k-space/dex
Archived
11
0
Fork 0
Code Issues Pull Requests Packages Projects Activity

Merge pull request #759 from rithujohn191/ldap-grpsearch

Browse Source 
connector/ldap: enable groupSearch to be empty
This commit is contained in:
rithu leena john
2016-12-28 14:20:37 -08:00
committed by GitHub
parent 3e2d857928 6a728f107e
commit fb5199c958
1 changed files with 5 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
connector/ldap/ldap.go
View File

@@ -445,6 +445,11 @@ func (c *ldapConnector) Refresh(ctx context.Context, s connector.Scopes, ident c
}
func (c *ldapConnector) groups(ctx context.Context, user ldap.Entry) ([]string, error) {
if c.GroupSearch.BaseDN == "" {
c.logger.Debugf("No groups returned for %q because no groups baseDN has been configured.", getAttr(user, c.UserSearch.NameAttr))
return nil, nil
}
filter := fmt.Sprintf("(%s=%s)", c.GroupSearch.GroupAttr, ldap.EscapeFilter(getAttr(user, c.GroupSearch.UserAttr)))
if c.GroupSearch.Filter != "" {
filter = fmt.Sprintf("(&%s%s)", c.GroupSearch.Filter, filter)