Commit ecceb66d authored by ale's avatar ale
Browse files

Use ldaputil.ParseScope

parent a439f055
...@@ -20,7 +20,8 @@ type LDAPServiceConfig struct { ...@@ -20,7 +20,8 @@ type LDAPServiceConfig struct {
// replaced with the username before performing a query. // replaced with the username before performing a query.
SearchBase string `yaml:"search_base"` SearchBase string `yaml:"search_base"`
SearchFilter string `yaml:"search_filter"` SearchFilter string `yaml:"search_filter"`
Scope string `yaml:"scope"` ScopeStr string `yaml:"scope"`
scope int
// Attrs tells us which LDAP attributes to query to find user // Attrs tells us which LDAP attributes to query to find user
// attributes. It is encoded as a {user_attribute: // attributes. It is encoded as a {user_attribute:
...@@ -38,8 +39,13 @@ func (c *LDAPServiceConfig) Valid() error { ...@@ -38,8 +39,13 @@ func (c *LDAPServiceConfig) Valid() error {
if c.SearchFilter == "" { if c.SearchFilter == "" {
return errors.New("empty search_filter") return errors.New("empty search_filter")
} }
if c.Scope != "base" && c.Scope != "one" && c.Scope != "sub" { c.scope = ldap.ScopeWholeSubtree
return errors.New("unknown scope") if c.ScopeStr != "" {
s, err := ldaputil.ParseScope(c.ScopeStr)
if err != nil {
return err
}
c.scope = s
} }
return nil return nil
} }
...@@ -70,18 +76,9 @@ func (c *LDAPServiceConfig) compile() error { ...@@ -70,18 +76,9 @@ func (c *LDAPServiceConfig) compile() error {
func (c *LDAPServiceConfig) searchRequest(username string) *ldap.SearchRequest { func (c *LDAPServiceConfig) searchRequest(username string) *ldap.SearchRequest {
filter := strings.Replace(c.SearchFilter, "%s", ldap.EscapeFilter(username), -1) filter := strings.Replace(c.SearchFilter, "%s", ldap.EscapeFilter(username), -1)
var scope int
switch c.Scope {
case "base":
scope = ldap.ScopeBaseObject
case "one":
scope = ldap.ScopeSingleLevel
case "sub":
scope = ldap.ScopeWholeSubtree
}
return ldap.NewSearchRequest( return ldap.NewSearchRequest(
c.SearchBase, c.SearchBase,
scope, c.scope,
ldap.NeverDerefAliases, ldap.NeverDerefAliases,
0, 0,
0, 0,
......
package ldaputil
import (
"fmt"
"gopkg.in/ldap.v2"
)
func ParseScope(s string) (int, error) {
switch s {
case "base":
return ldap.ScopeBaseObject, nil
case "one":
return ldap.ScopeSingleLevel, nil
case "sub":
return ldap.ScopeWholeSubtree, nil
default:
return 0, fmt.Errorf("unknown LDAP scope '%s'", s)
}
}
...@@ -15,10 +15,10 @@ ...@@ -15,10 +15,10 @@
"revisionTime": "2018-01-11T08:21:54Z" "revisionTime": "2018-01-11T08:21:54Z"
}, },
{ {
"checksumSHA1": "jnfq/QeWcZCebhGuJ+t8nrd8POY=", "checksumSHA1": "iHObDrZa0HlyzdelqAaGfKNzpiM=",
"path": "git.autistici.org/ai3/go-common/ldap", "path": "git.autistici.org/ai3/go-common/ldap",
"revision": "3e38f41af368c36cd5d6642abcf1460cf4c65e78", "revision": "a65293114a1adbb45d047a8f9014a307ec0d9051",
"revisionTime": "2018-01-11T08:21:54Z" "revisionTime": "2018-01-12T09:10:27Z"
}, },
{ {
"checksumSHA1": "z1034Bd8fOSLvtOP3VLf65YOQyA=", "checksumSHA1": "z1034Bd8fOSLvtOP3VLf65YOQyA=",
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment