[paste-web/oscp] Land the GNOME LDAP customizations patch
- From: Andrea Veri <averi src gnome org>
- To: commits-list gnome org
- Cc:
- Subject: [paste-web/oscp] Land the GNOME LDAP customizations patch
- Date: Tue, 23 Oct 2018 12:58:21 +0000 (UTC)
commit 257de47dc8c8f58f9973e1d6925db5354990570b
Author: Andrea Veri <averi redhat com>
Date: Tue Oct 23 14:57:55 2018 +0200
Land the GNOME LDAP customizations patch
Dockerfile | 1 +
patches/gnome_ldap_customizations.patch | 52 +++++++++++++++++++++++++++++++++
2 files changed, 53 insertions(+)
---
diff --git a/Dockerfile b/Dockerfile
index d65f70b..7f9f83f 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -32,6 +32,7 @@ RUN patch -p0 < /tmp/patches/add_microseconds_to_carbon.patch
RUN patch -p0 < /tmp/patches/uniform_variables_site.patch
RUN patch -p0 < /tmp/patches/uniform_variables_view.patch
RUN patch -p0 < /tmp/patches/update_app_config_php7.patch
+RUN patch -p0 < /tmp/patches/gnome_ldap_customizations.patch
RUN chown -R 1001:root /var/www/html && \
chmod -R 777 app/storage && \
diff --git a/patches/gnome_ldap_customizations.patch b/patches/gnome_ldap_customizations.patch
new file mode 100644
index 0000000..e452030
--- /dev/null
+++ b/patches/gnome_ldap_customizations.patch
@@ -0,0 +1,52 @@
+--- app/lib/auth/StickyNotesLDAPUserProvider.php.orig 2018-10-23 12:39:22.984832024 +0000
++++ app/lib/auth/StickyNotesLDAPUserProvider.php 2016-11-14 20:30:06.000000000 +0000
+@@ -209,7 +209,7 @@
+ }
+
+ // Look up for the user's details
+- $search = @ldap_search($ldap, $this->auth->ldapBaseDn, $key);
++ $search = @ldap_search($ldap, $this->auth->ldapBaseDn, $key, array('uid', 'cn', 'mail'));
+
+ $entry = @ldap_first_entry($ldap, $search);
+
+@@ -225,11 +225,16 @@
+ // Sticky Notes. Therefore, we set isAdmin always 1.
+ if ( ! empty($this->auth->ldapAdmin))
+ {
+- $ldapAdmin = array_map('trim', explode('=', $this->auth->ldapAdmin));
++ $ldapAdmin = array_map('trim', explode('/', $this->auth->ldapAdmin));
++ $memberSearch = ldap_search($ldap, $ldapAdmin[0], $ldapAdmin[1],
array('memberUid'));
++ echo $memberSearch;
++ $memberEntry = ldap_first_entry($ldap, $memberSearch);
+
+- $groups = @ldap_get_values($ldap, $entry, $ldapAdmin[0]);
+
+- $isAdmin = (is_array($groups) AND in_array($ldapAdmin[1], $groups)) ?
1 : 0;
++ $members = ldap_get_values($ldap, $memberEntry, 'memberUid');
++
++
++ $isAdmin = (in_array($username, $members));
+ }
+ else
+ {
+@@ -246,12 +251,18 @@
+ // Now if this is a new user, retrieveByCredentials would have
+ // returned a new model. If it is an existing user, $this->user
+ // has an instance of that user. Either way, we update the user info.
+- if (is_null($this->user->id) OR $this->user->admin != $isAdmin)
++ $email = ldap_get_values($ldap, $entry, 'mail')[0];
++ $dispname = ldap_get_values($ldap, $entry, 'cn')[0];
++ if (is_null($this->user->id) OR
++ $this->user->admin != $isAdmin OR
++ $this->user->dispname != $dispname OR
++ $this->user->email != $email)
+ {
+ $this->user->username = $credentials['username'];
+ $this->user->password = '';
+ $this->user->salt = '';
+- $this->user->email = '';
++ $this->user->dispname = $dispname;
++ $this->user->email = $email;
+ $this->user->type = 'ldap';
+ $this->user->active = 1;
+ $this->user->admin = $isAdmin;
[
Date Prev][
Date Next] [
Thread Prev][
Thread Next]
[
Thread Index]
[
Date Index]
[
Author Index]
