Fix several group membership issue

TODO:
- check for other wrong uses of GetAttributeValue(s)
- refactor is_admin check
This commit is contained in:
Alex 2020-02-11 20:10:47 +01:00
parent 0dca53bca0
commit dc9b2bc458
2 changed files with 18 additions and 9 deletions

View file

@ -19,11 +19,16 @@ func checkAdminLogin(w http.ResponseWriter, r *http.Request) *LoginStatus {
} }
can_admin := (login.Info.DN == config.AdminAccount) can_admin := (login.Info.DN == config.AdminAccount)
for _, group := range login.UserEntry.GetAttributeValues("memberof") { fmt.Printf("%#v", login.UserEntry)
for _, attr := range login.UserEntry.Attributes {
if strings.EqualFold(attr.Name, "memberof") {
for _, group := range attr.Values {
if config.GroupCanAdmin != "" && group == config.GroupCanAdmin { if config.GroupCanAdmin != "" && group == config.GroupCanAdmin {
can_admin = true can_admin = true
} }
} }
}
}
if !can_admin { if !can_admin {
http.Redirect(w, r, "/", http.StatusFound) http.Redirect(w, r, "/", http.StatusFound)

View file

@ -259,7 +259,9 @@ func handleHome(w http.ResponseWriter, r *http.Request) {
can_admin := (login.Info.DN == config.AdminAccount) can_admin := (login.Info.DN == config.AdminAccount)
can_invite := false can_invite := false
for _, group := range login.UserEntry.GetAttributeValues("memberof") { for _, attr := range login.UserEntry.Attributes {
if strings.EqualFold(attr.Name, "memberof") {
for _, group := range attr.Values {
if config.GroupCanInvite != "" && group == config.GroupCanInvite { if config.GroupCanInvite != "" && group == config.GroupCanInvite {
can_invite = true can_invite = true
} }
@ -267,6 +269,8 @@ func handleHome(w http.ResponseWriter, r *http.Request) {
can_admin = true can_admin = true
} }
} }
}
}
data := &HomePageData{ data := &HomePageData{
Login: login, Login: login,