if define, check the userfilter if the user is still allowed
This commit is contained in:
parent
cd5342d0ff
commit
3c53a0da27
|
@ -175,7 +175,7 @@ class Access extends LDAPUtility implements user\IUserTools {
|
|||
//in case an error occurs , e.g. object does not exist
|
||||
return false;
|
||||
}
|
||||
if (empty($attr)) {
|
||||
if (empty($attr) && ($filter === 'objectclass=*' || $this->ldap->countEntries($cr, $rr) === 1)) {
|
||||
\OCP\Util::writeLog('user_ldap', 'readAttribute: '.$dn.' found', \OCP\Util::DEBUG);
|
||||
return array();
|
||||
}
|
||||
|
|
|
@ -176,8 +176,12 @@ class USER_LDAP extends BackendUtility implements \OCP\IUserBackend, \OCP\UserIn
|
|||
}
|
||||
|
||||
$dn = $user->getDN();
|
||||
$userFilter = 'objectclass=*';
|
||||
if ($this->access->connection->ldapUserFilter !== '') {
|
||||
$userFilter = $this->access->connection->ldapUserFilter;
|
||||
}
|
||||
//check if user really still exists by reading its entry
|
||||
if(!is_array($this->access->readAttribute($dn, ''))) {
|
||||
if(!is_array($this->access->readAttribute($dn, '', $userFilter))) {
|
||||
$lcr = $this->access->connection->getConnectionResource();
|
||||
if(is_null($lcr)) {
|
||||
throw new \Exception('No LDAP Connection to server ' . $this->access->connection->ldapHost);
|
||||
|
|
Loading…
Reference in New Issue