From dc9b2bc4584aa690455954d4b6476b537b356c88 Mon Sep 17 00:00:00 2001
From: Alex Auvolat <alex@adnab.me>
Date: Tue, 11 Feb 2020 20:10:47 +0100
Subject: [PATCH] Fix several group membership issue

TODO:
- check for other wrong uses of GetAttributeValue(s)
- refactor is_admin check
---
 admin.go | 11 ++++++++---
 main.go  | 16 ++++++++++------
 2 files changed, 18 insertions(+), 9 deletions(-)

diff --git a/admin.go b/admin.go
index fa230bc..ccfbe31 100644
--- a/admin.go
+++ b/admin.go
@@ -19,9 +19,14 @@ func checkAdminLogin(w http.ResponseWriter, r *http.Request) *LoginStatus {
 	}
 
 	can_admin := (login.Info.DN == config.AdminAccount)
-	for _, group := range login.UserEntry.GetAttributeValues("memberof") {
-		if config.GroupCanAdmin != "" && group == config.GroupCanAdmin {
-			can_admin = true
+	fmt.Printf("%#v", login.UserEntry)
+	for _, attr := range login.UserEntry.Attributes {
+		if strings.EqualFold(attr.Name, "memberof") {
+			for _, group := range attr.Values {
+				if config.GroupCanAdmin != "" && group == config.GroupCanAdmin {
+					can_admin = true
+				}
+			}
 		}
 	}
 
diff --git a/main.go b/main.go
index d8848de..574ea21 100644
--- a/main.go
+++ b/main.go
@@ -259,12 +259,16 @@ func handleHome(w http.ResponseWriter, r *http.Request) {
 
 	can_admin := (login.Info.DN == config.AdminAccount)
 	can_invite := false
-	for _, group := range login.UserEntry.GetAttributeValues("memberof") {
-		if config.GroupCanInvite != "" && group == config.GroupCanInvite {
-			can_invite = true
-		}
-		if config.GroupCanAdmin != "" && group == config.GroupCanAdmin {
-			can_admin = true
+	for _, attr := range login.UserEntry.Attributes {
+		if strings.EqualFold(attr.Name, "memberof") {
+			for _, group := range attr.Values {
+				if config.GroupCanInvite != "" && group == config.GroupCanInvite {
+					can_invite = true
+				}
+				if config.GroupCanAdmin != "" && group == config.GroupCanAdmin {
+					can_admin = true
+				}
+			}
 		}
 	}