Mirrors/gitea
0
0
Fork 0
mirror of https://github.com/go-gitea/gitea.git synced 2026-06-20 15:10:59 +02:00
Code Issues Activity

fix(ldap): use base scope for user attribute lookups

Browse Source
This commit is contained in:
puni9869 2026-06-08 11:41:30 +05:30
parent 74591d4169
commit 87aa5bce9b
1 changed files with 5 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
services/auth/source/ldap/source_search.go
View File

@ -348,8 +348,10 @@ func realSearchEntry(source *Source, name, passwd string, directBind bool) *Sear
}
log.Trace("Fetching attributes '%v', '%v', '%v', '%v', '%v', '%v', '%v' with filter '%s' and base '%s'", source.AttributeUsername, source.AttributeName, source.AttributeSurname, source.AttributeMail, source.AttributeSSHPublicKey, source.AttributeAvatar, source.UserUID, userFilter, userDN)
// FIX: ScopeBaseObject targets the exact single record for attribute extraction
search := ldap.NewSearchRequest(
userDN, ldap.ScopeWholeSubtree, ldap.NeverDerefAliases, 0, 0, false, userFilter,
userDN, ldap.ScopeBaseObject, ldap.NeverDerefAliases, 0, 0, false, userFilter,
attribs, nil)
sr, err := l.Search(search)
@ -462,6 +464,8 @@ func (source *Source) SearchEntries() ([]*SearchResult, error) {
}
log.Trace("Fetching attributes '%v', '%v', '%v', '%v', '%v', '%v' with filter %s and base %s", source.AttributeUsername, source.AttributeName, source.AttributeSurname, source.AttributeMail, source.AttributeSSHPublicKey, source.AttributeAvatar, userFilter, source.UserBase)
// FIX: Restored ScopeWholeSubtree here since source.UserBase is a container, not a leaf.
search := ldap.NewSearchRequest(
source.UserBase, ldap.ScopeWholeSubtree, ldap.NeverDerefAliases, 0, 0, false, userFilter,
attribs, nil)