diff options
| author | Arthur Schiwon <blizzz@arthur-schiwon.de> | 2019-06-19 13:39:15 +0200 |
|---|---|---|
| committer | Arthur Schiwon <blizzz@arthur-schiwon.de> | 2019-06-19 13:39:15 +0200 |
| commit | 8a7b0a68a5cd83571672ada16fbb55103a90cc03 (patch) | |
| tree | 3c33534b47964cd82f704fbaff5da504367b7072 /apps/user_ldap/lib/LDAPProvider.php | |
| parent | 94e4ce38cfa3ebde56f5a42b2cfd895cf66d1149 (diff) | |
| download | nextcloud-server-8a7b0a68a5cd83571672ada16fbb55103a90cc03.tar.gz nextcloud-server-8a7b0a68a5cd83571672ada16fbb55103a90cc03.zip | |
fixes returning the base when multiple are specified
* reading the config directly will return the value with line breaks
* using the proper accessor gives us all bases in an array
* returns the first matching one
* having user id provided for the group base is strange and does not let
us operate like this. here we return the first one. might change in
future, a backportable fix won't have an API change however.
Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
Diffstat (limited to 'apps/user_ldap/lib/LDAPProvider.php')
| -rw-r--r-- | apps/user_ldap/lib/LDAPProvider.php | 24 |
1 files changed, 21 insertions, 3 deletions
diff --git a/apps/user_ldap/lib/LDAPProvider.php b/apps/user_ldap/lib/LDAPProvider.php index 4121bdd9d2e..41a4bc6d658 100644 --- a/apps/user_ldap/lib/LDAPProvider.php +++ b/apps/user_ldap/lib/LDAPProvider.php @@ -182,8 +182,25 @@ class LDAPProvider implements ILDAPProvider, IDeletionFlagSupport { public function getLDAPBaseUsers($uid) { if(!$this->userBackend->userExists($uid)){ throw new \Exception('User id not found in LDAP'); - } - return $this->userBackend->getLDAPAccess($uid)->getConnection()->getConfiguration()['ldap_base_users']; + } + $access = $this->userBackend->getLDAPAccess($uid); + $bases = $access->getConnection()->ldapBaseUsers; + $dn = $this->getUserDN($uid); + foreach ($bases as $base) { + if($access->isDNPartOfBase($dn, [$base])) { + return $base; + } + } + // should not occur, because the user does not qualify to use NC in this case + $this->logger->info( + 'No matching user base found for user {dn}, available: {bases}.', + [ + 'app' => 'user_ldap', + 'dn' => $dn, + 'bases' => $bases, + ] + ); + return array_shift($bases); } /** @@ -196,7 +213,8 @@ class LDAPProvider implements ILDAPProvider, IDeletionFlagSupport { if(!$this->userBackend->userExists($uid)){ throw new \Exception('User id not found in LDAP'); } - return $this->userBackend->getLDAPAccess($uid)->getConnection()->getConfiguration()['ldap_base_groups']; + $bases = $this->userBackend->getLDAPAccess($uid)->getConnection()->ldapBaseGroups; + return array_shift($bases); } /** |