mirror/opencloud
1
0
Fork 0
mirror of https://github.com/opencloud-eu/opencloud.git synced 2026-01-06 04:09:40 -06:00
Code Issues Packages Projects Releases Wiki Activity

fix(graph): treat LDAP attribute names case-insensitive everywhere

Browse Source 
There were a couple of places where we were using the case-sensitive
GetAttributeValue method instead of the case-insensitive variant.

Fixes: #10200
This commit is contained in:
Ralf Haferkamp
2024-10-01 11:54:09 +02:00
committed by Ralf Haferkamp
parent e6902ce97e
commit ce663c3a3a
5 changed files with 13 additions and 6 deletions
Download Patch File Download Diff File Expand all files Collapse all files

7
changelog/unreleased/fix-ldap-attributename-case.md Normal file
View File

@@ -0,0 +1,7 @@
Bugfix: always treat LDAP attribute names case-insensitively
We fixes a bug where some LDAP attributes (e.g. owncloudUUID) were not
treated case-insensitively.
https://github.com/owncloud/ocis/pull/10204
https://github.com/owncloud/ocis/issues/10200

6
services/graph/pkg/identity/ldap.go
View File

@@ -291,7 +291,7 @@ func (i *LDAP) UpdateUser(ctx context.Context, nameOrID string, user libregraph.
if user.GetId() != "" {
id, err := i.ldapUUIDtoString(e, i.userAttributeMap.id, i.userIDisOctetString)
if err != nil {
i.logger.Warn().Str("dn", e.DN).Str(i.userAttributeMap.id, e.GetAttributeValue(i.userAttributeMap.id)).Msg("Invalid User. Cannot convert UUID")
i.logger.Warn().Str("dn", e.DN).Str(i.userAttributeMap.id, e.GetEqualFoldAttributeValue(i.userAttributeMap.id)).Msg("Invalid User. Cannot convert UUID")
return nil, errorcode.New(errorcode.GeneralException, "error converting uuid")
}
if id != user.GetId() {
@@ -815,7 +815,7 @@ func (i *LDAP) createUserModelFromLDAP(e *ldap.Entry) *libregraph.User {
opsan := e.GetEqualFoldAttributeValue(i.userAttributeMap.userName)
id, err := i.ldapUUIDtoString(e, i.userAttributeMap.id, i.userIDisOctetString)
if err != nil {
i.logger.Warn().Str("dn", e.DN).Str(i.userAttributeMap.id, e.GetAttributeValue(i.userAttributeMap.id)).Msg("Invalid User. Cannot convert UUID")
i.logger.Warn().Str("dn", e.DN).Str(i.userAttributeMap.id, e.GetEqualFoldAttributeValue(i.userAttributeMap.id)).Msg("Invalid User. Cannot convert UUID")
}
surname := e.GetEqualFoldAttributeValue(i.userAttributeMap.surname)
@@ -887,7 +887,7 @@ func (i *LDAP) userToLDAPAttrValues(user libregraph.User) (map[string][]string,
}
if !i.useServerUUID {
attrs["owncloudUUID"] = []string{uuid.New().String()}
attrs[i.userAttributeMap.id] = []string{uuid.New().String()}
}
if user.AccountEnabled != nil {

2
services/graph/pkg/identity/ldap_education_class.go
View File

@@ -152,7 +152,7 @@ func (i *LDAP) UpdateEducationClass(ctx context.Context, id string, class libreg
if class.GetId() != "" {
id, err := i.ldapUUIDtoString(g, i.groupAttributeMap.id, i.groupIDisOctetString)
if err != nil {
i.logger.Warn().Str("dn", g.DN).Str(i.userAttributeMap.id, g.GetAttributeValue(i.userAttributeMap.id)).Msg("Invalid class. Cannot convert UUID")
i.logger.Warn().Str("dn", g.DN).Str(i.userAttributeMap.id, g.GetEqualFoldAttributeValue(i.userAttributeMap.id)).Msg("Invalid class. Cannot convert UUID")
return nil, errorcode.New(errorcode.GeneralException, "error converting uuid")
}
if id != class.GetId() {

2
services/graph/pkg/identity/ldap_education_user.go
View File

@@ -90,7 +90,7 @@ func (i *LDAP) UpdateEducationUser(ctx context.Context, nameOrID string, user li
if user.GetId() != "" {
id, err := i.ldapUUIDtoString(e, i.userAttributeMap.id, i.userIDisOctetString)
if err != nil {
i.logger.Warn().Str("dn", e.DN).Str(i.userAttributeMap.id, e.GetAttributeValue(i.userAttributeMap.id)).Msg("Invalid User. Cannot convert UUID")
i.logger.Warn().Str("dn", e.DN).Str(i.userAttributeMap.id, e.GetEqualFoldAttributeValue(i.userAttributeMap.id)).Msg("Invalid User. Cannot convert UUID")
return nil, errorcode.New(errorcode.GeneralException, "error converting uuid")
}
if id != user.GetId() {

2
services/graph/pkg/identity/ldap_group.go
View File

@@ -556,7 +556,7 @@ func (i *LDAP) createGroupModelFromLDAP(e *ldap.Entry) *libregraph.Group {
name := e.GetEqualFoldAttributeValue(i.groupAttributeMap.name)
id, err := i.ldapUUIDtoString(e, i.groupAttributeMap.id, i.groupIDisOctetString)
if err != nil {
i.logger.Warn().Str("dn", e.DN).Str(i.groupAttributeMap.id, e.GetAttributeValue(i.groupAttributeMap.id)).Msg("Invalid User. Cannot convert UUID")
i.logger.Warn().Str("dn", e.DN).Str(i.groupAttributeMap.id, e.GetEqualFoldAttributeValue(i.groupAttributeMap.id)).Msg("Invalid User. Cannot convert UUID")
}
groupTypes := []string{}