From 061c549a406c593582d6cd76acfcd2310cd6e936 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Lukas=20S=C3=B6der?= Date: Wed, 14 Jul 2021 16:54:55 +0200 Subject: [PATCH] providers/ldap: fix: dn and member fields for virtual groups (#1143) * providers/ldap: fix: dn and member fields for virtual groups * Refactor GetGroupDN to use string name instead to allow more flexibility --- outpost/pkg/ldap/utils.go | 14 ++++++-------- 1 file changed, 6 insertions(+), 8 deletions(-) diff --git a/outpost/pkg/ldap/utils.go b/outpost/pkg/ldap/utils.go index d5271ef7b..d6f4ef403 100644 --- a/outpost/pkg/ldap/utils.go +++ b/outpost/pkg/ldap/utils.go @@ -67,7 +67,7 @@ func AKAttrsToLDAP(attrs interface{}) []*ldap.EntryAttribute { func (pi *ProviderInstance) GroupsForUser(user api.User) []string { groups := make([]string, len(user.Groups)) for i, group := range user.Groups { - groups[i] = pi.GetGroupDN(group) + groups[i] = pi.GetGroupDN(group.Name) } return groups } @@ -82,7 +82,7 @@ func (pi *ProviderInstance) UsersForGroup(group api.Group) []string { func (pi *ProviderInstance) APIGroupToLDAPGroup(g api.Group) LDAPGroup { return LDAPGroup{ - dn: pi.GetGroupDN(g), + dn: pi.GetGroupDN(g.Name), cn: g.Name, uid: string(g.Pk), gidNumber: pi.GetGidNumber(g), @@ -94,14 +94,12 @@ func (pi *ProviderInstance) APIGroupToLDAPGroup(g api.Group) LDAPGroup { } func (pi *ProviderInstance) APIUserToLDAPGroup(u api.User) LDAPGroup { - dn := fmt.Sprintf("cn=%s,%s", u.Username, pi.UserDN) - return LDAPGroup{ - dn: dn, + dn: pi.GetGroupDN(u.Username), cn: u.Username, uid: u.Uid, gidNumber: pi.GetUidNumber(u), - member: []string{dn}, + member: []string{pi.GetUserDN(u.Username)}, isVirtualGroup: true, isSuperuser: false, akAttributes: nil, @@ -112,8 +110,8 @@ func (pi *ProviderInstance) GetUserDN(user string) string { return fmt.Sprintf("cn=%s,%s", user, pi.UserDN) } -func (pi *ProviderInstance) GetGroupDN(group api.Group) string { - return fmt.Sprintf("cn=%s,%s", group.Name, pi.GroupDN) +func (pi *ProviderInstance) GetGroupDN(group string) string { + return fmt.Sprintf("cn=%s,%s", group, pi.GroupDN) } func (pi *ProviderInstance) GetUidNumber(user api.User) string {