diff options
author | CaiCandong <50507092+CaiCandong@users.noreply.github.com> | 2023-10-01 19:32:12 +0800 |
---|---|---|
committer | GitHub <noreply@github.com> | 2023-10-01 11:32:12 +0000 |
commit | 7ad31567cdc8206e0080b851a9b880729266b084 (patch) | |
tree | cbfbcc3f5d01ae4537420f80f440f6a3ad116e47 | |
parent | 6e87a44034af3cfef1ceed3d653b3851ec2c1118 (diff) | |
download | gitea-7ad31567cdc8206e0080b851a9b880729266b084.tar.gz gitea-7ad31567cdc8206e0080b851a9b880729266b084.zip |
Fix ldap admin privileges update bug (#27051)
When the user does not set a username lookup condition, LDAP will get an
empty string `""` for the user, hence the following code
```
if isExist, err := user_model.IsUserExist(db.DefaultContext, 0, sr.Username)
```
The user presence determination will always be nonexistent, so updates
to user information will never be performed.
Fix #27049
-rw-r--r-- | services/auth/source/ldap/source_authenticate.go | 17 |
1 files changed, 7 insertions, 10 deletions
diff --git a/services/auth/source/ldap/source_authenticate.go b/services/auth/source/ldap/source_authenticate.go index c480851084..9f4d7ed68f 100644 --- a/services/auth/source/ldap/source_authenticate.go +++ b/services/auth/source/ldap/source_authenticate.go @@ -29,7 +29,13 @@ func (source *Source) Authenticate(ctx context.Context, user *user_model.User, u // User not in LDAP, do nothing return nil, user_model.ErrUserNotExist{Name: loginName} } - + // Fallback. + if len(sr.Username) == 0 { + sr.Username = userName + } + if len(sr.Mail) == 0 { + sr.Mail = fmt.Sprintf("%s@localhost.local", sr.Username) + } isAttributeSSHPublicKeySet := len(strings.TrimSpace(source.AttributeSSHPublicKey)) > 0 // Update User admin flag if exist @@ -70,15 +76,6 @@ func (source *Source) Authenticate(ctx context.Context, user *user_model.User, u } } } else { - // Fallback. - if len(sr.Username) == 0 { - sr.Username = userName - } - - if len(sr.Mail) == 0 { - sr.Mail = fmt.Sprintf("%s@localhost.local", sr.Username) - } - user = &user_model.User{ LowerName: strings.ToLower(sr.Username), Name: sr.Username, |