tyler.durden/icingaweb2
1
0
Fork 0
mirror of https://github.com/Icinga/icingaweb2.git synced 2025-07-31 01:34:09 +02:00
Code Issues Packages Projects Releases Wiki Activity

Merge branch 'bugfix/ldap-group-to-roles-assignment-not-working-9950'

Browse Source 
fixes #9950
This commit is contained in:
Matthias Jentsch 2015-09-22 14:25:35 +02:00
commit 30fa554ad9
1 changed files with 21 additions and 12 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

33
library/Icinga/Authentication/UserGroup/LdapUserGroupBackend.php
View File

@ -12,6 +12,7 @@ use Icinga\Protocol\Ldap\Expression;
use Icinga\Repository\LdapRepository; use Icinga\Repository\LdapRepository;
use Icinga\Repository\RepositoryQuery; use Icinga\Repository\RepositoryQuery;
use Icinga\User; use Icinga\User;
use Icinga\Application\Logger;
class LdapUserGroupBackend /*extends LdapRepository*/ implements UserGroupBackendInterface class LdapUserGroupBackend /*extends LdapRepository*/ implements UserGroupBackendInterface
{ {
@ -532,19 +533,25 @@ class LdapUserGroupBackend /*extends LdapRepository*/ implements UserGroupBacken
*/ */
public function getMemberships(User $user) public function getMemberships(User $user)
{ {
if (($userDn = $user->getAdditional('ldap_dn')) === null) { if ($this->groupClass === 'posixGroup') {
$userQuery = $this->ds # Posix group only uses simple user name
->select() $userDn = $user->getUsername();
->from($this->userClass) } else {
->where($this->userNameAttribute, $user->getUsername()) # LDAP groups use the complete DN
->setBase($this->userBaseDn) if (($userDn = $user->getAdditional('ldap_dn')) === null) {
->setUsePagedResults(false); $userQuery = $this->ds
if ($this->userFilter) { ->select()
$userQuery->where(new Expression($this->userFilter)); ->from($this->userClass)
} ->where($this->userNameAttribute, $user->getUsername())
->setBase($this->userBaseDn)
->setUsePagedResults(false);
if ($this->userFilter) {
$userQuery->where(new Expression($this->userFilter));
}
if (($userDn = $userQuery->fetchDn()) === null) { if (($userDn = $userQuery->fetchDn()) === null) {
return array(); return array();
}
} }
} }
@ -557,10 +564,12 @@ class LdapUserGroupBackend /*extends LdapRepository*/ implements UserGroupBacken
$groupQuery->where(new Expression($this->groupFilter)); $groupQuery->where(new Expression($this->groupFilter));
} }
Logger::debug('Fetching groups for user %s using filter %s.', $user->getUsername(), $groupQuery->__toString());
$groups = array(); $groups = array();
foreach ($groupQuery as $row) { foreach ($groupQuery as $row) {
$groups[] = $row->{$this->groupNameAttribute}; $groups[] = $row->{$this->groupNameAttribute};
} }
Logger::debug('Fetched %d groups: %s.', count($groups), join(', ', $groups));
return $groups; return $groups;
} }