tyler.durden
/
icingaweb2
mirror of https://github.com/Icinga/icingaweb2.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Do not crash when ldap_dn is defined in additional variables 

refs #9950
This commit is contained in:
Matthias Jentsch 2015-09-22 14:08:15 +02:00
parent 46f2f71c57
commit 42fb1a174b
1 changed files with 17 additions and 17 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

14
library/Icinga/Authentication/UserGroup/LdapUserGroupBackend.php
View File

@ -533,6 +533,11 @@ class LdapUserGroupBackend /*extends LdapRepository*/ implements UserGroupBacken
*/ */
public function getMemberships(User $user) public function getMemberships(User $user)
{ {
if ($this->groupClass === 'posixGroup') {
# Posix group only uses simple user name
$userDn = $user->getUsername();
} else {
# LDAP groups use the complete DN
if (($userDn = $user->getAdditional('ldap_dn')) === null) { if (($userDn = $user->getAdditional('ldap_dn')) === null) {
$userQuery = $this->ds $userQuery = $this->ds
->select() ->select()
@ -544,12 +549,7 @@ class LdapUserGroupBackend /*extends LdapRepository*/ implements UserGroupBacken
$userQuery->where(new Expression($this->userFilter)); $userQuery->where(new Expression($this->userFilter));
} }
if ($this->groupClass === 'posixGroup') { if (($userDn = $userQuery->fetchDn()) === null) {
# Posix group only uses simple user name
$queryUsername = $user->getUsername();
} else {
# LDAP groups use the complete DN
if (($queryUsername = $userQuery->fetchDn()) === null) {
return array(); return array();
} }
} }
@ -558,7 +558,7 @@ class LdapUserGroupBackend /*extends LdapRepository*/ implements UserGroupBacken
$groupQuery = $this->ds $groupQuery = $this->ds
->select() ->select()
->from($this->groupClass, array($this->groupNameAttribute)) ->from($this->groupClass, array($this->groupNameAttribute))
->where($this->groupMemberAttribute, $queryUsername) ->where($this->groupMemberAttribute, $userDn)
->setBase($this->groupBaseDn); ->setBase($this->groupBaseDn);
if ($this->groupFilter) { if ($this->groupFilter) {
$groupQuery->where(new Expression($this->groupFilter)); $groupQuery->where(new Expression($this->groupFilter));