From b7957f598bf5987bc733c392417679976ecabf3d Mon Sep 17 00:00:00 2001 From: Matthew Strasiotto <39424834+matthewstrasiotto@users.noreply.github.com> Date: Thu, 12 May 2022 20:46:46 +1000 Subject: [PATCH] ldap wildcard handler, error if '*' attribute makes it to get_x_attribute --- server/src/infra/ldap_handler.rs | 10 ++++------ 1 file changed, 4 insertions(+), 6 deletions(-) diff --git a/server/src/infra/ldap_handler.rs b/server/src/infra/ldap_handler.rs index 2433d4c..bbf2e81 100644 --- a/server/src/infra/ldap_handler.rs +++ b/server/src/infra/ldap_handler.rs @@ -120,11 +120,10 @@ fn get_user_attribute(user: &User, attribute: &str, dn: &str) -> Result return Ok(None), "*" => { - warn!( + bail!( "Matched {}, * should have been expanded into attribute list and * removed", attribute - ); - return Ok(None); + ) } _ => { warn!("Ignoring unrecognized group attribute: {}", attribute); @@ -209,11 +208,10 @@ fn get_group_attribute( // We ignore the operational attribute wildcard "+" => return Ok(None), "*" => { - warn!( + bail!( "Matched {}, * should have been expanded into attribute list and * removed", attribute - ); - return Ok(None); + ) } _ => { warn!("Ignoring unrecognized group attribute: {}", attribute);