diff options
| author | Jean-Philippe Lang <jp_lang@yahoo.fr> | 2012-03-01 16:26:10 +0000 |
|---|---|---|
| committer | Jean-Philippe Lang <jp_lang@yahoo.fr> | 2012-03-01 16:26:10 +0000 |
| commit | 60741b3e1c025f50e93e6f5847716ed930b319a0 (patch) | |
| tree | cb3d11d718d1ae9340418103648ceceb5623de07 /app/models/auth_source_ldap.rb | |
| parent | ab46c52d4a3e993d3ca59cca976e1235ee2e2ed7 (diff) | |
| download | redmine-60741b3e1c025f50e93e6f5847716ed930b319a0.tar.gz redmine-60741b3e1c025f50e93e6f5847716ed930b319a0.zip | |
Adds an optional LDAP filter (#1060).
git-svn-id: svn+ssh://rubyforge.org/var/svn/redmine/trunk@9044 e93f8b46-1217-0410-a6f0-8f06a7374b81
Diffstat (limited to 'app/models/auth_source_ldap.rb')
| -rw-r--r-- | app/models/auth_source_ldap.rb | 24 |
1 files changed, 22 insertions, 2 deletions
diff --git a/app/models/auth_source_ldap.rb b/app/models/auth_source_ldap.rb index 5c6d28cb2..bf8d70478 100644 --- a/app/models/auth_source_ldap.rb +++ b/app/models/auth_source_ldap.rb @@ -21,9 +21,10 @@ require 'net/ldap' class AuthSourceLdap < AuthSource validates_presence_of :host, :port, :attr_login validates_length_of :name, :host, :maximum => 60, :allow_nil => true - validates_length_of :account, :account_password, :base_dn, :maximum => 255, :allow_nil => true + validates_length_of :account, :account_password, :base_dn, :filter, :maximum => 255, :allow_blank => true validates_length_of :attr_login, :attr_firstname, :attr_lastname, :attr_mail, :maximum => 30, :allow_nil => true validates_numericality_of :port, :only_integer => true + validate :validate_filter before_validation :strip_ldap_attributes @@ -58,6 +59,20 @@ class AuthSourceLdap < AuthSource private + def ldap_filter + if filter.present? + Net::LDAP::Filter.construct(filter) + end + rescue Net::LDAP::LdapError + nil + end + + def validate_filter + if filter.present? && ldap_filter.nil? + errors.add(:filter, :invalid) + end + end + def strip_ldap_attributes [:attr_login, :attr_firstname, :attr_lastname, :attr_mail].each do |attr| write_attribute(attr, read_attribute(attr).strip) unless read_attribute(attr).nil? @@ -107,8 +122,13 @@ class AuthSourceLdap < AuthSource object_filter = Net::LDAP::Filter.eq( "objectClass", "*" ) attrs = {} + search_filter = object_filter & login_filter + if f = ldap_filter + search_filter = search_filter & f + end + ldap_con.search( :base => self.base_dn, - :filter => object_filter & login_filter, + :filter => search_filter, :attributes=> search_attributes) do |entry| if onthefly_register? |