Opened 8 years ago
Closed 8 years ago
#12994 closed defect (fixed)
Always expand groups from LDAP
Reported by: | anonymous | Owned by: | bebbo |
---|---|---|---|
Priority: | normal | Component: | DirectoryAuthPlugin |
Severity: | normal | Keywords: | |
Cc: | Trac Release: |
Description
I tested 2.1.0-SNAPSHOT of DirectoryAuthPlugin. Plugin always expand groups from LDAP even if in trac.ini
[account-manager] group_expand = 0
Attachments (0)
Change History (10)
comment:1 follow-up: 2 Changed 8 years ago by
comment:2 Changed 8 years ago by
comment:3 follow-up: 4 Changed 8 years ago by
So your expectation if 'group_expand == 1' is, that no ldap groups are returned at all.
comment:4 Changed 8 years ago by
Replying to bebbo:
So your expectation if 'group_expand == 1' is, that no ldap groups are returned at all.
if 'group_expand == 0'
Something like this in def _expand_user_groups(self, user, use_cache=1)
if not self.group_expand: self.log.debug('group_expand set %s. Do not extend LDAP groups' % self.group_expand) return []
comment:8 Changed 8 years ago by
Resolution: | → fixed |
---|---|
Status: | new → closed |
comment:9 Changed 8 years ago by
Resolution: | fixed |
---|---|
Status: | closed → reopened |
WISH
if group_expand = 0
and group_validusers
is not configured all users from dir_basedn
shown in AdminPanel Users.
May be only Trac users with LDAP data (mail, displayname) must be showing?
comment:10 Changed 8 years ago by
Resolution: | → fixed |
---|---|
Status: | reopened → closed |
There is distinct code from the primary author of this plugin, which explicitly defines the behaviour to return all LDAP users.
You may consider creating a new ticket for an additional option to support a different behaviour.
In 16081: