Modify ↓
Opened 16 years ago
Last modified 16 years ago
#4773 new defect
LdapPlugin does not honour group_rdn in get_groups
| Reported by: | Lev Shamardin | Owned by: | Emmanuel Blot |
|---|---|---|---|
| Priority: | high | Component: | LdapPlugin |
| Severity: | major | Keywords: | |
| Cc: | Trac Release: | 0.11 |
Description
The group_rdn option specified in the config is not used in get_groups. This leads to a problem when there are groups with the same names in the different parts of the LDAP tree.
The proposed patch is below:
diff --git a/api.py b/api.py
index 13a912e..35792ba 100644
--- a/api.py
+++ b/api.py
@@ -32,12 +32,12 @@ LDAP_MODULE_CONFIG = [ 'enable', 'permfilter',
'global_perms', 'manage_groups'
'cache_ttl', 'cache_size',
'group_bind', 'store_bind',
- 'user_rdn', 'group_rdn' ]
+ 'user_rdn' ]
LDAP_DIRECTORY_PARAMS = [ 'host', 'port', 'use_tls', 'basedn',
'bind_user', 'bind_passwd',
'groupname', 'groupmember', 'groupmemberisdn',
- 'groupattr', 'uidattr', 'permattr']
+ 'groupattr', 'group_rdn', 'uidattr', 'permattr']
GROUP_PREFIX = '@'
@@ -510,6 +510,7 @@ class LdapConnection(object):
self.groupname = 'groupofnames'
self.groupmember = 'member'
self.groupattr = 'cn'
+ self.group_rdn = None
self.uidattr = 'uid'
self.permattr = 'tracperm'
self.bind_user = None
@@ -538,7 +539,10 @@ class LdapConnection(object):
def get_groups(self):
"""Return a list of available group dns"""
- groups = self.get_dn(self.basedn, 'objectclass=' + self.groupname)
+ if self.group_rdn:
+ groups = self.get_dn('%s,%s' % (self.group_rdn, self.basedn), 'obje
+ else:
+ groups = self.get_dn(self.basedn, 'objectclass=' + self.groupname)
return groups
def is_in_group(self, userdn, groupdn):
Attachments (1)
Change History (3)
comment:1 Changed 16 years ago by
Changed 16 years ago by
| Attachment: | ldapplugin-groups.patch added |
|---|
Note: See
TracTickets for help on using
tickets.
You're patch got chopped off after
'objecan you post the full patch again?