mirror/lldap
1
0
Fork 0
mirror of https://github.com/nitnelave/lldap.git synced 2023-04-12 14:25:13 +00:00
Code Issues Projects Releases Wiki Activity

ldap: remove copies from the wildcard expansion

Browse Source
This commit is contained in:
Valentin Tolmer 2022-07-01 12:26:36 +02:00 committed by nitnelave
parent c72c1fdf2c
commit c5017bbd42
1 changed files with 21 additions and 12 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

33
server/src/infra/ldap_handler.rs
View File

@ -205,21 +205,27 @@ fn get_user_attribute(
} }
#[instrument(skip_all, level = "debug")] #[instrument(skip_all, level = "debug")]
fn expand_attribute_wildcards( fn expand_attribute_wildcards<'a>(
ldap_attributes: &[String], ldap_attributes: &'a [String],
all_attribute_keys: &[&str], all_attribute_keys: &'a [&'static str],
) -> Vec<String> { ) -> Vec<&'a str> {
let mut attributes_out = ldap_attributes.to_owned(); let mut attributes_out = ldap_attributes
.iter()
.map(String::as_str)
.collect::<Vec<_>>();
if attributes_out.iter().any(|x| x == "*") || attributes_out.is_empty() { if attributes_out.iter().any(|&x| x == "*") || attributes_out.is_empty() {
// Remove occurrences of '*' // Remove occurrences of '*'
attributes_out.retain(|x| x != "*"); attributes_out.retain(|&x| x != "*");
// Splice in all non-operational attributes // Splice in all non-operational attributes
attributes_out.extend(all_attribute_keys.iter().map(|s| s.to_string())); attributes_out.extend(all_attribute_keys.iter());
} }
// Deduplicate, preserving order // Deduplicate, preserving order
let resolved_attributes = attributes_out.into_iter().unique().collect_vec(); let resolved_attributes = attributes_out
.into_iter()
.unique_by(|a| a.to_ascii_lowercase())
.collect_vec();
debug!(?ldap_attributes, ?resolved_attributes); debug!(?ldap_attributes, ?resolved_attributes);
resolved_attributes resolved_attributes
} }
@ -238,7 +244,7 @@ const ALL_USER_ATTRIBUTE_KEYS: &[&str] = &[
fn make_ldap_search_user_result_entry( fn make_ldap_search_user_result_entry(
user: User, user: User,
base_dn_str: &str, base_dn_str: &str,
attributes: &[String], attributes: &[&str],
groups: Option<&[GroupDetails]>, groups: Option<&[GroupDetails]>,
ignored_user_attributes: &[String], ignored_user_attributes: &[String],
) -> Result<LdapSearchResultEntry> { ) -> Result<LdapSearchResultEntry> {
@ -2174,8 +2180,11 @@ mod tests {
expected_result expected_result
); );
let request2 = let request2 = make_search_request(
make_search_request("dc=example,dc=com", LdapFilter::And(vec![]), vec!["*", "*"]); "dc=example,dc=com",
LdapFilter::And(vec![]),
vec!["objectclass", "obJEctclaSS", "dn", "*", "*"],
);
assert_eq!( assert_eq!(
ldap_handler.do_search_or_dse(&request2).await, ldap_handler.do_search_or_dse(&request2).await,