1
0
Fork 0
forgejo/services/auth
Pavel Ezhov 98770d3db8
Fix group filter for ldap source sync (#22506)
There are 2 separate flows of creating a user: authentication and source
sync.
When a group filter is defined, source sync ignores group filter, while
authentication respects it.
With this PR I've fixed this behavior, so both flows now apply this
filter when searching users in LDAP in a unified way.

- Unified LDAP group membership lookup for authentication and source
sync flows
- Replaced custom group membership lookup (used for authentication flow)
with an existing listLdapGroupMemberships method (used for source sync
flow)
- Modified listLdapGroupMemberships and getUserAttributeListedInGroup in
a way group lookup could be called separately
- Added user filtering based on a group membership for a source sync
- Added tests to cover this logic

Co-authored-by: Pavel Ezhov <paejov@gmail.com>
Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
2023-02-02 15:45:00 +08:00
..
source Fix group filter for ldap source sync (#22506) 2023-02-02 15:45:00 +08:00
auth.go Implement FSFE REUSE for golang files (#21840) 2022-11-27 18:20:29 +00:00
auth_test.go Implement FSFE REUSE for golang files (#21840) 2022-11-27 18:20:29 +00:00
basic.go Implement actions (#21937) 2023-01-31 09:45:19 +08:00
group.go refactor auth interface to return error when verify failure (#22119) 2022-12-28 13:53:28 +08:00
httpsign.go refactor auth interface to return error when verify failure (#22119) 2022-12-28 13:53:28 +08:00
interface.go refactor auth interface to return error when verify failure (#22119) 2022-12-28 13:53:28 +08:00
oauth2.go Implement actions (#21937) 2023-01-31 09:45:19 +08:00
reverseproxy.go refactor auth interface to return error when verify failure (#22119) 2022-12-28 13:53:28 +08:00
session.go refactor auth interface to return error when verify failure (#22119) 2022-12-28 13:53:28 +08:00
signin.go Implement FSFE REUSE for golang files (#21840) 2022-11-27 18:20:29 +00:00
source.go Implement FSFE REUSE for golang files (#21840) 2022-11-27 18:20:29 +00:00
sspi_windows.go refactor auth interface to return error when verify failure (#22119) 2022-12-28 13:53:28 +08:00
sync.go Implement FSFE REUSE for golang files (#21840) 2022-11-27 18:20:29 +00:00