diff options
| author | Lukas Reschke <lukas@owncloud.com> | 2015-02-24 16:37:49 +0100 |
|---|---|---|
| committer | Lukas Reschke <lukas@owncloud.com> | 2015-02-24 16:37:49 +0100 |
| commit | 52495dc99585a88137f628ddc2a2fc8d20583396 (patch) | |
| tree | 5487fbf81838e77a10d6176e8480b04d0b017184 /apps/user_ldap/lib/wizard.php | |
| parent | b6289542e8e1e7bbadc67fee377f7af5cd29e2bb (diff) | |
| parent | 73600cfdd80694a9ffa526147d79b231fd85c5b2 (diff) | |
| download | nextcloud-server-52495dc99585a88137f628ddc2a2fc8d20583396.tar.gz nextcloud-server-52495dc99585a88137f628ddc2a2fc8d20583396.zip | |
Merge pull request #13740 from owncloud/fix-12190-2
Include primary groups in user and login filter when restricting group access and also fix user counting in primary groups
Diffstat (limited to 'apps/user_ldap/lib/wizard.php')
| -rw-r--r-- | apps/user_ldap/lib/wizard.php | 14 |
1 files changed, 12 insertions, 2 deletions
diff --git a/apps/user_ldap/lib/wizard.php b/apps/user_ldap/lib/wizard.php index 753c8e48a92..fe4eebf9e11 100644 --- a/apps/user_ldap/lib/wizard.php +++ b/apps/user_ldap/lib/wizard.php @@ -857,13 +857,23 @@ class Wizard extends LDAPUtility { } $base = $this->configuration->ldapBase[0]; foreach($cns as $cn) { - $rr = $this->ldap->search($cr, $base, 'cn=' . $cn, array('dn')); + $rr = $this->ldap->search($cr, $base, 'cn=' . $cn, array('dn', 'primaryGroupToken')); if(!$this->ldap->isResource($rr)) { continue; } $er = $this->ldap->firstEntry($cr, $rr); + $attrs = $this->ldap->getAttributes($cr, $er); $dn = $this->ldap->getDN($cr, $er); - $filter .= '(memberof=' . $dn . ')'; + if(empty($dn)) { + continue; + } + $filterPart = '(memberof=' . $dn . ')'; + if(isset($attrs['primaryGroupToken'])) { + $pgt = $attrs['primaryGroupToken'][0]; + $primaryFilterPart = '(primaryGroupID=' . $pgt .')'; + $filterPart = '(|' . $filterPart . $primaryFilterPart . ')'; + } + $filter .= $filterPart; } $filter .= ')'; } |