mirror of
1
Fork 0
forgejo/services/auth/source
Pavel Ezhov 98770d3db8
Fix group filter for ldap source sync (#22506)
There are 2 separate flows of creating a user: authentication and source
sync.
When a group filter is defined, source sync ignores group filter, while
authentication respects it.
With this PR I've fixed this behavior, so both flows now apply this
filter when searching users in LDAP in a unified way.

- Unified LDAP group membership lookup for authentication and source
sync flows
- Replaced custom group membership lookup (used for authentication flow)
with an existing listLdapGroupMemberships method (used for source sync
flow)
- Modified listLdapGroupMemberships and getUserAttributeListedInGroup in
a way group lookup could be called separately
- Added user filtering based on a group membership for a source sync
- Added tests to cover this logic

Co-authored-by: Pavel Ezhov <paejov@gmail.com>
Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
2023-02-02 15:45:00 +08:00
..
db Implement FSFE REUSE for golang files (#21840) 2022-11-27 18:20:29 +00:00
ldap Fix group filter for ldap source sync (#22506) 2023-02-02 15:45:00 +08:00
oauth2 Implement FSFE REUSE for golang files (#21840) 2022-11-27 18:20:29 +00:00
pam Implement FSFE REUSE for golang files (#21840) 2022-11-27 18:20:29 +00:00
smtp Improve utils of slices (#22379) 2023-01-11 13:31:16 +08:00
sspi Implement FSFE REUSE for golang files (#21840) 2022-11-27 18:20:29 +00:00