Commit c1d8b977 authored by Francesc Guasch's avatar Francesc Guasch
Browse files

fix(auth): allow if one of the multiple values matches

issue #1625
parent bde9cdec
......@@ -385,7 +385,7 @@ sub _load_allowed {
if !exists $self->{_allowed}->{$id_domain};
last;
} elsif ( $ldap_entry && defined $ldap_entry->get_value($attribute)
&& $ldap_entry->get_value($attribute) eq $value ) {
&& grep { $value eq $_ } $ldap_entry->get_value($attribute) ) {
$self->{_allowed}->{$id_domain} = $allowed;
......
......@@ -4814,6 +4814,7 @@ Example:
=cut
sub allow_ldap_access($self, $attribute, $value, $allowed=1, $last=0 ) {
confess "Error: undefined value" unless defined $value;
my $sth = $$CONNECTOR->dbh->prepare(
"SELECT max(n_order) FROM access_ldap_attribute "
." WHERE id_domain=?"
......@@ -5062,11 +5063,15 @@ Argument: id of the access from the table access_ldap_attribute
=cut
#TODO: check something has been deleted
sub delete_ldap_access($self, $id_access) {
sub delete_ldap_access($self, @id_access) {
for my $id_access (@id_access) {
my $sth = $$CONNECTOR->dbh->prepare(
"DELETE FROM access_ldap_attribute "
."WHERE id_domain=? AND id=? ");
$sth->execute($self->id, $id_access);
}
}
=head2 list_ldap_access
......@@ -5105,6 +5110,7 @@ Example:
=cut
sub deny_ldap_access($self, $attribute, $value) {
confess "Error: undefined value" unless defined $value;
$self->allow_ldap_access($attribute, $value, 0);
}
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment