server: Make objectClass matching case-insensitive

Fixes https://github.com/nitnelave/lldap/issues/189
This commit is contained in:
Valentin Tolmer 2022-07-08 11:41:35 +02:00 committed by nitnelave
parent 1a37e1ee04
commit fab884711f

View File

@ -876,19 +876,18 @@ impl<Backend: BackendHandler + LoginHandler + OpaqueHandler> LdapHandler<Backend
)?; )?;
Ok(GroupRequestFilter::Member(user_name)) Ok(GroupRequestFilter::Member(user_name))
} }
"objectclass" => { "objectclass" => match value.as_str() {
if value == "groupofuniquenames" || value == "groupofnames" { "groupofuniquenames" | "groupofnames" => {
Ok(GroupRequestFilter::And(vec![])) Ok(GroupRequestFilter::And(vec![]))
} else {
Ok(GroupRequestFilter::Not(Box::new(GroupRequestFilter::And(
vec![],
))))
} }
} _ => Ok(GroupRequestFilter::Not(Box::new(GroupRequestFilter::And(
vec![],
)))),
},
_ => { _ => {
match map_field(field) { match map_field(field) {
Ok("display_name") | Ok("user_id") => { Ok("display_name") | Ok("user_id") => {
return Ok(GroupRequestFilter::DisplayName(value.clone())); return Ok(GroupRequestFilter::DisplayName(value.to_string()));
} }
Ok("uuid") => { Ok("uuid") => {
return Ok(GroupRequestFilter::Uuid(Uuid::try_from( return Ok(GroupRequestFilter::Uuid(Uuid::try_from(
@ -966,19 +965,14 @@ impl<Backend: BackendHandler + LoginHandler + OpaqueHandler> LdapHandler<Backend
)?; )?;
Ok(UserRequestFilter::MemberOf(group_name)) Ok(UserRequestFilter::MemberOf(group_name))
} }
"objectclass" => { "objectclass" => match value.to_ascii_lowercase().as_str() {
if value == "person" "person" | "inetorgperson" | "posixaccount" | "mailaccount" => {
|| value == "inetOrgPerson"
|| value == "posixAccount"
|| value == "mailAccount"
{
Ok(UserRequestFilter::And(vec![])) Ok(UserRequestFilter::And(vec![]))
} else {
Ok(UserRequestFilter::Not(Box::new(UserRequestFilter::And(
vec![],
))))
} }
} _ => Ok(UserRequestFilter::Not(Box::new(UserRequestFilter::And(
vec![],
)))),
},
_ => match map_field(field) { _ => match map_field(field) {
Ok(field) => { Ok(field) => {
if field == "user_id" { if field == "user_id" {
@ -1699,7 +1693,7 @@ mod tests {
"uniqueMember".to_string(), "uniqueMember".to_string(),
"uid=bob,ou=peopLe,Dc=eXample,dc=com".to_string(), "uid=bob,ou=peopLe,Dc=eXample,dc=com".to_string(),
), ),
LdapFilter::Equality("obJEctclass".to_string(), "groupOfUniqueNames".to_string()), LdapFilter::Equality("obJEctclass".to_string(), "groupofUniqueNames".to_string()),
LdapFilter::Equality("objectclass".to_string(), "groupOfNames".to_string()), LdapFilter::Equality("objectclass".to_string(), "groupOfNames".to_string()),
LdapFilter::Present("objectclass".to_string()), LdapFilter::Present("objectclass".to_string()),
LdapFilter::Present("dn".to_string()), LdapFilter::Present("dn".to_string()),
@ -1876,7 +1870,7 @@ mod tests {
"uid".to_string(), "uid".to_string(),
"bob".to_string(), "bob".to_string(),
))), ))),
LdapFilter::Equality("objectclass".to_string(), "person".to_string()), LdapFilter::Equality("objectclass".to_string(), "persOn".to_string()),
LdapFilter::Equality("objectclass".to_string(), "other".to_string()), LdapFilter::Equality("objectclass".to_string(), "other".to_string()),
LdapFilter::Present("objectClass".to_string()), LdapFilter::Present("objectClass".to_string()),
LdapFilter::Present("uid".to_string()), LdapFilter::Present("uid".to_string()),