class AuthSourceLdap < AuthSource
validates_presence_of :host, :port, :attr_login
validates_length_of :name, :host, :maximum => 60, :allow_nil => true
- validates_length_of :account, :account_password, :base_dn, :maximum => 255, :allow_nil => true
+ validates_length_of :account, :account_password, :base_dn, :filter, :maximum => 255, :allow_blank => true
validates_length_of :attr_login, :attr_firstname, :attr_lastname, :attr_mail, :maximum => 30, :allow_nil => true
validates_numericality_of :port, :only_integer => true
+ validate :validate_filter
before_validation :strip_ldap_attributes
private
+ def ldap_filter
+ if filter.present?
+ Net::LDAP::Filter.construct(filter)
+ end
+ rescue Net::LDAP::LdapError
+ nil
+ end
+
+ def validate_filter
+ if filter.present? && ldap_filter.nil?
+ errors.add(:filter, :invalid)
+ end
+ end
+
def strip_ldap_attributes
[:attr_login, :attr_firstname, :attr_lastname, :attr_mail].each do |attr|
write_attribute(attr, read_attribute(attr).strip) unless read_attribute(attr).nil?
object_filter = Net::LDAP::Filter.eq( "objectClass", "*" )
attrs = {}
+ search_filter = object_filter & login_filter
+ if f = ldap_filter
+ search_filter = search_filter & f
+ end
+
ldap_con.search( :base => self.base_dn,
- :filter => object_filter & login_filter,
+ :filter => search_filter,
:attributes=> search_attributes) do |entry|
if onthefly_register?
<p><label for="auth_source_base_dn"><%=l(:field_base_dn)%> <span class="required">*</span></label>
<%= text_field 'auth_source', 'base_dn', :size => 60 %></p>
+<p><label for="auth_source_custom_filter"><%=l(:field_ldap_filter)%></label>
+<%= text_field 'auth_source', 'filter', :size => 60 %></p>
+
<p><label for="auth_source_onthefly_register"><%=l(:field_onthefly)%></label>
<%= check_box 'auth_source', 'onthefly_register' %></p>
</div>
notice_issue_update_conflict: The issue has been updated by an other user while you were editing it.
text_issue_conflict_resolution_cancel: Discard all my changes and redisplay %{link}
permission_manage_related_issues: Manage related issues
+ field_ldap_filter: LDAP filter
description_date_range_interval: Изберете диапазон чрез задаване на начална и крайна дати
description_date_from: Въведете начална дата
description_date_to: Въведете крайна дата
+ field_ldap_filter: LDAP filter
notice_issue_update_conflict: The issue has been updated by an other user while you were editing it.
text_issue_conflict_resolution_cancel: Discard all my changes and redisplay %{link}
permission_manage_related_issues: Manage related issues
+ field_ldap_filter: LDAP filter
notice_issue_update_conflict: The issue has been updated by an other user while you were editing it.
text_issue_conflict_resolution_cancel: Discard all my changes and redisplay %{link}
permission_manage_related_issues: Manage related issues
+ field_ldap_filter: LDAP filter
notice_issue_update_conflict: The issue has been updated by an other user while you were editing it.
text_issue_conflict_resolution_cancel: Discard all my changes and redisplay %{link}
permission_manage_related_issues: Manage related issues
+ field_ldap_filter: LDAP filter
notice_issue_update_conflict: The issue has been updated by an other user while you were editing it.
text_issue_conflict_resolution_cancel: Discard all my changes and redisplay %{link}
permission_manage_related_issues: Manage related issues
+ field_ldap_filter: LDAP filter
notice_issue_update_conflict: The issue has been updated by an other user while you were editing it.
text_issue_conflict_resolution_cancel: Discard all my changes and redisplay %{link}
permission_manage_related_issues: Manage related issues
+ field_ldap_filter: LDAP filter
notice_issue_update_conflict: The issue has been updated by an other user while you were editing it.
text_issue_conflict_resolution_cancel: Discard all my changes and redisplay %{link}
permission_manage_related_issues: Manage related issues
+ field_ldap_filter: LDAP filter
notice_issue_update_conflict: The issue has been updated by an other user while you were editing it.
text_issue_conflict_resolution_cancel: Discard all my changes and redisplay %{link}
permission_manage_related_issues: Manage related issues
+ field_ldap_filter: LDAP filter
field_cvs_module: Module
field_repository_is_default: Main repository
field_multiple: Multiple values
+ field_ldap_filter: LDAP filter
setting_app_title: Application title
setting_app_subtitle: Application subtitle
notice_issue_update_conflict: The issue has been updated by an other user while you were editing it.
text_issue_conflict_resolution_cancel: Discard all my changes and redisplay %{link}
permission_manage_related_issues: Manage related issues
+ field_ldap_filter: LDAP filter
label_export_options: "%{export_format} ekspordi valikud"
label_completed_versions: "Lõpetatud versioonid"
error_attachment_too_big: "Seda faili ei saa üles laadida, kuna ületab maksimumsuurust (%{max_size})"
+ field_ldap_filter: LDAP filter
notice_issue_update_conflict: The issue has been updated by an other user while you were editing it.
text_issue_conflict_resolution_cancel: Discard all my changes and redisplay %{link}
permission_manage_related_issues: Manage related issues
+ field_ldap_filter: LDAP filter
notice_issue_update_conflict: The issue has been updated by an other user while you were editing it.
text_issue_conflict_resolution_cancel: Discard all my changes and redisplay %{link}
permission_manage_related_issues: Manage related issues
+ field_ldap_filter: LDAP filter
notice_issue_update_conflict: The issue has been updated by an other user while you were editing it.
text_issue_conflict_resolution_cancel: Discard all my changes and redisplay %{link}
permission_manage_related_issues: Manage related issues
+ field_ldap_filter: LDAP filter
field_commit_logs_encoding: Encodage des messages de commit
field_repository_is_default: Dépôt principal
field_multiple: Valeurs multiples
+ field_ldap_filter: Filtre LDAP
setting_app_title: Titre de l'application
setting_app_subtitle: Sous-titre de l'application
notice_issue_update_conflict: The issue has been updated by an other user while you were editing it.
text_issue_conflict_resolution_cancel: Discard all my changes and redisplay %{link}
permission_manage_related_issues: Manage related issues
+ field_ldap_filter: LDAP filter
notice_issue_update_conflict: The issue has been updated by an other user while you were editing it.
text_issue_conflict_resolution_cancel: Discard all my changes and redisplay %{link}
permission_manage_related_issues: Manage related issues
+ field_ldap_filter: LDAP filter
notice_issue_update_conflict: The issue has been updated by an other user while you were editing it.
text_issue_conflict_resolution_cancel: Discard all my changes and redisplay %{link}
permission_manage_related_issues: Manage related issues
+ field_ldap_filter: LDAP filter
notice_issue_update_conflict: The issue has been updated by an other user while you were editing it.
text_issue_conflict_resolution_cancel: Discard all my changes and redisplay %{link}
permission_manage_related_issues: Manage related issues
+ field_ldap_filter: LDAP filter
notice_issue_update_conflict: The issue has been updated by an other user while you were editing it.
text_issue_conflict_resolution_cancel: Discard all my changes and redisplay %{link}
permission_manage_related_issues: Manage related issues
+ field_ldap_filter: LDAP filter
notice_issue_update_conflict: The issue has been updated by an other user while you were editing it.
text_issue_conflict_resolution_cancel: Discard all my changes and redisplay %{link}
permission_manage_related_issues: Manage related issues
+ field_ldap_filter: LDAP filter
notice_issue_update_conflict: The issue has been updated by an other user while you were editing it.
text_issue_conflict_resolution_cancel: Discard all my changes and redisplay %{link}
permission_manage_related_issues: Manage related issues
+ field_ldap_filter: LDAP filter
notice_issue_update_conflict: The issue has been updated by an other user while you were editing it.
text_issue_conflict_resolution_cancel: Discard all my changes and redisplay %{link}
permission_manage_related_issues: Manage related issues
+ field_ldap_filter: LDAP filter
notice_issue_update_conflict: The issue has been updated by an other user while you were editing it.
text_issue_conflict_resolution_cancel: Discard all my changes and redisplay %{link}
permission_manage_related_issues: Manage related issues
+ field_ldap_filter: LDAP filter
notice_issue_update_conflict: The issue has been updated by an other user while you were editing it.
text_issue_conflict_resolution_cancel: Discard all my changes and redisplay %{link}
permission_manage_related_issues: Manage related issues
+ field_ldap_filter: LDAP filter
notice_issue_update_conflict: The issue has been updated by an other user while you were editing it.
text_issue_conflict_resolution_cancel: Discard all my changes and redisplay %{link}
permission_manage_related_issues: Manage related issues
+ field_ldap_filter: LDAP filter
notice_issue_update_conflict: The issue has been updated by an other user while you were editing it.
text_issue_conflict_resolution_cancel: Discard all my changes and redisplay %{link}
permission_manage_related_issues: Manage related issues
+ field_ldap_filter: LDAP filter
notice_issue_update_conflict: The issue has been updated by an other user while you were editing it.
text_issue_conflict_resolution_cancel: Discard all my changes and redisplay %{link}
permission_manage_related_issues: Manage related issues
+ field_ldap_filter: LDAP filter
notice_issue_update_conflict: The issue has been updated by an other user while you were editing it.
text_issue_conflict_resolution_cancel: Discard all my changes and redisplay %{link}
permission_manage_related_issues: Manage related issues
+ field_ldap_filter: LDAP filter
notice_issue_update_conflict: The issue has been updated by an other user while you were editing it.
text_issue_conflict_resolution_cancel: Discard all my changes and redisplay %{link}
permission_manage_related_issues: Manage related issues
+ field_ldap_filter: LDAP filter
notice_issue_update_conflict: The issue has been updated by an other user while you were editing it.
text_issue_conflict_resolution_cancel: Discard all my changes and redisplay %{link}
permission_manage_related_issues: Manage related issues
+ field_ldap_filter: LDAP filter
notice_issue_update_conflict: The issue has been updated by an other user while you were editing it.
text_issue_conflict_resolution_cancel: Discard all my changes and redisplay %{link}
permission_manage_related_issues: Manage related issues
+ field_ldap_filter: LDAP filter
notice_issue_update_conflict: The issue has been updated by an other user while you were editing it.
text_issue_conflict_resolution_cancel: Discard all my changes and redisplay %{link}
permission_manage_related_issues: Manage related issues
+ field_ldap_filter: LDAP filter
notice_issue_update_conflict: The issue has been updated by an other user while you were editing it.
text_issue_conflict_resolution_cancel: Discard all my changes and redisplay %{link}
permission_manage_related_issues: Manage related issues
+ field_ldap_filter: LDAP filter
notice_issue_update_conflict: The issue has been updated by an other user while you were editing it.
text_issue_conflict_resolution_cancel: Discard all my changes and redisplay %{link}
permission_manage_related_issues: Manage related issues
+ field_ldap_filter: LDAP filter
notice_issue_update_conflict: The issue has been updated by an other user while you were editing it.
text_issue_conflict_resolution_cancel: Discard all my changes and redisplay %{link}
permission_manage_related_issues: Manage related issues
+ field_ldap_filter: LDAP filter
notice_issue_update_conflict: The issue has been updated by an other user while you were editing it.
text_issue_conflict_resolution_cancel: Discard all my changes and redisplay %{link}
permission_manage_related_issues: Manage related issues
+ field_ldap_filter: LDAP filter
notice_issue_update_conflict: The issue has been updated by an other user while you were editing it.
text_issue_conflict_resolution_cancel: Discard all my changes and redisplay %{link}
permission_manage_related_issues: Manage related issues
+ field_ldap_filter: LDAP filter
notice_issue_update_conflict: The issue has been updated by an other user while you were editing it.
text_issue_conflict_resolution_cancel: Discard all my changes and redisplay %{link}
permission_manage_related_issues: Manage related issues
+ field_ldap_filter: LDAP filter
notice_issue_update_conflict: The issue has been updated by an other user while you were editing it.
text_issue_conflict_resolution_cancel: Discard all my changes and redisplay %{link}
permission_manage_related_issues: Manage related issues
+ field_ldap_filter: LDAP filter
notice_issue_update_conflict: The issue has been updated by an other user while you were editing it.
text_issue_conflict_resolution_cancel: Discard all my changes and redisplay %{link}
permission_manage_related_issues: Manage related issues
+ field_ldap_filter: LDAP filter
notice_issue_update_conflict: The issue has been updated by an other user while you were editing it.
text_issue_conflict_resolution_cancel: Discard all my changes and redisplay %{link}
permission_manage_related_issues: Manage related issues
+ field_ldap_filter: LDAP filter
notice_issue_update_conflict: The issue has been updated by an other user while you were editing it.
text_issue_conflict_resolution_cancel: Discard all my changes and redisplay %{link}
permission_manage_related_issues: Manage related issues
+ field_ldap_filter: LDAP filter
zero: 0 問題
one: 1 問題
other: "%{count} 問題清單"
+ field_ldap_filter: LDAP filter
notice_issue_update_conflict: The issue has been updated by an other user while you were editing it.
text_issue_conflict_resolution_cancel: Discard all my changes and redisplay %{link}
permission_manage_related_issues: Manage related issues
+ field_ldap_filter: LDAP filter
--- /dev/null
+class AddAuthSourcesFilter < ActiveRecord::Migration
+ def self.up
+ add_column :auth_sources, :filter, :string
+ end
+
+ def self.down
+ remove_column :auth_sources, :filter
+ end
+end
require File.expand_path('../../test_helper', __FILE__)
class AuthSourceLdapTest < ActiveSupport::TestCase
+ include Redmine::I18n
fixtures :auth_sources
def setup
assert_equal 389, a.port
end
+ def test_filter_should_be_validated
+ set_language_if_valid 'en'
+
+ a = AuthSourceLdap.new(:name => 'My LDAP', :host => 'ldap.example.net', :port => 389, :attr_login => 'sn')
+ a.filter = "(mail=*@redmine.org"
+ assert !a.valid?
+ assert_equal "is invalid", a.errors[:filter].to_s
+
+ a.filter = "(mail=*@redmine.org)"
+ assert a.valid?
+ end
+
if ldap_configured?
context '#authenticate' do
setup do
end
end
+ context 'without filter' do
+ should 'return any user' do
+ assert @auth.authenticate('example1','123456')
+ assert @auth.authenticate('edavis', '123456')
+ end
+ end
+
+ context 'with filter' do
+ setup do
+ @auth.filter = "(mail=*@redmine.org)"
+ end
+
+ should 'return user who matches the filter only' do
+ assert @auth.authenticate('example1','123456')
+ assert_nil @auth.authenticate('edavis', '123456')
+ end
+ end
end
else
puts '(Test LDAP server not configured)'