Skip to content

Commit

Permalink
Use user provided LDAP filter (nilsteampassnet#3040)
Browse files Browse the repository at this point in the history 
Use user provided filter if configured in the LDAP-settings page instead of the default filter.
Should fix nilsteampassnet#3040
  • Loading branch information
@terwarf
terwarf authored Apr 4, 2022
1 parent bb60482 commit f222fa0
Showing 1 changed file with 11 additions and 7 deletions.
18 changes: 11 additions & 7 deletions sources/users.queries.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -2449,13 +2449,17 @@
$teampassRoles = array();
$adUsedAttributes = array('dn', 'mail', 'givenname', 'samaccountname', 'sn', $SETTINGS['ldap_user_attribute'], 'memberof', 'name', 'displayname', 'cn', 'shadowexpire');

$users = $connection->query()->where([
['objectclass', '=', 'top'],
['objectclass', '=', 'person'],
['objectclass', '=', 'organizationalperson'],
['objectclass', '=', 'inetorgperson'],
['objectclass', '=', 'posixaccount'],
], null, null, 'or')->get();
if(isset($SETTINGS['ldap_user_object_filter']) && !empty($SETTINGS['ldap_user_object_filter'])) {
$users = $connection->query()->rawFilter($SETTINGS['ldap_user_object_filter'])->get();
} else {
$users = $connection->query()->where([
['objectclass', '=', 'top'],
['objectclass', '=', 'person'],
['objectclass', '=', 'organizationalperson'],
['objectclass', '=', 'inetorgperson'],
['objectclass', '=', 'posixaccount'],
], null, null, 'or')->get();
}

foreach($users as $i => $adUser) {
if (isset($adUser[$SETTINGS['ldap_user_attribute']]) === false) continue;
Expand Down

0 comments on commit f222fa0

Please sign in to comment.