear documentation, I opened https://github.com/php/php-src/issues/17280 just in case.
Tags	No tags attached.

raspopov 2024-12-03 11:15 reporter ~0069525 Last edited: 2024-12-03 11:21	It is in the core/ldap_api.php. PR: 2053.

dregad 2024-12-03 12:50 developer ~0069529	When you say "can no longer", what is your reference point ? Just checking, because the caching was introduced over 4 years ago in 2.23.1 (see 0026600, 0026622) so it's nothing new.

raspopov 2024-12-03 13:36 reporter ~0069530	Yeah, it's pretty strange that no one has complained about LDAP connection loss... I'd like to update the MantisLdapAvatar plugin (last update was 7 years ago) and this PR will allow to extend the LDAP functionality in a MantisBT event-orient way.

dregad 2024-12-27 20:18 developer ~0069619	The problem with ldap_search() failing when $attributes has holes (https://github.com/php/php-src/issues/17280), was qualified as a bug and fixed in 8.4 + backport to 8.3.

MantisBT: master 5771b7b4 2024-12-05 10:50 raspopov Committer: dregad Details Diff	New EVENT_LDAP_CACHE_ATTRS event Allows plugins to extend the LDAP attribute cache. Fixes 0035070 Signed-off-by: Damien Regad <dregad@mantisbt.org> Renamed foreach loop variables, squashed commits.	Affected Issues 0035070
	mod - core/events_inc.php	Diff File
	mod - core/ldap_api.php	Diff File
	mod - docbook/Developers_Guide/en-US/Events_Reference.xml	Diff File
MantisBT: master e3c900fe 2024-12-27 04:30 dregad Details Diff	Add log_event() call for extra attributes Issue 0035070	Affected Issues 0035070
	mod - core/ldap_api.php	Diff File
MantisBT: master 353cbd70 2024-12-27 04:36 dregad Details Diff	Ensure requested extra LDAP attributes are unique Even if multiple plugins require the same attribute, it should only be retrieved once. Note: ldap_search() fails if keys are missing in the attributes list, so we need to call array_values() after array_unique(). Issue 0035070	Affected Issues 0035070
	mod - core/ldap_api.php	Diff File

related to	0026600	closed	dregad	Performance loss after update from 2.20.0 to 2.23.0
related to	0026622	closed	dregad	LDAP API does not cache realname information
related to	0023392	new		Mantis LDAP Avatar plugin
has duplicate	0026879	closed	dregad	Add plugin EVENT in ldap_cache_user_data
has duplicate	0026809	closed	dregad	Personalize LDAP fields cached