From 234cb70b978345f12ab8f2f66d5713bfed3d8bd5 Mon Sep 17 00:00:00 2001
From: Valentin Tolmer <valentin@tolmer.fr>
Date: Wed, 26 Oct 2022 09:22:34 +0200
Subject: [PATCH] server: fix handling of present filters

If the filter name was not in the list of attributes to return, it
wouldn't be counted as a valid attribute, meaning that the aliases of
attributes were not recognized.

Fixes #351
---
 server/src/domain/ldap/group.rs  |  2 +-
 server/src/domain/ldap/user.rs   |  2 +-
 server/src/infra/ldap_handler.rs | 18 ++++++++++++++++++
 3 files changed, 20 insertions(+), 2 deletions(-)

diff --git a/server/src/domain/ldap/group.rs b/server/src/domain/ldap/group.rs
index e41bd7f..922ffca 100644
--- a/server/src/domain/ldap/group.rs
+++ b/server/src/domain/ldap/group.rs
@@ -163,7 +163,7 @@ fn convert_group_filter(
             if field == "objectclass"
                 || field == "dn"
                 || field == "distinguishedname"
-                || ALL_GROUP_ATTRIBUTE_KEYS.contains(&field.as_str())
+                || map_group_field(field).is_some()
             {
                 Ok(GroupRequestFilter::And(vec![]))
             } else {
diff --git a/server/src/domain/ldap/user.rs b/server/src/domain/ldap/user.rs
index 5419600..060d83b 100644
--- a/server/src/domain/ldap/user.rs
+++ b/server/src/domain/ldap/user.rs
@@ -167,7 +167,7 @@ fn convert_user_filter(ldap_info: &LdapInfo, filter: &LdapFilter) -> LdapResult<
             if field == "objectclass"
                 || field == "dn"
                 || field == "distinguishedname"
-                || ALL_USER_ATTRIBUTE_KEYS.contains(&field.as_str())
+                || map_user_field(field).is_some()
             {
                 Ok(UserRequestFilter::And(vec![]))
             } else {
diff --git a/server/src/infra/ldap_handler.rs b/server/src/infra/ldap_handler.rs
index bddfcfd..382e5f1 100644
--- a/server/src/infra/ldap_handler.rs
+++ b/server/src/infra/ldap_handler.rs
@@ -2073,4 +2073,22 @@ mod tests {
             Err(LdapError{ code: LdapResultCode::InvalidDNSyntax, message: r#"Unexpected DN format. Got "uid=bob,ou=groups,dc=example,dc=com", expected: "uid=id,ou=people,dc=example,dc=com""#.to_string() })
         );
     }
+
+    #[tokio::test]
+    async fn test_search_filter_non_attribute() {
+        let mut mock = MockTestBackendHandler::new();
+        mock.expect_list_users()
+            .with(eq(Some(UserRequestFilter::And(vec![]))), eq(false))
+            .times(1)
+            .return_once(|_, _| Ok(vec![]));
+        let mut ldap_handler = setup_bound_admin_handler(mock).await;
+        let request = make_user_search_request(
+            LdapFilter::Present("displayname".to_owned()),
+            vec!["objectClass"],
+        );
+        assert_eq!(
+            ldap_handler.do_search_or_dse(&request).await,
+            Ok(vec![make_search_success()])
+        );
+    }
 }