Pluging won't work for users belonging to LDAP upper cased groups
|Reported by:||jmeile@…||Owned by:||eblot|
|Cc:||jmeile@…, tim.gouma@…||Trac Release:||0.11|
On the LDAP setup I'm using, there are some upper cased groups. I can't change them since I'm not the administrator of that server and the tool I use to add those groups to the LDAP server, uses an upper cased prefix, ie: MY_DEPARTMENT-, then I can define whatever comes afterwards, so, MY_DEPARTMENT-ADMINS. So, as you see, I cant' do anything here :-(
Anyway, when I give @MY_DEPARTMENT-ADMINS into the trac Admins interface, it just complains and says: "All upper-cased tokens are reserved for permission names"
If I give @my_department-admins into the Admin interface, then the group comparison into your plugging will fail since it compares this lowered string with the original name of the LDAP group.
Well, this seems to be a trac problem since it has reserved uppercased names for permissions :-(
Anyway, it would be nice if you add some kind of option that lowercases the groups to which a user belongs to, ie: ignore_group_case. There is a trac setting: ignore_auth_case, but it only seems to lowercase the username. It won't work with the groups.
For the moment, I'm always lowercasing each group into the _get_user_groups method of the LdapPermissionGroupProvider class; however, I thing a trac.ini variable would be much more elegant.
Best regards Josef