Escape wildcards when searching LDAP by username.
This commit is contained in:
parent
e916f1c295
commit
757dca2b78
|
@ -20,6 +20,7 @@ v 7.9.0 (unreleased)
|
|||
- Add brakeman (security scanner for Ruby on Rails)
|
||||
- Slack username and channel options
|
||||
- Add grouped milestones from all projects to dashboard.
|
||||
- Escape wildcards when searching LDAP by username.
|
||||
|
||||
v 7.8.1
|
||||
- Fix run of custom post receive hooks
|
||||
|
|
|
@ -50,7 +50,7 @@ module Gitlab
|
|||
end
|
||||
|
||||
def user_filter(login)
|
||||
filter = Net::LDAP::Filter.eq(config.uid, login)
|
||||
filter = Net::LDAP::Filter.equals(config.uid, login)
|
||||
|
||||
# Apply LDAP user filter if present
|
||||
if config.user_filter.present?
|
||||
|
|
|
@ -9,10 +9,12 @@ module Gitlab
|
|||
attr_accessor :entry, :provider
|
||||
|
||||
def self.find_by_uid(uid, adapter)
|
||||
uid = Net::LDAP::Filter.escape(uid)
|
||||
adapter.user(adapter.config.uid, uid)
|
||||
end
|
||||
|
||||
def self.find_by_dn(dn, adapter)
|
||||
dn = Net::LDAP::Filter.escape(dn)
|
||||
adapter.user('dn', dn)
|
||||
end
|
||||
|
||||
|
|
Loading…
Reference in New Issue