providers/ldap: fix: dn and member fields for virtual groups (#1143)

* providers/ldap: fix: dn and member fields for virtual groups

* Refactor GetGroupDN to use string name instead to allow more flexibility
This commit is contained in:
Lukas Söder 2021-07-14 16:54:55 +02:00 committed by GitHub
parent efa09d5e1d
commit 061c549a40
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23

View file

@ -67,7 +67,7 @@ func AKAttrsToLDAP(attrs interface{}) []*ldap.EntryAttribute {
func (pi *ProviderInstance) GroupsForUser(user api.User) []string { func (pi *ProviderInstance) GroupsForUser(user api.User) []string {
groups := make([]string, len(user.Groups)) groups := make([]string, len(user.Groups))
for i, group := range user.Groups { for i, group := range user.Groups {
groups[i] = pi.GetGroupDN(group) groups[i] = pi.GetGroupDN(group.Name)
} }
return groups return groups
} }
@ -82,7 +82,7 @@ func (pi *ProviderInstance) UsersForGroup(group api.Group) []string {
func (pi *ProviderInstance) APIGroupToLDAPGroup(g api.Group) LDAPGroup { func (pi *ProviderInstance) APIGroupToLDAPGroup(g api.Group) LDAPGroup {
return LDAPGroup{ return LDAPGroup{
dn: pi.GetGroupDN(g), dn: pi.GetGroupDN(g.Name),
cn: g.Name, cn: g.Name,
uid: string(g.Pk), uid: string(g.Pk),
gidNumber: pi.GetGidNumber(g), gidNumber: pi.GetGidNumber(g),
@ -94,14 +94,12 @@ func (pi *ProviderInstance) APIGroupToLDAPGroup(g api.Group) LDAPGroup {
} }
func (pi *ProviderInstance) APIUserToLDAPGroup(u api.User) LDAPGroup { func (pi *ProviderInstance) APIUserToLDAPGroup(u api.User) LDAPGroup {
dn := fmt.Sprintf("cn=%s,%s", u.Username, pi.UserDN)
return LDAPGroup{ return LDAPGroup{
dn: dn, dn: pi.GetGroupDN(u.Username),
cn: u.Username, cn: u.Username,
uid: u.Uid, uid: u.Uid,
gidNumber: pi.GetUidNumber(u), gidNumber: pi.GetUidNumber(u),
member: []string{dn}, member: []string{pi.GetUserDN(u.Username)},
isVirtualGroup: true, isVirtualGroup: true,
isSuperuser: false, isSuperuser: false,
akAttributes: nil, akAttributes: nil,
@ -112,8 +110,8 @@ func (pi *ProviderInstance) GetUserDN(user string) string {
return fmt.Sprintf("cn=%s,%s", user, pi.UserDN) return fmt.Sprintf("cn=%s,%s", user, pi.UserDN)
} }
func (pi *ProviderInstance) GetGroupDN(group api.Group) string { func (pi *ProviderInstance) GetGroupDN(group string) string {
return fmt.Sprintf("cn=%s,%s", group.Name, pi.GroupDN) return fmt.Sprintf("cn=%s,%s", group, pi.GroupDN)
} }
func (pi *ProviderInstance) GetUidNumber(user api.User) string { func (pi *ProviderInstance) GetUidNumber(user api.User) string {