mirror/lldap
1
0
Fork 0
mirror of https://github.com/nitnelave/lldap.git synced 2023-04-12 14:25:13 +00:00
Code Issues Projects Releases Wiki Activity

server: fix handling of present filters

Browse Source 
If the filter name was not in the list of attributes to return, it
wouldn't be counted as a valid attribute, meaning that the aliases of
attributes were not recognized.

Fixes #351
This commit is contained in:
Valentin Tolmer 2022-10-26 09:22:34 +02:00
parent 201e3a93eb
commit f0c7313bcb
3 changed files with 20 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
server/src/domain/ldap/group.rs
View File

@ -163,7 +163,7 @@ fn convert_group_filter(
if field == "objectclass" if field == "objectclass"
|| field == "dn" || field == "dn"
|| field == "distinguishedname" || field == "distinguishedname"
|| ALL_GROUP_ATTRIBUTE_KEYS.contains(&field.as_str()) || map_group_field(field).is_some()
{ {
Ok(GroupRequestFilter::And(vec![])) Ok(GroupRequestFilter::And(vec![]))
} else { } else {

2
server/src/domain/ldap/user.rs
View File

@ -167,7 +167,7 @@ fn convert_user_filter(ldap_info: &LdapInfo, filter: &LdapFilter) -> LdapResult<
if field == "objectclass" if field == "objectclass"
|| field == "dn" || field == "dn"
|| field == "distinguishedname" || field == "distinguishedname"
|| ALL_USER_ATTRIBUTE_KEYS.contains(&field.as_str()) || map_user_field(field).is_some()
{ {
Ok(UserRequestFilter::And(vec![])) Ok(UserRequestFilter::And(vec![]))
} else { } else {

18
server/src/infra/ldap_handler.rs
View File

@ -2073,4 +2073,22 @@ mod tests {
Err(LdapError{ code: LdapResultCode::InvalidDNSyntax, message: r#"Unexpected DN format. Got "uid=bob,ou=groups,dc=example,dc=com", expected: "uid=id,ou=people,dc=example,dc=com""#.to_string() }) Err(LdapError{ code: LdapResultCode::InvalidDNSyntax, message: r#"Unexpected DN format. Got "uid=bob,ou=groups,dc=example,dc=com", expected: "uid=id,ou=people,dc=example,dc=com""#.to_string() })
); );
} }
#[tokio::test]
async fn test_search_filter_non_attribute() {
let mut mock = MockTestBackendHandler::new();
mock.expect_list_users()
.with(eq(Some(UserRequestFilter::And(vec![]))), eq(false))
.times(1)
.return_once(|_, _| Ok(vec![]));
let mut ldap_handler = setup_bound_admin_handler(mock).await;
let request = make_user_search_request(
LdapFilter::Present("displayname".to_owned()),
vec!["objectClass"],
);
assert_eq!(
ldap_handler.do_search_or_dse(&request).await,
Ok(vec![make_search_success()])
);
}
} }