mirror of
https://github.com/goharbor/harbor.git
synced 2024-12-25 10:07:43 +01:00
Normalize LDAP filter for user filter and group filter
Signed-off-by: stonezdj <stonezdj@gmail.com>
This commit is contained in:
parent
c9f12bc273
commit
7c7b6d2710
@ -351,13 +351,13 @@ func (session *Session) createUserFilter(username string) string {
|
|||||||
filterTag = goldap.EscapeFilter(username)
|
filterTag = goldap.EscapeFilter(username)
|
||||||
}
|
}
|
||||||
|
|
||||||
ldapFilter := session.ldapConfig.LdapFilter
|
ldapFilter := normalizeFilter(session.ldapConfig.LdapFilter)
|
||||||
ldapUID := session.ldapConfig.LdapUID
|
ldapUID := session.ldapConfig.LdapUID
|
||||||
|
|
||||||
if ldapFilter == "" {
|
if ldapFilter == "" {
|
||||||
ldapFilter = "(" + ldapUID + "=" + filterTag + ")"
|
ldapFilter = "(" + ldapUID + "=" + filterTag + ")"
|
||||||
} else {
|
} else {
|
||||||
ldapFilter = "(&" + ldapFilter + "(" + ldapUID + "=" + filterTag + "))"
|
ldapFilter = "(&(" + ldapFilter + ")(" + ldapUID + "=" + filterTag + "))"
|
||||||
}
|
}
|
||||||
|
|
||||||
log.Debug("ldap filter :", ldapFilter)
|
log.Debug("ldap filter :", ldapFilter)
|
||||||
@ -425,6 +425,7 @@ func createGroupSearchFilter(oldFilter, groupName, groupNameAttribute string) st
|
|||||||
filter := ""
|
filter := ""
|
||||||
groupName = goldap.EscapeFilter(groupName)
|
groupName = goldap.EscapeFilter(groupName)
|
||||||
groupNameAttribute = goldap.EscapeFilter(groupNameAttribute)
|
groupNameAttribute = goldap.EscapeFilter(groupNameAttribute)
|
||||||
|
oldFilter = normalizeFilter(oldFilter)
|
||||||
if len(oldFilter) == 0 {
|
if len(oldFilter) == 0 {
|
||||||
if len(groupName) == 0 {
|
if len(groupName) == 0 {
|
||||||
filter = groupNameAttribute + "=*"
|
filter = groupNameAttribute + "=*"
|
||||||
@ -455,3 +456,11 @@ func contains(s []string, e string) bool {
|
|||||||
}
|
}
|
||||||
return false
|
return false
|
||||||
}
|
}
|
||||||
|
|
||||||
|
// normalizeFilter - remove '(' and ')' in ldap filter
|
||||||
|
func normalizeFilter(filter string) string {
|
||||||
|
norFilter := strings.TrimSpace(filter)
|
||||||
|
norFilter = strings.TrimPrefix(norFilter, "(")
|
||||||
|
norFilter = strings.TrimSuffix(norFilter, ")")
|
||||||
|
return norFilter
|
||||||
|
}
|
||||||
|
@ -369,3 +369,25 @@ func TestSession_SearchGroupByDN(t *testing.T) {
|
|||||||
})
|
})
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
func TestNormalizeFilter(t *testing.T) {
|
||||||
|
type args struct {
|
||||||
|
filter string
|
||||||
|
}
|
||||||
|
tests := []struct {
|
||||||
|
name string
|
||||||
|
args args
|
||||||
|
want string
|
||||||
|
}{
|
||||||
|
{"normal test", args{"(objectclass=user)"}, "objectclass=user"},
|
||||||
|
{"with space", args{" (objectclass=user) "}, "objectclass=user"},
|
||||||
|
{"nothing", args{"objectclass=user"}, "objectclass=user"},
|
||||||
|
}
|
||||||
|
for _, tt := range tests {
|
||||||
|
t.Run(tt.name, func(t *testing.T) {
|
||||||
|
if got := normalizeFilter(tt.args.filter); got != tt.want {
|
||||||
|
t.Errorf("normalizeFilter() = %v, want %v", got, tt.want)
|
||||||
|
}
|
||||||
|
})
|
||||||
|
}
|
||||||
|
}
|
||||||
|
Loading…
Reference in New Issue
Block a user