Commit 422d6da5 authored by Francesc Guasch's avatar Francesc Guasch
Browse files

fix(frontend): LDAP access settings

Check for usernames with spaces are scaped now

issue #1277
parent ab68ce43
......@@ -198,6 +198,7 @@ sub search_user {
confess "ERROR: I can't connect to LDAP " if!$ldap;
$username = escape_filter_value($username);
$username =~ s/ /\\ /g;
my $filter = "($field=$username)";
if ( exists $$CONFIG->{ldap}->{filter} ) {
......@@ -237,12 +238,7 @@ sub search_user {
return if !$mesg->count();
my @entries;
for my $entry ($mesg->entries) {
push @entries,($entry) if $entry->get_value($field) eq $username;
}
return @entries;
return $mesg->entries;
}
=head2 add_group
......
......@@ -523,7 +523,15 @@
});
};
$scope.delete_ldap_access= function(id_access) {
$scope.add_ldap_access = function() {
$http.get('/add_ldap_access/'+$scope.showmachine.id+'/'+$scope.ldap_attribute+'/'
+$scope.ldap_attribute_value+"/"+$scope.ldap_attribute_allowed
+'/'+$scope.ldap_attribute_last)
.then(function(response) {
$scope.init_ldap_access();
});
};
$scope.delete_ldap_access= function(id_access) {
$http.get('/delete_ldap_access/'+$scope.showmachine.id+'/'+id_access)
.then(function(response) {
$scope.init_ldap_access();
......
......@@ -936,6 +936,33 @@ post '/machine/add_access/(#id_domain)' => sub {
};
get '/add_ldap_access/(#id_domain)/(#attribute)/(#value)/(#allowed)/(#last)' => sub {
my $c = shift;
return _access_denied($c) if !$USER->is_admin;
my $domain_id = $c->stash('id_domain');
my $domain = Ravada::Front::Domain->open($domain_id);
my $attribute = $c->stash('attribute');
my $value = $c->stash('value');
my $allowed = 1;
if ($c->stash('allowed') eq 'false') {
$allowed = 0;
}
my $last = 1;
if ($c->stash('last') eq 'false') {
$last = 0;
}
$last = 1 if !$allowed;
eval { $domain->allow_ldap_access($attribute => $value, $allowed, $last ) };
_fix_default_ldap_access($c,'ldap', $domain, $allowed) if !$@;
return $c->render(json => { error => $@ }) if $@;
return $c->render(json => { ok => 1 });
};
sub _fix_default_ldap_access($c, $type, $domain, $allowed) {
my @list = $domain->list_ldap_access();
my $default_found;
......
......@@ -292,6 +292,20 @@ sub test_access_by_attribute($vm, $do_clones=0) {
my $data = _create_users();
my @entries = Ravada::Auth::LDAP::search_user(
field => 'givenName'
,name => $data->{student}->{name}
,typesonly => 1
);
is(scalar(@entries),1) or exit;
@entries = Ravada::Auth::LDAP::search_user(
field => 'givenName'
,name => " ".$data->{student}->{name}
,typesonly => 1
);
is(scalar(@entries),0) or exit;
my $base = create_domain($vm->type);
$base->prepare_base(user_admin);
$base->is_public(1);
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment