Escape wildcards when searching LDAP by username.
This commit is contained in:
parent
e916f1c295
commit
757dca2b78
3 changed files with 4 additions and 1 deletions
|
@ -20,6 +20,7 @@ v 7.9.0 (unreleased)
|
||||||
- Add brakeman (security scanner for Ruby on Rails)
|
- Add brakeman (security scanner for Ruby on Rails)
|
||||||
- Slack username and channel options
|
- Slack username and channel options
|
||||||
- Add grouped milestones from all projects to dashboard.
|
- Add grouped milestones from all projects to dashboard.
|
||||||
|
- Escape wildcards when searching LDAP by username.
|
||||||
|
|
||||||
v 7.8.1
|
v 7.8.1
|
||||||
- Fix run of custom post receive hooks
|
- Fix run of custom post receive hooks
|
||||||
|
|
|
@ -50,7 +50,7 @@ module Gitlab
|
||||||
end
|
end
|
||||||
|
|
||||||
def user_filter(login)
|
def user_filter(login)
|
||||||
filter = Net::LDAP::Filter.eq(config.uid, login)
|
filter = Net::LDAP::Filter.equals(config.uid, login)
|
||||||
|
|
||||||
# Apply LDAP user filter if present
|
# Apply LDAP user filter if present
|
||||||
if config.user_filter.present?
|
if config.user_filter.present?
|
||||||
|
|
|
@ -9,10 +9,12 @@ module Gitlab
|
||||||
attr_accessor :entry, :provider
|
attr_accessor :entry, :provider
|
||||||
|
|
||||||
def self.find_by_uid(uid, adapter)
|
def self.find_by_uid(uid, adapter)
|
||||||
|
uid = Net::LDAP::Filter.escape(uid)
|
||||||
adapter.user(adapter.config.uid, uid)
|
adapter.user(adapter.config.uid, uid)
|
||||||
end
|
end
|
||||||
|
|
||||||
def self.find_by_dn(dn, adapter)
|
def self.find_by_dn(dn, adapter)
|
||||||
|
dn = Net::LDAP::Filter.escape(dn)
|
||||||
adapter.user('dn', dn)
|
adapter.user('dn', dn)
|
||||||
end
|
end
|
||||||
|
|
||||||
|
|
Loading…
Reference in a new issue