aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorCaiCandong <50507092+CaiCandong@users.noreply.github.com>2023-10-01 19:32:12 +0800
committerGitHub <noreply@github.com>2023-10-01 11:32:12 +0000
commit7ad31567cdc8206e0080b851a9b880729266b084 (patch)
treecbfbcc3f5d01ae4537420f80f440f6a3ad116e47
parent6e87a44034af3cfef1ceed3d653b3851ec2c1118 (diff)
downloadgitea-7ad31567cdc8206e0080b851a9b880729266b084.tar.gz
gitea-7ad31567cdc8206e0080b851a9b880729266b084.zip
Fix ldap admin privileges update bug (#27051)
When the user does not set a username lookup condition, LDAP will get an empty string `""` for the user, hence the following code ``` if isExist, err := user_model.IsUserExist(db.DefaultContext, 0, sr.Username) ``` The user presence determination will always be nonexistent, so updates to user information will never be performed. Fix #27049
-rw-r--r--services/auth/source/ldap/source_authenticate.go17
1 files changed, 7 insertions, 10 deletions
diff --git a/services/auth/source/ldap/source_authenticate.go b/services/auth/source/ldap/source_authenticate.go
index c480851084..9f4d7ed68f 100644
--- a/services/auth/source/ldap/source_authenticate.go
+++ b/services/auth/source/ldap/source_authenticate.go
@@ -29,7 +29,13 @@ func (source *Source) Authenticate(ctx context.Context, user *user_model.User, u
// User not in LDAP, do nothing
return nil, user_model.ErrUserNotExist{Name: loginName}
}
-
+ // Fallback.
+ if len(sr.Username) == 0 {
+ sr.Username = userName
+ }
+ if len(sr.Mail) == 0 {
+ sr.Mail = fmt.Sprintf("%s@localhost.local", sr.Username)
+ }
isAttributeSSHPublicKeySet := len(strings.TrimSpace(source.AttributeSSHPublicKey)) > 0
// Update User admin flag if exist
@@ -70,15 +76,6 @@ func (source *Source) Authenticate(ctx context.Context, user *user_model.User, u
}
}
} else {
- // Fallback.
- if len(sr.Username) == 0 {
- sr.Username = userName
- }
-
- if len(sr.Mail) == 0 {
- sr.Mail = fmt.Sprintf("%s@localhost.local", sr.Username)
- }
-
user = &user_model.User{
LowerName: strings.ToLower(sr.Username),
Name: sr.Username,