Eric Lippmann
Alexander A. Klimov
parent
0cbec01743
commit
cfbd5c500e
|
|
@ -100,6 +100,13 @@ class LdapUserGroupBackend extends LdapRepository implements UserGroupBackendInt
|
|||
*/
|
||||
protected $nestedGroupSearch;
|
||||
|
||||
/**
|
||||
* The domain the backend is responsible for
|
||||
*
|
||||
* @var string
|
||||
*/
|
||||
protected $domain;
|
||||
|
||||
/**
|
||||
* The columns which are not permitted to be queried
|
||||
*
|
||||
|
|
@ -394,6 +401,40 @@ class LdapUserGroupBackend extends LdapRepository implements UserGroupBackendInt
|
|||
return $this->nestedGroupSearch;
|
||||
}
|
||||
|
||||
/**
|
||||
* Get the domain the backend is responsible for
|
||||
*
|
||||
* If the LDAP group backend is linked with a LDAP user backend,
|
||||
* the domain of the user backend will be returned.
|
||||
*
|
||||
* @return string
|
||||
*/
|
||||
public function getDomain()
|
||||
{
|
||||
return $this->userBackend !== null ? $this->userBackend->getDomain() : $this->domain;
|
||||
}
|
||||
|
||||
/**
|
||||
* Set the domain the backend is responsible for
|
||||
*
|
||||
* If the LDAP group backend is linked with a LDAP user backend,
|
||||
* the domain of the user backend will be used nonetheless.
|
||||
*
|
||||
* @param string $domain
|
||||
*
|
||||
* @return $this
|
||||
*/
|
||||
public function setDomain($domain)
|
||||
{
|
||||
$domain = trim($domain);
|
||||
|
||||
if (strlen($domain)) {
|
||||
$this->domain = $domain;
|
||||
}
|
||||
|
||||
return $this;
|
||||
}
|
||||
|
||||
/**
|
||||
* Return whether the attribute name where to find a group's member holds ambiguous values
|
||||
*
|
||||
|
|
@ -632,13 +673,25 @@ class LdapUserGroupBackend extends LdapRepository implements UserGroupBackendInt
|
|||
*/
|
||||
public function getMemberships(User $user)
|
||||
{
|
||||
$domain = $this->getDomain();
|
||||
|
||||
if ($domain !== null) {
|
||||
if (! $user->hasDomain() || strtolower($user->getDomain()) !== $domain) {
|
||||
return array();
|
||||
}
|
||||
|
||||
$username = $user->getLocalUsername();
|
||||
} else {
|
||||
$username = $user->getUsername();
|
||||
}
|
||||
|
||||
if ($this->isMemberAttributeAmbiguous()) {
|
||||
$queryValue = $user->getUsername();
|
||||
$queryValue = $username;
|
||||
} elseif (($queryValue = $user->getAdditional('ldap_dn')) === null) {
|
||||
$userQuery = $this->ds
|
||||
->select()
|
||||
->from($this->userClass)
|
||||
->where($this->userNameAttribute, $user->getUsername())
|
||||
->where($this->userNameAttribute, $username)
|
||||
->setBase($this->userBaseDn)
|
||||
->setUsePagedResults(false);
|
||||
if ($this->userFilter) {
|
||||
|
|
@ -742,7 +795,8 @@ class LdapUserGroupBackend extends LdapRepository implements UserGroupBackendInt
|
|||
->setGroupMemberAttribute($config->get('group_member_attribute', $defaults->group_member_attribute))
|
||||
->setGroupFilter($config->group_filter)
|
||||
->setUserFilter($config->user_filter)
|
||||
->setNestedGroupSearch((bool) $config->get('nested_group_search', $defaults->nested_group_search));
|
||||
->setNestedGroupSearch((bool) $config->get('nested_group_search', $defaults->nested_group_search))
|
||||
->setDomain($config->domain);
|
||||
}
|
||||
|
||||
/**
|
||||
|
|
|
|||
Loading…
Reference in New Issue