Mirrors/sysPass
2
0
Fork 0
mirror of https://github.com/nuxsmin/sysPass.git synced 2026-03-03 15:14:08 +01:00
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #1130 from deajan/ad-quick-group-filter

Browse Source 
Ad quick group filter
This commit is contained in:
RubénD
2018-12-16 13:28:05 +01:00
committed by GitHub
parent 90ba034522 1c3989c8fb
commit dce2bb29ba
3 changed files with 18 additions and 20 deletions
Download Patch File Download Diff File Expand all files Collapse all files

13
lib/SP/Providers/Auth/Ldap/LdapActions.php
View File

@@ -159,7 +159,7 @@ final class LdapActions
*
* @return bool|array
*/
protected function getResults($filter, array $attributes = null)
protected function getResults($filter, array $attributes = null, $searchBase = null)
{
$cookie = '';
$results = [];
@@ -167,8 +167,11 @@ final class LdapActions
do {
ldap_control_paged_result($this->ldapHandler, 1000, false, $cookie);
$searchRes = @ldap_search($this->ldapHandler, $this->ldapParams->getSearchBase(), $filter, $attributes);
if (empty($searchBase)) {
$searchBase = $this->ldapParams->getSearchBase();
}
$searchRes = @ldap_search($this->ldapHandler, $searchBase, $filter, $attributes);
if (!$searchRes) {
return false;
}
@@ -249,9 +252,9 @@ final class LdapActions
* @return array
* @throws LdapException
*/
public function getObjects($filter, array $attributes = self::USER_ATTRIBUTES)
public function getObjects($filter, array $attributes = self::USER_ATTRIBUTES, $searchBase = null)
{
$searchResults = $this->getResults($filter, $attributes);
$searchResults = $this->getResults($filter, $attributes, $searchBase);
if ($searchResults === false) {
$this->eventDispatcher->notifyEvent('ldap.search',

13
lib/SP/Providers/Auth/Ldap/LdapMsAds.php
View File

@@ -116,7 +116,7 @@ final class LdapMsAds extends Ldap
return true;
}
return $this->checkUserInGroupByFilter($userLogin);
return $this->checkUserInGroupByFilter($userLogin, $userDn);
}
/**
@@ -125,17 +125,14 @@ final class LdapMsAds extends Ldap
* @return bool
* @throws LdapException
*/
private function checkUserInGroupByFilter(string $userLogin): bool
private function checkUserInGroupByFilter(string $userLogin, string $userDn): bool
{
$groupDn = $this->getGroupDn();
$filter = '(&(|'
. LdapUtil::getAttributesForFilter(self::FILTER_USER_ATTRIBUTES, $userLogin)
. ')(|'
$filter = '(|'
. LdapUtil::getAttributesForFilter(self::FILTER_GROUP_ATTRIBUTES, $groupDn)
. '))';
. ')';
$searchResults = $this->ldapActions->getObjects($filter, ['dn']);
$searchResults = $this->ldapActions->getObjects($filter, ['dn'], $userDn);
if (isset($searchResults['count'])
&& (int)$searchResults['count'] === 0

12
lib/SP/Providers/Auth/Ldap/LdapMsAzureAd.php
View File

@@ -116,7 +116,7 @@ final class LdapMsAzureAd extends Ldap
return true;
}
return $this->checkUserInGroupByFilter($userLogin);
return $this->checkUserInGroupByFilter($userLogin, $userDn);
}
/**
@@ -125,17 +125,15 @@ final class LdapMsAzureAd extends Ldap
* @return bool
* @throws LdapException
*/
private function checkUserInGroupByFilter(string $userLogin): bool
private function checkUserInGroupByFilter(string $userLogin, string $userDn): bool
{
$groupDn = $this->getGroupDn();
$filter = '(&(|'
. LdapUtil::getAttributesForFilter(self::FILTER_USER_ATTRIBUTES, $userLogin)
. ')(|'
$filter = '(|'
. LdapUtil::getAttributesForFilter(self::FILTER_GROUP_ATTRIBUTES, $groupDn)
. '))';
. ')';
$searchResults = $this->ldapActions->getObjects($filter, ['dn']);
$searchResults = $this->ldapActions->getObjects($filter, ['dn'], $userDn);
if (isset($searchResults['count'])
&& (int)$searchResults['count'] === 0