providers/ldap: fix: dn and member fields for virtual groups (#1143)

* providers/ldap: fix: dn and member fields for virtual groups

* Refactor GetGroupDN to use string name instead to allow more flexibility
This commit is contained in:
Lukas Söder 2021-07-14 16:54:55 +02:00 committed by GitHub
parent efa09d5e1d
commit 061c549a40
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23

View file

@ -67,7 +67,7 @@ func AKAttrsToLDAP(attrs interface{}) []*ldap.EntryAttribute {
func (pi *ProviderInstance) GroupsForUser(user api.User) []string {
groups := make([]string, len(user.Groups))
for i, group := range user.Groups {
groups[i] = pi.GetGroupDN(group)
groups[i] = pi.GetGroupDN(group.Name)
}
return groups
}
@ -82,7 +82,7 @@ func (pi *ProviderInstance) UsersForGroup(group api.Group) []string {
func (pi *ProviderInstance) APIGroupToLDAPGroup(g api.Group) LDAPGroup {
return LDAPGroup{
dn: pi.GetGroupDN(g),
dn: pi.GetGroupDN(g.Name),
cn: g.Name,
uid: string(g.Pk),
gidNumber: pi.GetGidNumber(g),
@ -94,14 +94,12 @@ func (pi *ProviderInstance) APIGroupToLDAPGroup(g api.Group) LDAPGroup {
}
func (pi *ProviderInstance) APIUserToLDAPGroup(u api.User) LDAPGroup {
dn := fmt.Sprintf("cn=%s,%s", u.Username, pi.UserDN)
return LDAPGroup{
dn: dn,
dn: pi.GetGroupDN(u.Username),
cn: u.Username,
uid: u.Uid,
gidNumber: pi.GetUidNumber(u),
member: []string{dn},
member: []string{pi.GetUserDN(u.Username)},
isVirtualGroup: true,
isSuperuser: false,
akAttributes: nil,
@ -112,8 +110,8 @@ func (pi *ProviderInstance) GetUserDN(user string) string {
return fmt.Sprintf("cn=%s,%s", user, pi.UserDN)
}
func (pi *ProviderInstance) GetGroupDN(group api.Group) string {
return fmt.Sprintf("cn=%s,%s", group.Name, pi.GroupDN)
func (pi *ProviderInstance) GetGroupDN(group string) string {
return fmt.Sprintf("cn=%s,%s", group, pi.GroupDN)
}
func (pi *ProviderInstance) GetUidNumber(user api.User) string {